ttcn3-pgw-test: update config files (recent master)fixeria/testing

Change-Id: I1e9b742e61f81344502df7686461cc3dcc7aa45e
author: Vadim Yanitskiy <vyanitskiy@sysmocom.de> 2023-02-20 20:44:59 +0700
committer: Vadim Yanitskiy <vyanitskiy@sysmocom.de> 2023-02-20 21:37:06 +0700
commit: 9779c4263dc7ab0038a8c86330673695c3791e83 (patch)
tree: 0bdee61bc0c4fb24dfaac62c5029b73881b80bc1
parent: 4c120dd0e0a39f367964a5c8e5a72077c9b75f33 (diff)
3 files changed, 451 insertions, 96 deletions
diff --git a/ttcn3-pgw-test/open5gs-nrf.yaml b/ttcn3-pgw-test/open5gs-nrf.yaml
index 1055d51..a7b615f 100644
--- a/ttcn3-pgw-test/open5gs-nrf.yaml
+++ b/ttcn3-pgw-test/open5gs-nrf.yaml
@@ -6,32 +6,90 @@ db_uri: mongodb://localhost/open5gs
 #  o Set OGS_LOG_INFO to all domain level
 #   - If `level` is omitted, the default level is OGS_LOG_INFO)
 #   - If `domain` is omitted, the all domain level is set from 'level'
-#    (Nothing is needed)
+#    (Default values are used, so no configuration is required)
 #
 #  o Set OGS_LOG_ERROR to all domain level
 #   - `level` can be set with none, fatal, error, warn, info, debug, trace
+#  logger:
 #    level: error
 #
 #  o Set OGS_LOG_DEBUG to mme/emm domain level
+#  logger:
 #    level: debug
 #    domain: mme,emm
 #
 #  o Set OGS_LOG_TRACE to all domain level
+#  logger:
 #    level: trace
-#    domain: core,sbi,nrf,event,mem,sock
+#    domain: core,sbi,ausf,event,tlv,mem,sock
 #
 logger:
     level: info
 
 #
-# nrf:
+#  o TLS enable/disable
+#  sbi:
+#    server|client:
+#      no_tls: false|true
+#    - false: (Default) Use TLS
+#    - true:  TLS disabled
+#
+#  o Verification enable/disable
+#  sbi:
+#    server|client:
+#      no_verify: false|true
+#    - false: (Default) Verify the PEER
+#    - true:  Skip the verification step
+#
+#  o Server-side does not use TLS
+#  sbi:
+#    server:
+#      no_tls: true
+#
+#  o Client-side skips the verification step
+#  sbi:
+#    client:
+#      no_verify: true
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#
+#  o Use the specified certificate while verifying the client
+#  sbi:
+#    server
+#      cacert: /etc/open5gs/tls/ca.crt
+#
+#  o Use the specified certificate while verifying the server
+#  sbi:
+#    client
+#      cacert: /etc/open5gs/tls/ca.crt
+#
+sbi:
+    server:
+      no_tls: true
+      cacert: /etc/open5gs/tls/ca.crt
+      key: /etc/open5gs/tls/nrf.key
+      cert: /etc/open5gs/tls/nrf.crt
+    client:
+      no_tls: true
+      cacert: /etc/open5gs/tls/ca.crt
+      key: /etc/open5gs/tls/nrf.key
+      cert: /etc/open5gs/tls/nrf.crt
+
 #
 #  <SBI Server>
 #
 #  o SBI Server(http://<all address available>:80)
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
 #    sbi:
 #
 #  o SBI Server(http://<any address>:7777)
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
 #    sbi:
 #      - addr:
 #          - 0.0.0.0
@@ -39,36 +97,81 @@ logger:
 #        port: 7777
 #
 #  o SBI Server(https://<all address available>:443)
+#  sbi:
+#    server:
+#      key: /etc/open5gs/tls/nrf.key
+#      cert: /etc/open5gs/tls/nrf.crt
+#  nrf:
 #    sbi:
-#        tls:
-#          key: nrf.key
-#          pem: nrf.pem
 #
-#  o SBI Server(https://127.0.0.10:443, http://[::1]:80)
+#  o SBI Server(https://127.0.0.10:443, https://[::1]:443) without verification
+#  sbi:
+#    server:
+#      no_verify: true
+#      key: /etc/open5gs/tls/nrf.key
+#      cert: /etc/open5gs/tls/nrf.crt
+#  nrf:
 #    sbi:
 #      - addr: 127.0.0.10
-#        tls:
-#          key: nrf.key
-#          pem: nrf.pem
 #      - addr: ::1
 #
-#  o SBI Server(http://nrf.open5gs.org:80)
+#  o SBI Server(https://nrf.open5gs.org:443)
+#    Use the specified certificate while verifying the client
+#
+#  sbi:
+#    server:
+#      cacert: /etc/open5gs/tls/ca.crt
+#      key: /etc/open5gs/tls/nrf.key
+#      cert: /etc/open5gs/tls/nrf.crt
+#  nrf:
 #    sbi:
-#      name: nrf.open5gs.org
+#      - name: nrf.open5gs.org
 #
 #  o SBI Server(http://127.0.0.10:7777)
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
 #    sbi:
 #      - addr: 127.0.0.10
 #        port: 7777
 #
 #  o SBI Server(http://<eth0 IP address>:80)
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
 #    sbi:
-#      dev: eth0
+#      - dev: eth0
+#
+#  o Provide custom SBI address to be advertised to NRF
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
+#    sbi:
+#      - dev: eth0
+#        advertise: open5gs-nrf.svc.local
+#
+#  o Another example of advertising on NRF
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
+#    sbi:
+#      - addr: localhost
+#        advertise:
+#          - 127.0.0.99
+#          - ::1
 #
 #  o SBI Option (Default)
 #    - tcp_nodelay : true
 #    - so_linger.l_onoff : false
 #
+#  sbi:
+#    server:
+#      no_tls: true
+#  nrf:
 #    sbi:
 #      addr: 127.0.0.10
 #      option:
@@ -80,9 +183,11 @@ logger:
 #  <NF Service>
 #
 #  o NF Service Name(Default : all NF services available)
+#  nrf:
 #    service_name:
 #
 #  o NF Service Name(Only some NF services are available)
+#  nrf:
 #    service_name:
 #      - nnrf-nfm
 #      - nnrf-disc
@@ -94,26 +199,47 @@ nrf:
       port: 7777
 
