Sample Configuration
The following is a sample configuration.
show running-config
profile compliance comp1
service nsmf-pdusession
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service namf-comm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service n1
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service n2
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nudm-sdm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nudm-uecm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nnrf-disc
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nnrf-nfm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service npcf-smpolicycontrol
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nchf-convergedcharging
version uri v1
version full 1.0.0
version spec 15.3.0
exit
exit
profile network-element amf amf1
nf-client-profile AP1
failure-handling-profile FH3
query-params [ dnn ]
exit
profile network-element udm udm1
nf-client-profile UP1
failure-handling-profile FH4
query-params [ dnn ]
exit
profile network-element pcf pcf1
nf-client-profile PP1
failure-handling-profile FH1
query-params [ dnn ]
rulebase-prefix cbn#
predefined-rule-prefix crn#
exit
profile network-element chf chf1
nf-client-profile CP1
failure-handling-profile FH2
query-params [ dnn ]
nf-client-profile-offline CP2
exit
profile network-element chf chgser1
exit
profile network-element upf upf1
node-id upf1@sgw.com
n4-peer-address ipv4 209.165.200.234
n4-peer-port 8805
dnn-list [ cisco.com intershat starent.com ]
capacity 65535
priority 65535
exit
profile upf-group group1
failure-profile FH1
exit
profile icmpv6 icmpprf1
options virtual-mac b6:6d:57:45:45:45
exit
profile charging chgprf1
method [ offline ]
exit
profile charging-characteristics 1
charging-profile chgprf1
exit
profile failure-handling FH1
interface pfcp
message N4SessionEstablishmentReq
cause-code pfcp-entity-in-congestion action retry-terminate max-retry 2
cause-code system-failure action terminate
cause-code service-not-supported action terminate
cause-code no-resource-available action retry-terminate max-retry 3
cause-code no-response-received action retry-terminate max-retry 1
cause-code reject action terminate
exit
message N4SessionModificationReq
cause-code mandatory-ie-incorrect action terminate
cause-code session-ctx-not-found action terminate
cause-code reject action terminate
exit
exit
exit
profile failure-handling gtp1
interface gtpc message S5S8CreateBearerReq
cause-code temp-fail
action retry timeout 1000 max-retry 2
exit
exit
interface gtpc message S5S8UpdateBearerReq
cause-code temp-fail
action retry timeout 1000 max-retry 2
exit
exit
interface gtpc message S5S8DeleteBearerReq
cause-code temp-fail
action retry timeout 1000 max-retry 2
exit
exit
exit
profile access access1
n26 idft enable timeout 15
n2 idft enable timeout 15
gtpc gtpc-failure-profile gtp1
exit
profile dnn default-profile
network-element-profiles chf chf1
network-element-profiles amf amf1
network-element-profiles pcf pcf1
network-element-profiles udm udm1
charging-profile chgprf1
virtual-mac b6:6d:47:47:47:47
ssc-mode 2 allowed [ 3 ]
session type IPV4 allowed [ IPV6 IPV4V6 ]
upf apn starent.com
exit
profile dnn intershat
network-element-profiles chf chf1
network-element-profiles amf amf1
network-element-profiles pcf pcf1
network-element-profiles udm udm1
charging-profile chgprf1
virtual-mac b6:6d:47:47:47:47
ssc-mode 2 allowed [ 3 ]
session type IPV4 allowed [ IPV6 IPV4V6 ]
upf apn intershat
dcnr true
