2 NRF REST Specifications
This chapter provides information about REST specifications used in Oracle Communications Cloud Native Core, Network Repository Function (NRF).
NRF can be configured using Helm configurations, REST APIs, and Cloud Native Configuration Console (CNC Console). The NRF deployment configurations are performed during NRF installation using Helm and a few configurations are modified using REST APIs. REST configurations can also be performed using the CNC Console.
For Helm configurations, see Oracle Communications Cloud Native Core, Network Repository Function Installation, Upgrade, and Fault Recovery Guide.
For the configurations using CNC Console, see Oracle Communications Cloud Native Core, Network Repository Function User Guide.
2.1 Mandatory Configurations
- nrfPlmnList: PLMN(s) served by NRF.
- ocnrfHost: NRF Host's FQDN.
- ocnrfPort: NRF Host's Port.
Note:
M, O, and C in the Presence column denote as follows:- M: Mandatory
- O: Optional
- C: Conditional
2.2 Service API Interfaces
This section lists the API interface details for each NRF services.
API details
- scheme:- http, https
- the fixed string "://"
- authority (host and optional port) host and port will be CNC Console host and port details
Table 2-1 NRF Microservice API Interfaces
| Resource Name | Resource URI | HTTP Method | Data Model for Request | Data Model for Response | Description |
|---|---|---|---|---|---|
| ocnrfConfigurations | {apiRoot}/nrf-configuration/v1/allConfigurations | GET | Not applicable | ocnrfConfigurations | Retrieves all of the NRF configurations in single GET request. This includes all Options and NFScreeningRules. |
| generalOptions | {apiRoot}/nrf-configuration/v1/generalOptions | GET | Not applicable | generalOptions | Retrieves NRF general options configuration. |
| generalOptions | {apiRoot}/nrf-configuration/v1/generalOptions | PUT | generalOptions | generalOptions | Updates NRF general options configuration. |
| nfManagementOptions | {apiRoot}/nrf-configuration/v1/nfManagementOptions | GET | Not applicable | nfManagementOptions | Retrieves NRF Management options configuration. |
| nfManagementOptions | {apiRoot}/nrf-configuration/v1/nfManagementOptions | PUT | nfManagementOptions | nfManagementOptions | Updates NRF Management options configuration. |
| nfDiscoveryOptions | {apiRoot}/nrf-configuration/v1/nfDiscoveryOptions | GET | Not applicable | nfDiscoveryOptions | Retrieves NRF Discovery options configuration. |
| nfDiscoveryOptions | {apiRoot}/nrf-configuration/v1/nfDiscoveryOptions | PUT | nfDiscoveryOptions | nfDiscoveryOptions | Updates NRF Discovery options configuration. |
| nfAccessTokenOptions | {apiRoot}/nrf-configuration/v1/nfAccessTokenOptions | GET | Not applicable | nfAccessTokenOptions | Retrieves NRF Access Token options configuration. |
| nfAccessTokenOptions | {apiRoot}/nrf-configuration/v1/nfAccessTokenOptions | PUT | nfAccessTokenOptions | nfAccessTokenOptions | Updates NRF Access Token options configuration. |
| forwardingOptions | {apiRoot}/nrf-configuration/v1/forwardingOptions | GET | Not applicable | forwardingOptions | Retrieves NRF Forwarding options configuration. |
| forwardingOptions | {apiRoot}/nrf-configuration/v1/forwardingOptions | PUT | forwardingOptions | forwardingOptions | Updates NRF Forwarding options configuration. |
| slfOptions | {apiRoot}/nrf-configuration/v1/slfOptions | GET | Not applicable | slfOptions | Retrieves NRF SLF options configuration. |
| slfOptions | {apiRoot}/nrf-configuration/v1/slfOptions | PUT | slfOptions | slfOptions | Updates NRF SLF options configuration. |
| slfOptions | {apiRoot}/nrf-configuration/v1/slfOptions | PATCH | slfOptions | slfOptions | Partially updates specific NRF SLF options configuration. |
| geoRedundancyOptions | {apiRoot}/nrf-configuration/v1/geoRedundancyOptions | GET | Not applicable | geoRedundancyOptions | Retrieves NRF Georedundancy options configuration. |
| geoRedundancyOptions | {apiRoot}/nrf-configuration/v1/geoRedundancyOptions | PUT | geoRedundancyOptions | geoRedundancyOptions | Updates NRF Georedundancy options configuration. |
| nfAuthenticationOptions | {apiRoot}/nrf-configuration/v1/nfAuthenticationOptions | GET | Not applicable | nfAuthenticationOptions | Retrieves NRF Authentication options configuration. |