 #
-# scp:
-#
 #  <SBI Client>>
 #
 #  o SBI Client(http://127.0.1.10:7777)
+#  sbi:
+#    client:
+#      no_tls: true
+#  scp:
 #    sbi:
 #      addr: 127.0.1.10
 #      port: 7777
 #
-#  o SBI Client(https://127.0.1.10:443, http://scp.open5gs.org:80)
+#  o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
+#  sbi:
+#    client:
+#      no_verify: true
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#  scp:
 #    sbi:
 #      - addr: 127.0.1.10
-#        tls:
-#          key: scp.key
-#          pem: scp.pem
+#      - addr: ::1
+#
+#  o SBI Client(https://scp.open5gs.org:443)
+#    Use the specified certificate while verifying the server
+#
+#  sbi:
+#    client:
+#      cacert: /etc/open5gs/tls/ca.crt
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#  scp:
+#    sbi:
 #      - name: scp.open5gs.org
 #
 #  o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
 #    If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
 #
+#  sbi:
+#    client:
+#      no_tls: true
+#  scp:
 #    sbi:
 #      addr:
 #        - 127.0.1.10
@@ -123,6 +249,10 @@ nrf:
 #    - tcp_nodelay : true
 #    - so_linger.l_onoff : false
 #
+#  sbi:
+#    client:
+#      no_tls: true
+#  scp:
 #    sbi:
 #      addr: 127.0.1.10
 #      option:
@@ -137,62 +267,74 @@ scp:
       - addr: 127.0.1.10
         port: 7777
 
-#
-# parameter:
+
 #
 #  o Disable use of IPv4 addresses (only IPv6)
-#      no_ipv4: true
+#  parameter:
+#    no_ipv4: true
 #
 #  o Disable use of IPv6 addresses (only IPv4)
-#      no_ipv6: true
+#  parameter:
+#    no_ipv6: true
 #
 #  o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
-#      prefer_ipv4: true
+#  parameter:
+#    prefer_ipv4: true
 #
 parameter:
 
 #
-# max:
-#
-# o Maximum Number of UE
+#  o Maximum Number of UE
+#  max:
 #    ue: 1024
-# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
+#
+#  o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
+#  max:
 #    peer: 64
 #
 max:
 
 #
-# time:
 #
 #  o NF Instance Heartbeat (Default : 10 seconds)
+#    (Default values are used, so no configuration is required)
 #
 #  o NF Instance Heartbeat (Disabled)
+#  time:
 #    nf_instance:
 #      heartbeat: 0
 #
 #  o NF Instance Heartbeat (5 seconds)
+#  time:
 #    nf_instance:
 #      heartbeat: 5
 #
 #  o NF Instance Validity (Default : 3600 seconds = 1 hour)
+#    (Default values are used, so no configuration is required)
 #
 #  o NF Instance Validity (10 seconds)
+#  time:
 #    nf_instance:
 #      validity: 10
 #
 #  o Subscription Validity (Default : 86400 seconds = 1 day)
+#    (Default values are used, so no configuration is required)
 #
 #  o Subscription Validity (Disabled)
+#  time:
 #    subscription:
 #      validity: 0
 #
 #  o Subscription Validity (3600 seconds = 1 hour)
+#  time:
 #    subscription:
 #      validity: 3600
 #
 #  o Message Wait Duration (Default : 10,000 ms = 10 seconds)
+#    (Default values are used, so no configuration is required)
 #
 #  o Message Wait Duration (3000 ms)
+#  time:
 #    message:
 #        duration: 3000
 time:
diff --git a/ttcn3-pgw-test/open5gs-smf.yaml b/ttcn3-pgw-test/open5gs-smf.yaml
index 2a87b81..e36a0b2 100644
--- a/ttcn3-pgw-test/open5gs-smf.yaml
+++ b/ttcn3-pgw-test/open5gs-smf.yaml
@@ -1,34 +1,90 @@
 #
-# logger:
-#
 #  o Set OGS_LOG_INFO to all domain level
 #   - If `level` is omitted, the default level is OGS_LOG_INFO)
 #   - If `domain` is omitted, the all domain level is set from 'level'
-#    (Nothing is needed)
+#    (Default values are used, so no configuration is required)
 #
 #  o Set OGS_LOG_ERROR to all domain level
 #   - `level` can be set with none, fatal, error, warn, info, debug, trace
+#  logger:
 #    level: error
 #
 #  o Set OGS_LOG_DEBUG to mme/emm domain level
+#  logger:
 #    level: debug
 #    domain: mme,emm
 #
 #  o Set OGS_LOG_TRACE to all domain level
+#  logger:
 #    level: trace
-#    domain: core,fd,pfcp,gtp,smf,event,tlv,mem,sock
+#    domain: core,sbi,ausf,event,tlv,mem,sock
 #
 logger:
     level: info
 #
-# smf:
+#  o TLS enable/disable
+#  sbi:
+#    server|client:
+#      no_tls: false|true
+#    - false: (Default) Use TLS
+#    - true:  TLS disabled
+#
+#  o Verification enable/disable
+#  sbi:
+#    server|client:
+#      no_verify: false|true
+#    - false: (Default) Verify the PEER
+#    - true:  Skip the verification step
+#
+#  o Server-side does not use TLS
+#  sbi:
+#    server:
+#      no_tls: true
+#
+#  o Client-side skips the verification step
+#  sbi:
+#    client:
+#      no_verify: true
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#
+#  o Use the specified certificate while verifying the client
+#  sbi:
+#    server
+#      cacert: /etc/open5gs/tls/ca.crt
+#
+#  o Use the specified certificate while verifying the server
+#  sbi:
+#    client
+#      cacert: /etc/open5gs/tls/ca.crt
+#
+sbi:
+    server:
+      no_tls: true
+      cacert: /etc/open5gs/tls/ca.crt
+      key: /etc/open5gs/tls/smf.key
+      cert: /etc/open5gs/tls/smf.crt
+    client:
+      no_tls: true
+      cacert: /etc/open5gs/tls/ca.crt
+      key: /etc/open5gs/tls/smf.key
+      cert: /etc/open5gs/tls/smf.crt
+
 #
 #  <SBI Server>
 #
 #  o SBI Server(http://<all address available>:80)
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #
-#  o SBI Server(http://<any address>:80)
+#  o SBI Server(http://<any address>:7777)
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr:
 #          - 0.0.0.0
@@ -36,37 +92,67 @@ logger:
 #        port: 7777
 #
 #  o SBI Server(https://<all address available>:443)
+#  sbi:
+#    server:
+#      key: /etc/open5gs/tls/smf.key
+#      cert: /etc/open5gs/tls/smf.crt
+#  smf:
 #    sbi:
-#      - tls:
-#          key: smf.key
-#          pem: smf.pem
 #
-#  o SBI Server(https://127.0.0.4:443, http://[::1]:80)
+#  o SBI Server(https://127.0.0.4:443, https://[::1]:443) without verification
+#  sbi:
+#    server:
+#      no_verify: true
+#      key: /etc/open5gs/tls/smf.key
+#      cert: /etc/open5gs/tls/smf.crt
+#  smf:
 #    sbi:
 #      - addr: 127.0.0.4
-#        tls:
-#          key: smf.key
-#          pem: smf.pem
 #      - addr: ::1
 #
-#  o SBI Server(http://smf.open5gs.org:80)
+#  o SBI Server(https://smf.open5gs.org:443)
+#    Use the specified certificate while verifying the client
+#
+#  sbi:
+#    server:
+#      cacert: /etc/open5gs/tls/ca.crt
+#      key: /etc/open5gs/tls/smf.key
+#      cert: /etc/open5gs/tls/smf.crt
+#  smf:
 #    sbi:
 #      - name: smf.open5gs.org
 #
 #  o SBI Server(http://127.0.0.4:7777)
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr: 127.0.0.4
 #        port: 7777
 #
 #  o SBI Server(http://<eth0 IP address>:80)
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - dev: eth0
 #
 #  o Provide custom SBI address to be advertised to NRF
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - dev: eth0
 #        advertise: open5gs-smf.svc.local
 #
+#  o Another example of advertising on NRF
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr: localhost
 #        advertise:
@@ -77,6 +163,10 @@ logger:
 #    - tcp_nodelay : true
 #    - so_linger.l_onoff : false
 #
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      addr: 127.0.0.4
 #      option:
@@ -85,12 +175,15 @@ logger:
 #          l_onoff: true
 #          l_linger: 10
 #
+#
 #  <NF Service>
 #
 #  o NF Service Name(Default : all NF services available)
+#  smf:
 #    service_name:
 #
 #  o NF Service Name(Only some NF services are available)
+#  smf:
 #    service_name:
 #      - nsmf-pdusession
 #
@@ -98,12 +191,21 @@ logger:
 #
 #  o (Default) If you do not set Query Parameter as shown below,
 #
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr: 127.0.0.4
 #        port: 7777
 #
 #    - 'service-names' is included.
 #
+#  o Service-Names are not included
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr: 127.0.0.4
 #        port: 7777
@@ -122,6 +224,10 @@ logger:
 #
 #  o (Default) If you do not set Delegated Discovery as shown below,
 #
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr: 127.0.0.4
 #        port: 7777
@@ -129,6 +235,10 @@ logger:
 #    - Use SCP if SCP avaiable. Otherwise NRF is used.
 #      => App fails if both NRF and SCP are unavailable.
 #
+#  sbi:
+#    server:
+#      no_tls: true
+#  smf:
 #    sbi:
 #      - addr: 127.0.0.4
 #        port: 7777
@@ -141,21 +251,23 @@ logger:
 #  o Don't use SCP server => App fails if no NRF available.
 #      delegated: no
 #
-#
 #  <PFCP Server>
 #
 #  o PFCP Server(127.0.0.4:8805, ::1:8805)
+#  smf:
 #    pfcp:
 #      - addr: 127.0.0.4
 #      - addr: ::1
 #
 #  o PFCP-U Server(127.0.0.1:2152, [::1]:2152)
+#  smf:
 #    pfcp:
 #      name: localhost
 #
 #  o PFCP Option (Default)
 #    - so_bindtodevice : NULL
 #
+#  smf:
 #    pfcp:
 #      addr: 127.0.0.4
 #      option:
@@ -164,6 +276,7 @@ logger:
 #  <GTP-C Server>
 #
 #  o GTP-C Server(127.0.0.4:2123, [fd69:f21d:873c:fa::3]:2123)
+#  smf:
 #    gtpc:
 #      addr:
 #        - 127.0.0.4
@@ -171,6 +284,7 @@ logger:
 #
 #  o On SMF, Same configuration
 #    (127.0.0.4:2123, [fd69:f21d:873c:fa::3]:2123).
+#  smf:
 #    gtpc:
 #      - addr: 127.0.0.4
 #      - addr: fd69:f21d:873c:fa::3
@@ -178,6 +292,7 @@ logger:
 #  o GTP-C Option (Default)
 #    - so_bindtodevice : NULL
 #
+#  smf:
 #    gtpc:
 #      addr: 127.0.0.4
 #      option:
@@ -186,17 +301,20 @@ logger:
 #  <GTP-U Server>>
 #
 #  o GTP-U Server(127.0.0.4:2152, [::1]:2152)
+#  smf:
 #    gtpu:
 #      - addr: 127.0.0.4
 #      - addr: ::1
 #
 #  o GTP-U Server(127.0.0.1:2152, [::1]:2152)
+#  smf:
 #    gtpu:
 #      name: localhost
 #
 #  o GTP-U Option (Default)
 #    - so_bindtodevice : NULL
 #
+#  smf:
 #    gtpu:
 #      addr: 127.0.0.4
 #      option:
@@ -205,17 +323,20 @@ logger:
 #  <Metrics Server>
 #
 #  o Metrics Server(http://<any address>:9090)
+#  smf:
 #    metrics:
-#      addr: 0.0.0.0
-#      port: 9090
+#      - addr: 0.0.0.0
+#        port: 9090
 #
 #  <Subnet for UE Pool>
 #
 #  o IPv4 Pool
+#  smf:
 #    subnet:
 #      addr: 10.45.0.1/16
 #
 #  o IPv4/IPv6 Pool
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #      - addr: 2001:db8:cafe::1/48
@@ -224,6 +345,7 @@ logger:
 #  o Specific DNN/APN(e.g 'ims') uses 10.46.0.1/16, 2001:db8:babe::1/48
 #    ; If the UE has unknown DNN/APN(not internet/ims), SMF/UPF will crash.
 #
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #        dnn: internet
@@ -237,6 +359,7 @@ logger:
 #  o Specific DNN/APN with the FALLBACK SUBNET(10.47.0.1/16)
 #    ; Note that put the FALLBACK SUBNET last to avoid SMF/UPF crash.
 #
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #        dnn: internet
@@ -245,22 +368,26 @@ logger:
 #      - addr: 10.50.0.1/16 ## FALLBACK SUBNET
 #
 #  o Pool Range Sample
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/24
 #        range: 10.45.0.100-10.45.0.200
 #
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/24
 #        range:
 #          - 10.45.0.5-10.45.0.50
 #          - 10.45.0.100-
 #
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/24
 #        range:
 #          - -10.45.0.200
 #          - 10.45.0.210-10.45.0.220
 #
+#  smf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #        range:
@@ -275,6 +402,7 @@ logger:
 #
 #  o Primary/Secondary can be configured. Others are ignored.
 #
+#  smf:
 #    dns:
 #      - 8.8.8.8
 #      - 8.8.4.4
@@ -293,6 +421,7 @@ logger:
 #
 #  o Proxy Call Session Control Function
 #
+#  smf:
 #    p-cscf:
 #      - 127.0.0.1
 #      - ::1
@@ -306,6 +435,7 @@ logger:
 #            reject subscribers if no OCS available among Diameter peers
 #    o no:   Don't use Gy interface if there is an OCS available
 #
+#  smf:
 #    ctf:
 #      enabled: auto|yes|no
 #
@@ -318,6 +448,7 @@ logger:
 #  Note that if there is no SmfInfo, any AMF can select this SMF.
 #
 #  o S-NSSAI[SST:1] and DNN[internet] - At least 1 DNN is required in S-NSSAI
+#  smf:
 #    info:
 #      - s_nssai:
 #          - sst: 1
@@ -325,6 +456,7 @@ logger:
 #              - internet
 #
 #  o S-NSSAI[SST:1 SD:009000] and DNN[internet or ims]
+#  smf:
 #    info:
 #      - s_nssai:
 #          - sst: 1
@@ -334,6 +466,7 @@ logger:
 #              - ims
 #
 #  o S-NSSAI[SST:1] and DNN[internet] and TAI[PLMN-ID:99970 TAC:1]
+#  smf:
 #    info:
 #      - s_nssai:
 #          - sst: 1
@@ -350,6 +483,7 @@ logger:
 #   - S-NSSAI[SST:2 SD:000080] and DNN[internet or ims]
 #   - S-NSSAI[SST:4] and DNN[internet] and TAI[PLMN-ID:99970 TAC:10-20,30-40]
 #
+#  smf:
 #    info:
 #      - s_nssai:
 #          - sst: 1
@@ -380,6 +514,7 @@ logger:
 #              - 30-40
 #
 #  o Complex Example
+#  smf:
 #    info:
 #      - s_nssai:
 #          - sst: 1
@@ -447,6 +582,7 @@ logger:
 #   If you set the security_indication in smf.yaml,
 #   this information is delivered using PDU Session Resource Request Transfer IE
 #
+#  smf:
 #    security_indication:
 #      integrity_protection_indication: required|preferred|not-needed
 #      confidentiality_protection_indication: required|preferred|not-needed
@@ -482,26 +618,47 @@ smf:
     freeDiameter: /data/freeDiameter-smf.conf
 
 #
-# scp:
-#
 #  <SBI Client>>
 #
 #  o SBI Client(http://127.0.1.10:7777)
+#  sbi:
+#    client:
+#      no_tls: true
+#  scp:
 #    sbi:
 #      addr: 127.0.1.10
 #      port: 7777
 #
-#  o SBI Client(https://127.0.1.10:443, http://scp.open5gs.org:80)
+#  o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
+#  sbi:
+#    client:
+#      no_verify: true
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#  scp:
 #    sbi:
 #      - addr: 127.0.1.10
-#        tls:
-#          key: scp.key
-#          pem: scp.pem
+#      - addr: ::1
+#
+#  o SBI Client(https://scp.open5gs.org:443)
+#    Use the specified certificate while verifying the server
+#
+#  sbi:
+#    client:
+#      cacert: /etc/open5gs/tls/ca.crt
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#  scp:
+#    sbi:
 #      - name: scp.open5gs.org
 #
 #  o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
 #    If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
 #
+#  sbi:
+#    client:
+#      no_tls: true
+#  scp:
 #    sbi:
 #      addr:
 #        - 127.0.1.10
@@ -511,6 +668,10 @@ smf:
 #    - tcp_nodelay : true
 #    - so_linger.l_onoff : false
 #
+#  sbi:
+#    client:
+#      no_tls: true
+#  scp:
 #    sbi:
 #      addr: 127.0.1.10
 #      option:
@@ -526,21 +687,38 @@ scp:
         port: 7777
 