exit
profile dnn intershat1
network-element-profiles chf chf1
network-element-profiles amf amf1
network-element-profiles pcf pcf1
network-element-profiles udm udm1
charging-profile chgprf1
virtual-mac b6:6d:47:47:47:48
pcscf-profile PCSCF_Prof_2
ssc-mode 1
session type IPV4
exit
profile dnn intershat2
network-element-profiles chf chf
network-element-profiles amf amf
network-element-profiles pcf pcf
network-element-profiles udm udm
charging-profile chgprf1
virtual-mac b6:6d:47:47:47:49
ssc-mode 2 allowed [ 3 ]
session type IPV4 allowed [ IPV6 IPV4V6 ]
upf apn intershat2
exit
profile dnn starent.com
network-element-profiles chf chf1
network-element-profiles amf amf1
network-element-profiles pcf pcf1
network-element-profiles udm udm1
charging-profile chgprf1
virtual-mac b6:6d:47:47:47:47
ssc-mode 2 allowed [ 3 ]
session type IPV4 allowed [ IPV6 IPV4V6 ]
upf apn starent.com
exit
profile qos abc
ambr ul "250 Kbps"
ambr dl "500 Kbps"
qi5 7
arp priority-level 14
arp preempt-cap NOT_PREEMPT
arp preempt-vuln PREEMPTABLE
priority 120
max data-burst 2000
exit
profile nf-client nf-type udm
udm-profile UP1
locality LOC1
priority 30
service name type nudm-sdm
endpoint-profile EP1
capacity 30
uri-scheme http
version
uri-version v2
exit
exit
endpoint-name EP1
primary ip-address ipv4 209.165.201.21
primary ip-address port 8001
exit
exit
exit
service name type nudm-uecm
endpoint-profile EP1
capacity 30
uri-scheme http
endpoint-name EP1
primary ip-address ipv4 209.165.201.21
primary ip-address port 8001
exit
exit
exit
service name type nudm-ee
endpoint-profile EP1
capacity 30
api-uri-prefix PREFIX
api-root ROOT
uri-scheme http
endpoint-name EP1
priority 56
primary ip-address ipv4 209.165.201.21
primary ip-address port 8001
exit
exit
exit
exit
exit
exit
profile nf-client nf-type pcf
pcf-profile PP1
locality LOC1
priority 30
service name type npcf-am-policy-control
endpoint-profile EP1
capacity 30
uri-scheme http
endpoint-name EP1
priority 56
primary ip-address ipv4 209.165.201.21
primary ip-address port 8003
exit
exit
exit
service name type npcf-smpolicycontrol
endpoint-profile EP1
capacity 30
uri-scheme http
endpoint-name EP1
priority 56
primary ip-address ipv4 209.165.201.21
primary ip-address port 8003
exit
exit
exit
exit
exit
exit
profile nf-client nf-type amf
amf-profile AP1
locality LOC1
priority 30
service name type namf-comm
endpoint-profile EP2
capacity 30
uri-scheme http
endpoint-name EP1
priority 56
primary ip-address ipv4 209.165.201.21
primary ip-address port 8002
exit
exit
exit
exit
exit
exit
profile nf-client nf-type chf
chf-profile CP1
locality LOC1
priority 30
service name type nchf-convergedcharging
endpoint-profile EP1
capacity 30
uri-scheme http
version
uri-version v2
exit
exit
endpoint-name EP1
priority 56
primary ip-address ipv4 209.165.201.21
primary ip-address port 8004
exit
exit
exit
exit
exit
chf-profile CP2
locality LOC1
priority 31
service name type nchf-convergedcharging
endpoint-profile EP1
capacity 30
uri-scheme http
version
uri-version v2
exit
exit
endpoint-name EP1
priority 56
primary ip-address ipv4 209.165.201.21
primary ip-address port 9040
exit
exit
exit
exit
exit
exit
profile nf-pair nf-type UDM
nrf-discovery-group udmdiscovery
locality client LOC1
locality preferred-server LOC1
locality geo-server GEO
exit
profile nf-pair nf-type AMF
nrf-discovery-group udmdiscovery
locality client LOC1
locality preferred-server LOC1
locality geo-server GEO
exit
profile nf-pair nf-type PCF
nrf-discovery-group udmdiscovery
