5G-Cloud Ericsson SCP Support

The 5G Core follows a service-based architecture where control plane network functions communicate using the HTTP2 protocol. In Ericsson SCP Mode, HTTP2 transactions are mirrored through the Service Communication Proxy (SCP) and encapsulated using UDP-GRE for further processing.

Ericsson SCP

In Ericsson vTAP, traffic is tapped from the Packet Core Controller (PCC), including AMF and SMF, in Layer 7 HTTP SBI JSON format. The 5G SBI application supports this PCC traffic, ensuring efficient processing and monitoring. Refer to 5G-Service Based Interface Application.

In Ericsson SCP mode, the Service Communication Proxy (SCP) mirrors 5G SBI traffic within the Cloud Core Signaling Controller, capturing communication between multiple network functions via SCP.

The 5G-Cloud application in GigaVUE V Series Nodes is enhanced to receive and process traffic from the Ericsson SCP and forward it to the monitoring tools. This setup supports both configuration and visualization through GigaVUE-FM integration.

Traffic from the Ericsson 5G Core is encapsulated using UDP-GRE tunnels, with specific keys 3 and 17, to identify different traffic flows from SCP. GigaVUE-FM serves as the centralized management platform orchestrating the visibility fabric, which includes the V Series Nodes. The V Series Nodes inspect, aggregate, and process the incoming packets. After processing, traffic is encapsulated using L2GRE or VXLAN tunneling protocols and forwarded to either physical or virtual probes as follows:

■   Physical Probe: If IP connectivity is not available, the traffic is sent to a GigaVUE HC/GigaVUE TA Series device, which serves as a traffic aggregator and distributor. The device decapsulates and distributes the traffic to the probe.
■   Virtual Probe: If IP connectivity is available, the processed traffic is forwarded directly to virtual probe for detailed traffic inspection and analytics.

This end-to-end solution ensures comprehensive visibility into 5G network traffic, facilitating efficient monitoring and performance analysis across both physical and cloud-based infrastructures.

How Ericsson SCP Solution works

The following figure shows the block diagram of the data flow in the V Series Nodes.

The encapsulated traffic enters the system, and based on the key values, is passed through a PCAP-NG, 5G SBI, and LB application to capture and monitor the data.

For traffic mirroring and flow processing in Ericsson VTap 5G Core network with key value 1, refer to 5G-Service Based Interface Application

When traffic is processed through keys 3 and 17, the PCAPng application reads and validates various blocks within received PCAPng files before forwarding them to the Load Balancing application. It processes data based on the packet type, which includes a combination of the following blocks. Refer to PCAPng Application.

1.   Mandatory Blocks:
o   Section Header Block (SHB)
2. Optional Blocks:
o   Interface Description Block (IDB)
o   Enhanced Packet Block (EPB)
o   Simple Packet Block
o   Name Resolution Block
o   Interface Statistics Block

The Load Balancing application efficiently distributes traffic with different flow IDs across multiple cores, enabling parallel processing of packets with distinct stream IDs. It ensures that request and response frames with the same stream ID are processed sequentially within the same core, preventing race conditions where these frames might otherwise be handled in parallel across different cores. Refer to Load Balancing.

The extracted data is encapsulated within a VXLAN and routed to the 5G-Cloud application. The 5G-Cloud application processes VXLAN packets by first decapsulating them to extract the HTTP2 headers and body. It then parses the EEVTAP TCP mirrored message and maps the transaction ID to track the full transaction.

After synthesizing the TCP flow and HTTP2 session to represent the complete 5G CNF/SCP/5G CNF transaction data, it forwards the data over an L2GRE/VXLAN tunnel to the probe. Refer to Create Ingress and Egress Tunnels.

Notes:
■   Ericsson SCP will process only Model C traffic.
■   You can deploy traffic ingress applications together in a single V Series Node and Monitoring Session. However, for the 5G-Cloud and egress applications, you must deploy a separate Monitoring Session and V Series Node.
■   You can configure either a single-tep or multi-tep setup for the egress tunnel. Switching between these configurations is not allowed; to make changes, you must undeploy and redeploy the Monitoring Session.
■   Ensure that all V Series Nodes within a single Monitoring Domain are running the same version. Mixing different versions in the same Monitoring Domain may lead to inconsistencies when configuring Monitoring Session traffic elements.

Configuration of 5G-Cloud Ericsson SCP

In GigaVUE-FM, you must do the following to configure the 5G-Cloud application in the Monitoring Session of a Monitoring Domain in the V Series:

S.No

Steps

Refer to

V series Node 1

1

Configure UDP-GRE Ingress TEP to receive the HTTP2 messages.

Note:  You should configure individual UDP-GRE tunnels for each of the following key values:

Key Value 1: Ericsson vTAP .
Key Values 3 and 17: Ericsson SCP.

Create Ingress and Egress Tunnel (VMware vCenter)

Create Ingress and Egress Tunnels (OpenStack)

Create Ingress and Egress Tunnels (OpenStack)

2

Configure PCAPng application and link ingress TEP and PCAPng application instances in the Monitoring Session.

PCAPng Application

3

Configure LB application and link LB application and PCAPng application instances in the Monitoring Session.

Load Balancing

4

Create a VXLAN egress TEP.

Create Ingress and Egress Tunnel (VMware vCenter)

Create Ingress and Egress Tunnels (OpenStack)

Create Ingress and Egress Tunnels (OpenStack)

5

Create a link between egress TEP and LB application.

 

V series Node 2

6

Create a ingress REP to extract the HTTP2 body.

Create Raw Endpoint (VMware vCenter)

Create Raw Endpoint (OpenStack)

Create Raw Endpoint (Third Party Orchestration)

7

Create a link between the VXLAN egress TEP and ingress REP.

 

8

Add the 5G-Cloud application in the Monitoring Session.

5G-Cloud Application

9

Create a link between ingress REP and the 5G-Cloud application.

 

10

Create egress REP.

Create Raw Endpoint (VMware vCenter)

Create Raw Endpoint (OpenStack)

Create Raw Endpoint (Third Party Orchestration)

11

Create a link between the 5G-Cloud application and egress REP.

 

Add 5G-Cloud Application in Ericsson SCP

Pre-requisite:

  • You must upload CSV files containing a valid FQDN, NF Instance, and User Agent IDs and a valid IPv4/IPv6 address. Refer to Add CSV file for IP Mapping.

You can add a 5G-Cloud application to:

■   New Monitoring Session - Add the 5G-Cloud application after creating a new Monitoring Session and when the GigaVUE-FM canvas appears. Refer to Create a Monitoring Session section in the respective GigaVUE Cloud Suite Deployment Guide.
■   Existing session - Select any existing Monitoring Session and go to TRAFFIC PROCESSING tab. The GigaVUE-FM canvas appears.

To add a 5G-Cloud application:

1.   In the canvas, drag and drop the 5G-Cloud application and select Details. The 5G-Cloud quick view appears.

2. On the application quick view, enter or select the required information as described in the Reference - Configuration Table.

Note:  It is recommended to maintain a 60-90 second delay when undeploying and deploying a Monitoring Session in GigaVUE-FM.

Reference - Configuration Table

Field

Description

Application

The name 5g-Cloud appears by default.

Alias

Enter the alias name as cloud5g.

Mode

From the drop-down list, select Ericsson SCP Transparent.

RX Tunnel

Type

Specify the tunnel type. The default is VXLAN.

Listening IP

Specify the tunnel's local listen IP address to receive the packet.

Listening Port

Specify the tunnel's local listening port to bind to receive the packet. The application will listen to the traffic coming to the specified port. Enter a value between 1 and 65535.

Source Port

Specify the tunnel destination port from where the packets will be sent. Enter a value between 1 and 65535.

VNI Id

Specify the VNI to use for the VXLAN traffic. Enter a value between 0 and 16777215. The default value is zero.

RX Thread

Specify the RX value to receive the packet. Enter a value between 1 and 16. The default value is 8.

TX Tunnel

Type

Specify the tunnel type.

Tool IP

Specify the remote IP address to send the packet.

Destination Port

Specify the tunnel destination port to which the packet will be sent. Enter a value between 1 and 65535.

Source IP

Specify the source IP address to use when sending the packet.

Source Port

Specify the tunnel source port to bind when sending the packet. Enter a value between 1 and 65535.

VNI Id

(Applicable only when the selected tunnel type is VXLAN)

Specify the VNI to use for the VXLAN traffic. Enter a value between 0 and 16777215.

L2GRE Key

(Applicable only when the selected tunnel type is L2GRE)

Specify the key for the L2GRE tunnel type. Enter a value between 0 and 4294967295.

Advanced Setting

Tool MTU

Specify the tool port MTU.

Log Directory

Specify the path to store the log files.

Log Level

Select the severity log level of the events from the following options:

None
Fatal
Error
Notification
Information
Debug

SCP Config

FQDN Mapping

Specify the alias name created for the uploaded FQDN table CSV file.

NF Instance Mapping

Specify the alias name created for the uploaded NFID table CSV file.

User Agent Mapping

Specify the alias name created for the uploaded User Agent table CSV file.

TCP Server Ports

Specify the TCP server port or port range to allow TCP communication endpoints.

SCP Advanced Config

No. of TCP Flows

Specify the total number of concurrent TCP flows. Enter a value between 128 and 2048. The default value is 1024.

No. of Transaction Flows

Specify the total number of Transaction Stream Flows allocated for tracking active Transaction Streams. Enter a value between:

128 and 26000 for V Series Node of extra large form factor (total memory ≥ 32GB).
128 and 5500 for V Series Node of large form factor (total memory < 32GB).

The default value is 2048.

TCP Flow Timeout

Specify the TCP flow timeout ranging between 0 to 7200. The default value is 900.