 #
-# nrf:
-#
 #  <SBI Client>>
 #
-#  o SBI Client(http://127.0.0.1:7777)
+#  o SBI Client(http://127.0.0.10:7777)
+#  sbi:
+#    client:
+#      no_tls: true
+#  nrf:
 #    sbi:
 #      addr: 127.0.0.10
 #      port: 7777
 #
-#  o SBI Client(https://127.0.0.10:443, http://nrf.open5gs.org:80)
+#  o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
+#  sbi:
+#    client:
+#      no_verify: true
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#  nrf:
 #    sbi:
 #      - addr: 127.0.0.10
-#        tls:
-#          key: nrf.key
-#          pem: nrf.pem
+#      - addr: ::1
+#
+#  o SBI Client(https://nrf.open5gs.org:443)
+#    Use the specified certificate while verifying the server
+#
+#  sbi:
+#    client:
+#      cacert: /etc/open5gs/tls/ca.crt
+#      key: /etc/open5gs/tls/amf.key
+#      cert: /etc/open5gs/tls/amf.crt
+#  nrf:
+#    sbi:
 #      - name: nrf.open5gs.org
 #
 #  o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
@@ -555,6 +733,10 @@ scp:
 #    - tcp_nodelay : true
 #    - so_linger.l_onoff : false
 #
+#  sbi:
+#    client:
+#      no_tls: true
+#  nrf:
 #    sbi:
 #      addr: 127.0.0.10
 #      option:
@@ -570,12 +752,10 @@ nrf:
         port: 7777
 