locality client LOC1
locality preferred-server LOC1
locality geo-server GEO
exit
profile nf-pair nf-type UPF
nrf-discovery-group udmdiscovery
locality client LOC1
locality preferred-server LOC1
locality geo-server GEO
exit
profile nf-pair nf-type CHF
nrf-discovery-group udmdiscovery
locality client LOC1
locality preferred-server LOC1
locality geo-server GEO
exit
profile nf-client-failure nf-type udm
profile failure-handling FH4
service name type nudm-sdm
message type UdmSdmGetUESMSubscriptionData
status-code httpv2 403
retry 3
action retry-and-ignore
exit
status-code httpv2 404
action continue
exit
status-code httpv2 413
retry 3
action retry-and-continue
exit
status-code httpv2 501,504
retry 3
action retry-and-terminate
exit
status-code httpv2 503
action terminate
exit
exit
message type UdmSdmSubscribeToNotification
status-code httpv2 403
retry 3
action retry-and-ignore
exit
status-code httpv2 404
action continue
exit
status-code httpv2 413
retry 3
action retry-and-continue
exit
status-code httpv2 501,504
retry 3
action retry-and-terminate
exit
status-code httpv2 503
action terminate
exit
exit
exit
service name type nudm-uecm
message type UdmUecmRegisterSMF
status-code httpv2 403
retry 3
action retry-and-ignore
exit
status-code httpv2 404
action continue
exit
status-code httpv2 413
retry 3
action retry-and-continue
exit
status-code httpv2 501,504
retry 3
action retry-and-terminate
exit
status-code httpv2 503
action terminate
exit
exit
exit
exit
exit
profile nf-client-failure nf-type pcf
profile failure-handling FH1
service name type npcf-smpolicycontrol
message type PcfSmpolicycontrolCreate
status-code httpv2 0,403
action retry-and-ignore
exit
status-code httpv2 400
action continue
exit
status-code httpv2 404
action terminate
exit
status-code httpv2 500
retry 2
action retry-and-ignore
exit
status-code httpv2 503
retry 2
action retry-and-continue
exit
exit
message type PcfSmpolicycontrolUpdate
status-code httpv2 0,403
action retry-and-ignore
exit
status-code httpv2 400
action continue
exit
status-code httpv2 404
action terminate
exit
status-code httpv2 500
retry 2
action retry-and-ignore
exit
status-code httpv2 503
retry 2
action retry-and-continue
exit
exit
message type PcfSmpolicycontrolDelete
status-code httpv2 0,403
action retry-and-ignore
exit
status-code httpv2 400
action continue
exit
status-code httpv2 404
action terminate
exit
status-code httpv2 500
retry 2
action retry-and-ignore
exit
status-code httpv2 503
retry 2
action retry-and-continue
exit
exit
exit
exit
exit
profile nf-client-failure nf-type chf
profile failure-handling FH2
service name type nchf-convergedcharging
message type ChfConvergedchargingCreate
status-code httpv2 0,500,504
action continue
exit
status-code httpv2 400,404
retry 3
action retry-and-terminate
exit
status-code httpv2 403
retry 3
action retry-and-ignore
exit
status-code httpv2 503
action terminate
exit
exit
message type ChfConvergedchargingUpdate
status-code httpv2 0,500,504
action continue
exit
status-code httpv2 400,404
retry 3
action retry-and-terminate
exit
status-code httpv2 403
retry 3
action retry-and-ignore
exit
status-code httpv2 503
action terminate
exit
exit
message type ChfConvergedchargingDelete
status-code httpv2 0,500,504
action continue
exit
status-code httpv2 400,404
retry 3
action retry-and-terminate
exit
status-code httpv2 403
retry 3
action retry-and-ignore
exit
status-code httpv2 503
action terminate
exit
exit
exit
exit
exit
profile smf smf1
locality LOC1
