laforge has submitted this change. (
https://gerrit.osmocom.org/c/erlang/osmo-epdg/+/36822?usp=email )
Change subject: docs: add chapter operating
......................................................................
docs: add chapter operating
Change-Id: If4546fd98c470bcb29523bebae0ffa6bcf7f6cde
---
A docs/manuals/chapters/operating.adoc
M docs/manuals/osmoepdg-usermanual.adoc
2 files changed, 58 insertions(+), 0 deletions(-)
Approvals:
laforge: Looks good to me, approved
pespin: Looks good to me, but someone else must approve
Jenkins Builder: Verified
diff --git a/docs/manuals/chapters/operating.adoc
b/docs/manuals/chapters/operating.adoc
new file mode 100644
index 0000000..70e978e
--- /dev/null
+++ b/docs/manuals/chapters/operating.adoc
@@ -0,0 +1,47 @@
+[[operating]]
+== Operating osmo-epdg
+
+The osmo-epdg requires to run on Linux.
+osmo-epdg has been tested and developed with Debian 12.
+Linux kernel and/or erlang/OTP from Debian 11 are known to cause problems.
+
+=== Linux requirements
+
+The osmo-epdg is using the following Linux subsystems:
+
+* nftables (soft)
+* IP policy routing (soft)
+* ESP user-plane (soft)
+* GTP user-plane (hard)
+
+Soft dependencies can be changed by configuration.
+Hard dependencies are required and can't be changed without code changes.
+
+The user-plane is configured in the default configuration to use nftables and
+policy routing to ensure the traffic from UEs will only flow between the GTP
network
+interface and ESP encrypted tunnels.
+
+strongSwan will use the kernel ESP subsystem to encrypt, decrypt and route
traffic.
+strongSwan can be configured to replace the kernel ESP subsystem with a user
space
+imeplementation, which comes with a performance impact.
+
+osmo-epdg/erlang is using the GTP subsystem to de- and encapsulate. It only
supports using
+the kernel subsystem.
+
+=== EPC requirements
+
+The osmo-epdg was tested and developed against open5gs and requires version
2.7.1 or newer.
+
+==== HSS
+
+When a UE connects it requests an APN via SWu. By default the UE will request
+the APN "ims". The subscriber entry must allow connections to the requested
APN to succeed.
+
+==== PGW
+
+The osmo-epdg/erlang expects the PGW to support S2b and S6b.
+An UE will request attributes via IKEv2 which are translated into Additional
PCO (APCO) in GTP on the S2b
+reference point. The PGW should support Additional PCO via S2b.
+open5gs supports Additional PCO since 2.7.1.
+
+osmo-epdg only supports S2b over GTP.
diff --git a/docs/manuals/osmoepdg-usermanual.adoc
b/docs/manuals/osmoepdg-usermanual.adoc
index 05eb6b0..16473bc 100644
--- a/docs/manuals/osmoepdg-usermanual.adoc
+++ b/docs/manuals/osmoepdg-usermanual.adoc
@@ -12,3 +12,5 @@
include::{srcdir}/chapters/strongswan.adoc[]
include::{srcdir}/chapters/osmo-epdg.adoc[]
+
+include::{srcdir}/chapters/operating.adoc[]
--
To view, visit https://gerrit.osmocom.org/c/erlang/osmo-epdg/+/36822?usp=email
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: erlang/osmo-epdg
Gerrit-Branch: master
Gerrit-Change-Id: If4546fd98c470bcb29523bebae0ffa6bcf7f6cde
Gerrit-Change-Number: 36822
Gerrit-PatchSet: 3
Gerrit-Owner: lynxis lazus <lyn...@fe80.eu>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: laforge <lafo...@osmocom.org>
Gerrit-Reviewer: osmith <osm...@sysmocom.de>
Gerrit-Reviewer: pespin <pes...@sysmocom.de>
Gerrit-MessageType: merged