 #
-# upf:
-#
 #  <PFCP Client>>
 #
 #  o PFCP Client(127.0.0.7:8805)
-#
+#  upf:
 #    pfcp:
 #      addr: 127.0.0.7
 #
@@ -626,55 +806,62 @@ upf:
       - addr: 172.18.18.7
 
 #
-# parameter:
-#
 #  o Disable use of IPv4 addresses (only IPv6)
-#      no_ipv4: true
+#  parameter:
+#    no_ipv4: true
 #
 #  o Disable use of IPv6 addresses (only IPv4)
-#      no_ipv6: true
+#  parameter:
+#    no_ipv6: true
 #
 #  o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
-#      prefer_ipv4: true
+#  parameter:
+#    prefer_ipv4: true
 #
 #  o Disable selection of UPF PFCP in Round-Robin manner
-#      no_pfcp_rr_select: true
+#  parameter:
+#    no_pfcp_rr_select: true
 #
 #  o Legacy support for pre-release LTE 11 devices
 #    - Omits adding local address in packet filters for compatibility
-#      no_ipv4v6_local_addr_in_packet_filter: true
+#  parameter:
+#    no_ipv4v6_local_addr_in_packet_filter: true
 #
 parameter:
 
 #
+# o Maximum Number of UE
 # max:
+#   ue: 1024
 #
-# o Maximum Number of UE
-#    ue: 1024
 # o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
-#    peer: 64
+# max:
+#   peer: 64
+#
 # o Maximum Number of GTP peer nodes per SGWC/SMF
-#    gtp_peer: 64
+# max:
+#   gtp_peer: 64
 #
 max:
 
 #
-# time:
-#
 #  o NF Instance Heartbeat (Default : 0)
 #    NFs will not send heart-beat timer in NFProfile
 #    NRF will send heart-beat timer in NFProfile
+#    (Default values are used, so no configuration is required)
 #
 #  o NF Instance Heartbeat (20 seconds)
 #    NFs will send heart-beat timer (20 seconds) in NFProfile
 #    NRF can change heart-beat timer in NFProfile
-#
+#  time:
 #    nf_instance:
 #      heartbeat: 20
 #
 #  o Message Wait Duration (Default : 10,000 ms = 10 seconds)
+#    (Default values are used, so no configuration is required)
 #
 #  o Message Wait Duration (3000 ms)
+#  time:
 #    message:
 #        duration: 3000
 #
@@ -682,8 +869,10 @@ max:
 #    Time to wait for SMF to send
 #    PFCP Session Modification Request(Remove Indirect Tunnel) to the UPF
 #    after sending Nsmf_PDUSession_UpdateSMContext Response(hoState:COMPLETED)
+#    (Default values are used, so no configuration is required)
 #
 #  o Handover Wait Duration (500ms)
+#  time:
 #    handover:
 #        duration: 500
 time:
diff --git a/ttcn3-pgw-test/open5gs-upf.yaml b/ttcn3-pgw-test/open5gs-upf.yaml
index 148957f..693a1d7 100644
--- a/ttcn3-pgw-test/open5gs-upf.yaml
+++ b/ttcn3-pgw-test/open5gs-upf.yaml
@@ -1,43 +1,45 @@
 #
-# logger:
-#
 #  o Set OGS_LOG_INFO to all domain level
 #   - If `level` is omitted, the default level is OGS_LOG_INFO)
 #   - If `domain` is omitted, the all domain level is set from 'level'
-#    (Nothing is needed)
+#    (Default values are used, so no configuration is required)
 #
 #  o Set OGS_LOG_ERROR to all domain level
 #   - `level` can be set with none, fatal, error, warn, info, debug, trace
+#  logger:
 #    level: error
 #
 #  o Set OGS_LOG_DEBUG to mme/emm domain level
+#  logger:
 #    level: debug
 #    domain: mme,emm
 #
 #  o Set OGS_LOG_TRACE to all domain level
+#  logger:
 #    level: trace
-#    domain: core,pfcp,gtp,upf,event,tlv,mem,sock
+#    domain: core,sbi,ausf,event,tlv,mem,sock
 #
 logger:
     level: info
 
