Enabling Probes to Inspect the Subscribers Traffic from Ericsson 5G Core (6.2)

Introduction

The service providers deploy probes for monitoring 5G control plane traffic. In the service based Ericsson 5G architecture, the control plane traffic is json encoded and probes cannot consume and process it directly. Service providers might try to use existing resources with additional modules which decodes and synthesizing the control plane traffic before reaching the probes. Gigamon's Subscriber Intelligence solution can decode and synthesizing control plane traffic received from Ericsson 5G core and forwarding proper and complete HTTP2 transactions to the probes so that it can process and do analysis. This GVD build on that capability to demonstrate deploying the solution to meet the above requirement.

Design Overview

This GVD presumes a service provider's 5G mobile core network, as illustrated in the following topology, comprising of V Series with PCAPNG and SBI applications.

• The subscribers control plane traffic (UDP+GRE) from Ericsson 5G core is terminated at V Series in Ingress TEP module.

  • To terminate control plane traffic, V Series IP needs to be configured at Ericsson VTAP to generate a copy of control plane traffic to V Series.

• SBI application - Json encoded data is further parsed to extract the source and destination information and is used to synthesize the complete HTTP2 transaction with proper L2,L3, and L4 headers.

• Once the headers are synthesized, complete HTTP2 transaction is forwarded to probes via Egress TEP.

  • If probe supports tunnel (VxLAN, GRE) decapsulation then the synthesized traffic can be forwarded directly to the probe.

  • If probe does not support tunnel (VxLAN, GRE) decapsulation then the synthesized traffic can be forwarded to TA or HC series for decapsulation and then forwarded to probe.

  

 

WTo learn more about this solution, read complete details on the Gigamon Community: