1. Network Repository Function (NRF) Cloud Native User's Guide
  2. OCNRF Architecture

4 OCNRF Architecture

OCNRF comprises of various microservices deployed in Kubernetes based Cloud Native Environment (CNE, example: OC-CNE). Some common services like logs or metrics data collection, analysis and graphs or charts visualization, etc. are provided by the environment. The microservices integrate with them and provide them necessary data.

The followings are the components of OCNRF product:

  • NF Registration MicroService

    This microservice handles the following service operations:

    • receives and handles NFRegister service requests from the NFs
    • receives and handles NFUpdate service requests from the NFs
    • receives and handles NFDeregister service requests from the NFs
    • receives and handles NFListRetrieval service requests from the NFs
    • receives and handles NFProfileRetrieval service requests from the NFs
    • receives and handles the Heart-beat messages from the NFs
  • NF Subscription MicroService

    This microservice handles the following service operations:

    • receives and handles NFStatusSubscribe service requests from the NFs
    • receives and handles NFStatusUnsubscribe service requests from the NFs
    • sends NFStatusNotify service requests towards the subscribed NFs
  • NF Discover MicroService

    This microservice handles the following service operations:

    • receives and handles NFDiscover service requests from the NFs
  • NF Access Token microservice

    This microservice handles 3GPP defined AccessToken service operations. Oauth2.0 based token is provided by OCNRF according to inputs provided by consumer network function in access token request.

  • OCNRF Auditor MicroService

    This microservice is internal to OCNRF. This microservice performs the following tasks:

    • finds and deletes the expired subscription records
    • finds and deletes the profile records which have been SUSPENDED for a very long time
    • monitors the heart-beat expiry, mark the NF profiles as suspended and act appropriately on the suspended NF profiles
  • OCNRF Configuration Microservice

    This microservice is used to configure OCNRF. These configuration can be changed dynamically by a operator/user using REST based interface. This configuration data is managed by the OCNRF configuration service and is stored in a separate data store.

  • OCNRF Ingress Gateway microservice

    This microservice is entry point for accessing OCNRF supported service operations.

  • OCNRF Egress Gateway microservice

    This microservice is responsible to route OCNRF initiated egress messages to other NFs.

OCNRF Features

Following are the OCNRF features:

NF Screening

NF Screening supports the functionality to screen the service requests received from 5G Network Functions (NFs) before allowing access to OCNRF services.

In this feature, OCNRF screens the incoming service operations from NFs on the basis of some attributes against set of rules configured at OCNRF. OCNRF processes the required services only if screening is successful.

This feature provides extra security by restricting the NF that can use the service of OCNRF. Operator can decide which NF with required attributes can access the services provided by OCNRF. To implement this, operator can configure various screening lists in which attributes can be configured to tell which attribute is allowed or not.

Note:

By default, NF Screening feature is globally disabled. This feature can be enabled by setting the nfScreeningRulesListStatus attribute as "ENABLED" using REST based Interface.

For configuring NF Screening feature, see Configuring NF Screening.

The screening can be in the form of Whitelist or Blacklist.

  • When a screening list is configured to operate as a whitelist, the request is allowed to access the service only if the corresponding attribute value is present in the whitelist.
  • When a screening list is configured to operate as a blacklist, the request is allowed to access the service only if the corresponding attribute value is not present in the blacklist.
Screening Lists can have rules for global and per NF type.
  • The global level screening lists allows operators to configure screening that is common to all NFs .
  • Per NF Type level rules provides additional flexibility/granularity for screening that can be controlled on a per NF type basis.

Note:

  • The rules can be configured at both Global level and Per NF Type level.
  • "NF type list allowed to Register" is available at Global level only.

Subscriber Location Function (SLF)

OCNRF supports SLF feature which identifies specific NF Type selection based on subscriber identity. For NF selection based on subscriber identity, OCNRF:

  • Identifies if received NFDiscover service request requires NF selection based on subscriber identity.
  • Discovers the NF Group Id(s) using Nudr_GroupIDmap (aka SLF) Query service operation.
  • Generates NFDiscover service response using NF Group Id(s) and other parameters