 #
-# upf:
-#
 #  <PFCP Server>
 #
 #  o PFCP Server(127.0.0.7:8805, ::1:8805)
+#  upf:
 #    pfcp:
 #      - addr: 127.0.0.7
 #      - addr: ::1
 #
 #  o PFCP-U Server(127.0.0.1:2152, [::1]:2152)
+#  upf:
 #    pfcp:
 #      name: localhost
 #
 #  o PFCP Option (Default)
 #    - so_bindtodevice : NULL
 #
+#  upf:
 #    pfcp:
 #      addr: 127.0.0.7
 #      option:
@@ -46,15 +48,18 @@ logger:
 #  <GTP-U Server>>
 #
 #  o GTP-U Server(127.0.0.7:2152, [::1]:2152)
+#  upf:
 #    gtpu:
 #      - addr: 127.0.0.7
 #      - addr: ::1
 #
 #  o GTP-U Server(127.0.0.1:2152, [::1]:2152)
+#  upf:
 #    gtpu:
 #      name: localhost
 #
 #  o User Plane IP Resource information
+#  upf:
 #    gtpu:
 #      - addr:
 #        - 127.0.0.7
@@ -70,20 +75,24 @@ logger:
 #        source_interface: 1
 #
 #  o Provide custom UPF GTP-U address to be advertised inside NGAP messages
+#  upf:
 #    gtpu:
 #      - addr: 10.4.128.21
 #        advertise: 172.24.15.30
 #
+#  upf:
 #    gtpu:
 #      - addr: 10.4.128.21
 #        advertise:
 #        - 127.0.0.1
 #        - ::1
 #
+#  upf:
 #    gtpu:
 #      - addr: 10.4.128.21
 #        advertise: upf1.5gc.mnc001.mcc001.3gppnetwork.org
 #
+#  upf:
 #    gtpu:
 #      - dev: ens3
 #        advertise: upf1.5gc.mnc001.mcc001.3gppnetwork.org
@@ -91,6 +100,7 @@ logger:
 #  o GTP-U Option (Default)
 #    - so_bindtodevice : NULL
 #
+#  upf:
 #    gtpu:
 #      addr: 127.0.0.7
 #      option:
@@ -104,6 +114,7 @@ logger:
 #  o IPv4 Pool
 #    $ sudo ip addr add 10.45.0.1/16 dev ogstun
 #
+#  upf:
 #    subnet:
 #      addr: 10.45.0.1/16
 #
@@ -111,6 +122,7 @@ logger:
 #    $ sudo ip addr add 10.45.0.1/16 dev ogstun
 #    $ sudo ip addr add 2001:db8:cafe::1/48 dev ogstun
 #
+#  upf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #      - addr: 2001:db8:cafe::1/48
@@ -125,6 +137,7 @@ logger:
 #
 #    ; If the UE has unknown DNN/APN(not internet/ims), SMF/UPF will crash.
 #
+#  upf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #        dnn: internet
@@ -138,6 +151,7 @@ logger:
 #  o Specific DNN/APN with the FALLBACK SUBNET(10.47.0.1/16)
 #    ; Note that put the FALLBACK SUBNET last to avoid SMF/UPF crash.
 #
+#  upf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #        dnn: internet
@@ -151,6 +165,7 @@ logger:
 #    $ sudo ip addr add 10.46.0.1/16 dev ogstun3
 #    $ sudo ip addr add 2001:db8:babe::1/48 dev ogstun3
 #
+#  upf:
 #    subnet:
 #      - addr: 10.45.0.1/16
 #        dnn: internet
@@ -164,6 +179,14 @@ logger:
 #        dnn: ims
 #        dev: ogstun3
 #
+#  <Metrics Server>
+#
+#  o Metrics Server(http://<any address>:9090)
+#  upf:
+#    metrics:
+#    - addr: 0.0.0.0
+#      port: 9090
+#
 upf:
     pfcp:
       - addr: 172.18.18.7
@@ -178,12 +201,10 @@ upf:
         dev: ogstun46
 
 #
-# smf:
-#
 #  <PFCP Client>>
 #
 #  o PFCP Client(127.0.0.4:8805)
-#
+#  smf:
 #    pfcp:
 #      addr: 127.0.0.4
 #
@@ -192,38 +213,41 @@ smf:
       addr: 172.18.18.4
 
 #
-# parameter:
-#
 #  o Number of output streams per SCTP associations.
-#      sctp_streams: 30
+#  parameter:
+#    sctp_streams: 30
 #
 #  o Disable use of IPv4 addresses (only IPv6)
-#      no_ipv4: true
+#  parameter:
+#    no_ipv4: true
 #
 #  o Disable use of IPv6 addresses (only IPv4)
-#      no_ipv6: true
+#  parameter:
+#    no_ipv6: true
 #
 #  o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
-#      prefer_ipv4: true
+#  parameter:
+#    prefer_ipv4: true
 #
 parameter:
 
 #
+# o Maximum Number of UE
 # max:
+#   ue: 1024
 #
-# o Maximum Number of UE
-#    ue: 1024
 # o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
-#    peer: 64
+# max:
+#   peer: 64
 #
 max:
 
 #
-# time:
-#
 #  o Message Wait Duration (Default : 10,000 ms = 10 seconds)
+#    (Default values are used, so no configuration is required)
 #
 #  o Message Wait Duration (3000 ms)
+#  time:
 #    message:
 #        duration: 3000
 time:
author	Vadim Yanitskiy <vyanitskiy@sysmocom.de>	2023-02-20 20:44:59 +0700
committer	Vadim Yanitskiy <vyanitskiy@sysmocom.de>	2023-02-20 21:37:06 +0700
commit	9779c4263dc7ab0038a8c86330673695c3791e83 (patch)
tree	0bdee61bc0c4fb24dfaac62c5029b73881b80bc1
parent	4c120dd0e0a39f367964a5c8e5a72077c9b75f33 (diff)