allowed-nssai [ slice1 ]
plmn-id mcc 123
plmn-id mnc 456
service name nsmf-pdu
type pdu-session
schema http
service-id 1
version 1.Rn.0.0
http-endpoint base-url http://smf-service
icmpv6-profile icmpprf1
compliance-profile comp1
access-profile access1
subscriber-policy polSub
exit
exit
profile sgw sgw1
sgw-charging-threshold thre1
sgw-charging-profile ch1
locality LOC2
fqdn cisco.com.apn.epc.mnc456.mcc123
charging-mode gtpp
exit
profile sgw-charging-threshold thre1
cc profile value 1
volume total 100000
buckets 1
duration 60
exit
cc profile value 2
volume uplink 100000
volume downlink 100000
buckets 1
duration 120
exit
exit
profile sgw-charging-profile ch1
gtpp-triggers volume-limit enable
gtpp-triggers time-limit enable
gtpp-profile pf1
exit
profile gtpp-profile pf1 gtpp
local-storage
file
rotation
volume 5
cdr-count 1000
time-interval 60
exit
name
prefix NYPCF508
format .%Y-%m-%d%H-%M-%S.%4Q
max-file-seq-num 4
start-file-seq-num 1
recover-file-seq-num false
exit
purge-processed-files purge-interval 10
format custom5
exit
push
encrypted-url "$8$6vhjkoHt8RL2noFs/ON6ZJavTDzwGS2KUn/YqlBzgkezFmx5SzvnARYzAdVacCSyCirYOvcC\nTFnHpBNim3QY3Q=="
exit
exit
dictionary custom24
exit
policy subscriber polSub
precedence 1
sst 02
sdt Abf123
serving-plmn mcc 123
serving-plmn mnc 456
supi-start-range 100000000000001
supi-stop-range 999999999999999
gpsi-start-range 1000000000
gpsi-stop-range 9999999999
operator-policy opPol1
exit
precedence 511
operator-policy defOprPol1
exit
exit
policy operator defOprPol1
policy dnn defPolDnn
policy network-capability nc1
exit
policy operator opPol1
policy dnn polDnn
policy network-capability nc1
exit
policy dnn defPolDnn
profile default-profile
dnn dnn2 profile profile2
dnn intershat profile intershat
dnn intershat1 profile intershat1
dnn starent.com profile starent.com
exit
policy dnn polDnn
profile default-profile
dnn dnn2 profile profile2
dnn intershat profile intershat
dnn intershat1 profile intershat1
dnn intershat2 profile intershat2
dnn starent.com profile starent.com
exit
policy network-capability nc1
nw-support-local-address-tft true
exit
nssai name slice1
sst 2
sdt Abf123
dnn [ dnn1 intershat intershat1 intershat2 ]
exit
ipam
instance 1
source local
address-pool poolv4
vrf-name ISP
tags
dnn starent.com
exit
ipv4
split-size
per-cache 1024
per-dp 256
exit
address-range 209.165.202.129 209.165.200.253
exit
exit
address-pool poolv4DNN2
vrf-name ISP
tags
dnn intershat1
exit
ipv4
split-size
per-cache 1024
per-dp 256
exit
address-range 209.165.200.241 209.165.200.244
exit
exit
address-pool poolv4DNN3
vrf-name ISP
static
tags
dnn intershat2
exit
ipv4
split-size
per-cache 512
per-dp 512
exit
address-range 209.165.200.247 209.165.200.248
exit
ipv6
prefix-ranges
split-size
per-cache 8192
per-dp 8192
exit
prefix-range 2002:db0:: length 48
exit
exit
exit
address-pool poolv4vDNN
vrf-name ISP
tags
dnn intershat1
exit
ipv4
split-size
per-cache 1024
per-dp 256
exit
address-range 209.165.200.245 209.165.200.244
exit
exit
address-pool poolv6
vrf-name ISP
tags
dnn intershat
exit
ipv6
prefix-ranges
split-size
per-cache 8192
per-dp 1024
exit
prefix-range 2001:db0:: length 48
exit
exit
exit
address-pool poolv6DNN2
vrf-name ISP
tags
dnn intershat1
exit
ipv6
prefix-ranges
split-size
per-cache 8192
per-dp 1024
exit
prefix-range 2001:ef0:: length 48
exit
exit
exit
address-pool poolv6vDNN
vrf-name ISP
tags
dnn intershat1
exit
ipv6
prefix-ranges
split-size
per-cache 8192
per-dp 1024
exit
prefix-range 2001:ab0:: length 48
exit
exit
exit
exit
exit
cdl system-id 1
cdl enable-geo-replication true
cdl deployment-model small
cdl zookeeper replica 1
cdl remote-site 2
db-endpoint host 209.165.202.157
db-endpoint port 8882
kafka-server 209.165.202.157 10001
exit
exit
cdl datastore session
geo-remote-site [ 2 ]
slice-names [ cnSGW1 cnSGW2 ]
endpoint replica 1
endpoint external-ip 209.165.202.156
endpoint external-port 8882
index map 1
index write-factor 1
slot replica 1
slot map 1
slot write-factor 1
features instance-aware-notification enable true
features instance-aware-notification system-id 1
slice-names [ cnSGW1 ]
exit
features instance-aware-notification system-id 2
slice-names [ cnSGW2 ]
exit
exit
cdl kafka replica 1
cdl kafka external-ip 209.165.202.156 10001
exit
etcd replicas 1
instance instance-id 1
endpoint li
replicas 1
vip-ip 209.165.200.237
exit
endpoint nodemgr
replicas 1
nodes 1
exit
endpoint gtp
replicas 1
interface s5
vip-ip 209.165.201.11
exit
interface s5e
vip-ip 209.165.201.21
exit
interface s11
vip-ip 209.165.200.237
exit
exit
endpoint pfcp
replicas 1
interface sxa
heartbeat
interval 0
exit
exit
interface n4
heartbeat
interval 0
retransmission-timeout 3
max-retransmissions 5
exit
exit
exit
endpoint radius-dns
replicas 1
vip-ip 209.165.201.21
exit
endpoint service
replicas 1
exit
endpoint protocol
replicas 1
internal-vip 209.165.201.11
vip-ip 209.165.201.21
interface sxa
vip-ip 209.165.201.21
exit
interface n4
vip-ip 209.165.201.11
exit
exit
endpoint gtpprime
replicas 2
nodes 1
exit
endpoint sgw-service
replicas 1
exit
endpoint geo
replicas 1
nodes 2
interface geo-internal
vip-ip 209.165.200.233 vip-port 7001
exit
interface geo-external
vip-ip 209.165.200.234 vip-port 7002
exit
exit
endpoint sbi
replicas 1
vip-ip 209.165.201.21
exit
endpoint bgpspeaker
replicas 1
nodes 2
exit
exit
instance instance-id 2
endpoint li
replicas 1
vip-ip 209.165.200.238
exit
endpoint nodemgr
replicas 1
nodes 1
exit
endpoint gtp
replicas 1
interface s5
vip-ip 209.165.201.12
exit
interface s5e
vip-ip 209.165.201.141
exit
interface s11
vip-ip 209.165.200.238
exit
exit
endpoint pfcp
replicas 1
interface sxa
heartbeat
interval 0
exit
exit
interface n4
heartbeat
interval 0
retransmission-timeout 3
max-retransmissions 5
exit
exit
exit
endpoint radius-dns
replicas 1
vip-ip 209.165.201.141
exit
endpoint service
replicas 1
exit
endpoint protocol
replicas 1
internal-vip 209.165.201.11
vip-ip 209.165.201.141
interface sxa
vip-ip 209.165.201.141
exit
interface n4
vip-ip 209.165.201.12
exit
exit
endpoint gtpprime
replicas 2
nodes 1
exit
endpoint sgw-service
replicas 1
exit
endpoint geo
replicas 1
nodes 2
interface geo-internal
vip-ip 209.165.200.235 vip-port 7001
exit
interface geo-external
vip-ip 209.165.200.236 vip-port 7002
exit
exit
endpoint sbi
replicas 1
vip-ip 209.165.201.141
exit
endpoint bgpspeaker
replicas 1
nodes 2
exit
exit
logging level application debug
logging level transaction debug
logging level tracing debug
logging name gtpp-ep0.application.config level application debug
logging name gtpp-ep0.application.gen level application trace
logging name gtpp-ep1.application.config level application debug
logging name gtpp-ep1.application.gen level application trace
logging name infra.cdr.core level application debug
logging name infra.cdr_sftp.core level application debug
logging name infra.config.core level application trace
logging name infra.config.core level transaction trace
logging name infra.config.core level tracing off
logging name infra.message_log.core level transaction trace
router bgp 65061
bfd interval 250000 min_rx 250000 multiplier 3
interface v4001
neighbor 209.165.202.131 remote-as 65060 fail-over bfd
exit
policy-name allow-all ip-prefix 209.165.201.30/0 mask-range 0..32
exit
deployment
app-name smf
cluster-name Local
dc-name DC
model small
exit
k8 label protocol-layer key disktype value ssd
exit
geomonitor podmonitor pods bgpspeaker-pod
retryCount 1
retryInterval 200
retryFailOverInterval 200
failedReplicaPercent 40
exit
geomonitor podmonitor pods gtpp-ep
retryCount 1
retryInterval 200
retryFailOverInterval 200
failedReplicaPercent 40
exit
geomonitor podmonitor pods li-ep
retryCount 1
retryInterval 200
retryFailOverInterval 200
failedReplicaPercent 40
exit
geomonitor podmonitor pods sgw-service
retryCount 1
retryInterval 200
retryFailOverInterval 200
failedReplicaPercent 40
exit
instances instance 1
system-id DCNAME001
cluster-id CLUSTER0001
slice-name cnSGW1
exit
instances instance 2
system-id DCNAME002
cluster-id CLUSTER0002
slice-name cnSGW2
exit
local-instance instance 1
system mode running
helm default-repository cn
helm repository cn
access-token sgw-deployer.gen:AKCp8ihVrCfvm9puwTSt8oKGK6HxP1Fn8sLY5fzqWyR3NhrBmjjJrUHaxfZD3ziQpiLkAy1Q3
url https://engci-maven-master.cisco.com/artifactory/smi-fuse-internal-snapshot/mobile-cnat-cn/cn-products/rel-2021.02/
exit
k8s name cn
k8s namespace cn
k8s nf-name smf
k8s registry dockerhub.cisco.com/smi-fuse-docker-internal
k8s single-node true
k8s use-volume-claims true
k8s image-pull-secrets regcred
k8s ingress-host-name 209.165.200.235.nip.io
aaa authentication users user admin
uid 117
gid 117
password $1$g8J36yTY$1g/tM5a9pdsGMnKcspnxD.
ssh_keydir /tmp/admin/.ssh
homedir /tmp/admin
exit
aaa ios level 0
prompt "\h> "
exit
aaa ios level 15
prompt "\h# "
exit
aaa ios privilege exec
level 0
command action
exit
command autowizard
exit
command enable
exit
command exit
exit
command help
exit
command startup
exit
exit
level 15
command configure
exit
exit
exit
nacm write-default deny
nacm groups group LI
user-name [ liadmin ]
exit
nacm groups group LI2
user-name [ liadmin2 ]
exit
nacm groups group LI3
user-name [ liadmin3 ]
exit
nacm groups group admin
user-name [ admin ]
exit
nacm rule-list admin
group [ admin ]
rule li-deny-tap
module-name lawful-intercept
path /lawful-intercept
access-operations *
action deny
exit
rule li-deny-clear
module-name tailf-mobile-smf
path /clear/lawful-intercept
access-operations *
action deny
exit
rule any-access
action permit
exit
exit
nacm rule-list confd-api-manager
group [ confd-api-manager ]
rule any-access
action permit
exit
exit
nacm rule-list ops-center-security
group [ * ]
rule change-self-password
module-name ops-center-security
path /smiuser/change-self-password
access-operations exec
action permit
exit
rule smiuser
module-name ops-center-security
path /smiuser
access-operations exec
action deny
exit
exit
nacm rule-list lawful-intercept
group [ LI LI2 LI3 ]
rule li-accept-tap
module-name lawful-intercept
path /lawful-intercept
access-operations *
action permit
exit
rule li-accept-clear
module-name tailf-mobile-smf
path /clear/lawful-intercept
access-operations *
action permit
exit
exit
nacm rule-list any-group
group [ * ]
rule li-deny-tap
module-name lawful-intercept
path /lawful-intercept
access-operations *
action deny
exit
rule li-deny-clear
module-name tailf-mobile-smf
path /clear/lawful-intercept
access-operations *
action deny
exit
exit
Feedback