SCP Transaction Timeout

Specify the SCP transaction timeout value ranging between 1 and 300. The default value is 10.

Note:  The recommended timeout value is between 10 and 20 seconds. An increase in the transaction timeout value will impact the total number of transactions that can be processed in parallel.

Minimum TCP Client Port

Specify the minimum value to be used for TCP client port ranging between 1023 and 65535. The default value is 32768.

Maximum TCP Client Port

Specify the maximum value to be used for client port ranging between 1023 and 65535. The default value is 36863.

SCP Processing Threads

Specify the number of worker threads for processing In-Out packets. Enter a value between 1 and 16. The default value is 8.

TCP Client Ports per Thread

Specify the number of TCP client ports for each worker thread. Enter a value between 100 and 8000. The default value is 1000.

Header Index

Enable or disable the header indexing. The default value is disabled.

Header Compression Code

Enable or disable the header compression code. The default value is disable.

Gigamon Header

Enable or disable the Gigamon Header. The default value is Enable.

Packet Capture Level

Select the packet capture level from the drop-down list:

All
Receive
Transmit
None

5G-Cloud Log Level

Select the required 5G-Cloud CSV log level from the drop down list. The default value is None.

All
Flow
Message
Transaction
None

HTTP2 Monitored Flows

Number of Streams

Specify the number of monitored stream flows. Enter a value between 1024 and 16384. The default is 1024.

Request Timeout

Specify the HTTP/2 request timeout in seconds. Enter a value between 1 and 300. The default is 15 seconds.

Response Timeout

Specify the HTTP/2 response timeout in seconds. Enter a value between 1 and 300. The default is 2 seconds.

TCP Monitored Flows

Number of Flows

Specify the number of monitored TCP flows. Enter a value between:

1024 and 32768 for V Series Node of extra large form factor (total memory > 32GB).
1024 and 2048 for V Series Node of lesser form factor.

The default value is 2048.

Flow Timeout

Specify the timeout for TCP flows in seconds. Enter a value between 1 and 7200. The default value is 60 seconds.

Flow Reassembly Timeout

Specify the timeout for TCP flow reassembly in seconds. Enter a value between 1 and 7200. The default value is 500 seconds.

Download Logs - 5G-Cloud application

You can view the log files of a V Series Node or download them as .CSV or .txt files.

To download the log files to a local environment:

1.   Go to Traffic > VIRTUAL > select your cloud platform.
2. Select the required Monitoring Session and click Details on the 5G-Cloud application. Go to LOGGING in the quick view. The Logging page displays the logs currently available.
3. Select the required Days, Timestamps, File Name, and Type (TextLog and FlowStats) details.
4. Select the log files to download, and then click Download > Files. The system downloads the selected files to your local environment.

Add CSV file for IP Mapping

To add the CSV file for IP mapping:

1.   Go to Inventory > VIRTUAL > select your cloud platform, and then click Settings > 5G-Apps. The 5G-Apps Configuration page appears.
2. Click New. Enter the name for the CSV file in the Alias field
3. From the Type drop-down list, select one of the following:
o   5G-Cloud FQDN - Add the CSV file containing a valid FQDN ID and a valid IPv4/IPv6 address for IP mapping.
o   5G-Cloud NF Instance - Add the CSV file containing a valid NF instance ID and a valid IPv4/IPv6 address for IP mapping.
o   5G-Cloud UA - Add the CSV file containing a valid user agent ID and a valid IPv4/IPv6 address for IP mapping.
4. Click Choose File in the FileName field to upload the CSV file into GigaVUE-FM.
Notes - Header details of the CSV file:
■   FQDN Mapping: gigamon@vseries:/var/log/cloud5g_tabledir$ cat FQDN.txt
o   Header details: FQDNid,IngressIP1,IngressIP2,IngressPort,EgressIP,NFType,NFLocation
o   Example: s25scp01.scp.5gc.mnc003.mcc525.3gppnetwork.org,170.00.13.187,,8080,,SCP,plolp
■   NF Instance Mapping: gigamon@vseries:/var/log/cloud5g_tabledir$ pwd NFID.txt
o   Header details: NFID,IngressIP1,IngressIP2,IngressPort,EgressIP,NFType,NFLocation
o   Example: 8b94c7xx-d700-4xcd-90be-634x11a5xx0d,100.23.14.4,,8080,,AMF,plolp
■   User Agent Mapping: gigamon@vseries:/var/log/cloud5g_tabledir$ pwd UA.txt
o   Header details: UserAgent,IngressIP1,NFType,NFLocation
o   Example: xx5gs20015gcay01,192.64.10.67,AMF,plolp
5. Click Validate to validate the CSV file.
6. Click Save to add the CSV file.

FHA Dashboards for 5G-Cloud Applications

After configuring the 5G-Cloud application, you can monitor the statistics for Ericsson SCP by the reports displayed in the Dashboard. To access the details, refer to FHA Dashboards for 5G-Cloud Applications.