| nfAuthenticationOptions | {apiRoot}/nrf-configuration/v1/nfAuthenticationOptions | PUT | nfAuthenticationOptions | nfAuthenticationOptions | Updates NRF Authentication options configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfAccessToken/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nfAccessToken configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfAccessToken/logging | PUT | logging | logging | Updates NRF Log Level options related to nfAccessToken configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfDiscovery/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nfDiscovery configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfDiscovery/logging | PUT | logging | logging | Updates NRF Log Level options related to nfDiscovery configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfRegistration/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nfRegistration configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfRegistration/logging | PUT | logging | logging | Updates NRF Log Level options related to nfRegistration configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfSubscription/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nfSubscription configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nfSubscription/logging | PUT | logging | logging | Retrieves NRF Log Level options related to nfSubscription configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfArtisan/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nrfArtisan configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfArtisan/logging | PUT | logging | logging | Retrieves NRF Log Level options related to nrfArtisan configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfAuditor/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nrfAuditor configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfAuditor/logging | PUT | logging | logging | Updates NRF Log Level options related to nrfAuditor configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfConfiguration/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nrfConfiguration configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfConfiguration/logging | PUT | logging | logging | Updates NRF Log Level options related to nrfConfiguration configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfCacheData/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to nrfCacheData configuration. |
| logLevelOptions | {apiRoot}/nrf-configuration/v1/nrfCacheData/logging | PUT | logging | logging | Updates NRF Log Level options related to nrfCacheData configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/igw/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to Ingress Gateway configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/igw/logging | PUT | Not applicable | logging | Updates NRF Log Level options related to Ingress Gateway configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/egw/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to Egress Gateway configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/egw/logging | PUT | Not applicable | logging | Updates NRF Log Level options related to Egress Gateway configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/appinfo/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to App Info configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/appinfo/logging | PUT | Not applicable | logging | Updates NRF Log Level options related to App Info configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/altRoute/logging | GET | Not applicable | logging | Retrieves NRF Log Level options related to Alternate Route configuration. |
| logLevelOptions | {apiRoot}/nrf/nf-common-component/v1/altRoute/logging | PUT | Not applicable | logging | Updates NRF Log Level options related to Alternate Route configuration. |
| allLoggingOptions | {apiRoot}/nrf-configuration/v1/all/logging | GET | Not applicable | array(allLoggingOptions) | Returns logging options for all NRF microservices and common services. |
| roamingOptions | {apiRoot}/nrf-configuration/v1/roamingOptions | GET | Not applicable | roamingOptions | Retrieves NRF roaming configuration details. |
| roamingOptions | {apiRoot}/nrf-configuration/v1/roamingOptions | PUT | roamingOptions | roamingOptions | Updates NRF roaming configuration details. |
| nfScreeningOptions | {apiRoot}/nrf-configuration/v1/nfScreeningOptions | GET | Not applicable | nfScreeningOptions | Retrieves NF Screening options configuration. |
| nfScreeningOptions | {apiRoot}/nrf-configuration/v1/nfScreeningOptions | PUT | nfScreeningOptions | nfScreeningOptions | Updates NF Screening options configuration. |
| screening-rules | {apiRoot}/nrf-configuration/v1/screening-rules | GET | Not applicable | ScreeningRulesResult | Returns all the screening rules. |
| screening-rules | {apiRoot}/nrf-configuration/v1/screening-rules | GET |
nfScreeningRulesListType or/and nfScreeningRulesListStatus |
ScreeningRulesResult |
Returns screening rules corresponding to the specified NF Screening Rule List Type. Query:- {apiRoot}/nrf-configuration/v1/screening-rules?nfScreeningRulesListStatus=<NfScreeningRulesListStatus> &nfScreeningRulesListType=<NfScreeningRulesListType> |
| screening-rules | {apiRoot}/nrf-configuration/v1/screening-rules/{nfScreeningRulesListType} | PUT | NfScreeningRules | NfScreeningRules | Replaces the complete specified NF Screening Rule List Type. |
| screening-rules | {apiRoot}/nrf-configuration/v1/screening-rules/{nfScreeningRulesListType} | PATCH | PatchDocument | NfScreeningRules | Partially updates the specified NF Screening Rule List Type (except read-only attributes). |
| dnsNAPTRUpdateOptions | {apiRoot}/nrf-configuration/v1/dnsNaptrUpdateOptions | GET | dnsNAPTRUpdateOptions | dnsNAPTRUpdateOptions | Retrieves NAPTR record from DNS configuration. |
| dnsNAPTRUpdateOptions | {apiRoot}/nrf-configuration/v1/dnsNaptrUpdateOptions | PUT | dnsNAPTRUpdateOptions | dnsNAPTRUpdateOptions | Updates NAPTR record in DNS configuration. |
| podProtectionOptions | {apiRoot}/nrf-configuration/v1/nfSubscription/podProtectionOptions | GET | podProtectionOptions | Pod Protection Options | Retrieves NRF pod protection options configuration. |
| podProtectionOptions | {apiRoot}/nrf-configuration/v1/nfSubscription/podProtectionOptions | PUT | podProtectionOptions | Pod Protection Options | Enables or Disables NRF pod protection feature. |
| controlledShutdownOptions | {apiRoot}/nrf-configuration/v1/controlledShutdownOptions | GET | Not applicable | Controlled Shutdown Options | Retrieves the operational state for the controlled shutdown feature. |
| controlledShutdownOptions | {apiRoot}/nrf-configuration/v1/controlledShutdownOptions | PUT | Not applicable | Controlled Shutdown Options | Updates the operational state for the controlled shutdown feature. |
| operationalStateHistory | {apiRoot}/nrf-configuration/v1/operationalStateHistory | GET | operationalStateHistory | Operational State History | Retrieves the operational state history for the controlled shutdown feature. |
| operationalStateHistory | {apiRoot}/nrf-configuration/v1/operationalStateHistory | PUT | Not applicable | Operational State History | Updates the operational state history for the controlled shutdown feature. |
| nrfGrowth | {apiRoot}/nrf-configuration/v1/nrfGrowth/featureOptions | GET | featureOptions | NRF Growth Options | Retrieves NRF growth feature configuration. |
| nrfGrowth | {apiRoot}/nrf-configuration/v1/nrfGrowth/featureOptions | PUT | featureOptions | NRF Growth Options | Updates NRF growth feature configuration. |
| nrfForwardingOptions | {apiRoot}/nrf-configuration/v1/nrfGrowth/nrfForwardingOptions | GET | nrfForwardingOptions | Forwarding Options for NRF Growth | Retrieves NRF growth feature forwarding configuration. |
| nrfForwardingOptions | {apiRoot}/nrf-configuration/v1/nrfGrowth/nrfForwardingOptions | PUT | nrfForwardingOptions | Forwarding Options for NRF Growth | Updates NRF growth feature forwarding configuration. |
Table 2-2 Perf-Info Microservice API Interfaces
| Resource Name | Resource URI | HTTP Method | Data Model for Request | Data Model for Response | Description |
|---|---|---|---|---|---|
| overloadLevelThreshold | {apiRoot}/nrf/nf-common-component/v1/perfinfo/overloadLevelThreshold | GET | overloadLevelThreshold | Overload Level Threshold Configuration in Perf-Info | Retrieves the overload threshold value of the required service. |
| overloadLevelThreshold | {apiRoot}/nrf/nf-common-component/v1/perfinfo/overloadLevelThreshold | PUT | overloadLevelThreshold | Overload Level Threshold Configuration in Perf-Info | Updates the overload threshold value of the required service. |
| overloadLevelThreshold | {apiRoot}/nrf/nf-common-component/v1/perfinfo/overloadLevelThreshold | DELETE | overloadLevelThreshold | Overload Level Threshold Configuration in Perf-Info | Deletes the overload threshold value of the required service. |
Table 2-3 Egress Gateway Microservice API Interfaces
| Resource Name | Resource URI | HTTP Method | Data Model for Request | Data Model for Response | Description |
|---|---|---|---|---|---|
| peerconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peerconfiguration | PUT | Not applicable | array (PeerConfiguration) | Updates NRF Egress Peer configuration. |
| peerconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peerconfiguration | GET | Not applicable | array (PeerConfiguration) | Retrieves NRF Egress Peer configuration. |
| peerConfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peerconfiguration | PATCH | Not applicable | array (PeerConfiguration) | Modifies NRF Egress Peer Set configuration. |
| peersetconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peersetconfiguration | PUT | Not applicable | array (PeerSetConfiguration) | Updates NRF Egress Peer Set configuration. |
| peersetconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peersetconfiguration | GET | Not applicable | array (PeerSetConfiguration) | Retrieves NRF Egress Peer Set configuration. |
| peersetconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peersetconfiguration | PATCH | Not applicable | array (PeerSetConfiguration) | Modifies a set of NRF Egress Peer Set configuration. |
| peermonitoringconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peermonitoringconfiguration | GET | peermonitoringconfiguration | Peer Monitoring Configuration | Retrieves the details of Egress peer monitoring configuration. |
| peermonitoringconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peermonitoringconfiguration | PUT | peermonitoringconfiguration | Peer Monitoring Configuration | Updates the details of Egress peer monitoring configuration. |
| peermonitoringconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/peermonitoringconfiguration | PATCH | peermonitoringconfiguration | Peer Monitoring Configuration | Modifies the details of Egress peer monitoring configuration. |
| sbiroutingerrorcriteriasets | {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerrorcriteriasets | GET | sbiroutingerrorcriteriasets | Error Criteria Sets | Retrieves the sbiroutingerrorcriteria configuration. |
| sbiroutingerrorcriteriasets | {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerrorcriteriasets | PUT | sbiroutingerrorcriteriasets | Error Criteria Sets | Updates the sbiroutingerrorcriteria configuration. |
| sbiroutingerrorcriteriasets | {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerrorcriteriasets | PATCH | sbiroutingerrorcriteriasets | Error Criteria Sets | Modifies the sbiroutingerrorcriteria configuration. |
| sbiroutingerroractionsets | {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerroractionsets | GET | sbiroutingerroractionsets | Error Action Sets | Retrieves the sbiroutingerroraction configuration. |
| sbiroutingerroractionsets | {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerroractionsets | PUT | sbiroutingerroractionsets | Error Action Sets | Updates the sbiroutingerroraction configuration. |
| sbiroutingerroractionsets | {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerroractionsets | PATCH | sbiroutingerroractionsets | Error Action Sets | Modifies the sbiroutingerroraction configuration. |
| routesconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/routesconfiguration | PUT | Not applicable | array (RoutesConfiguration) | Updates NRF Egress routing configuration. |
| routesconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/routesconfiguration | GET | Not applicable | array (RoutesConfiguration) | Retrieves NRF Egress routing configuration. |
| routesconfiguration | {apiRoot}/nrf/nf-common-component/v1/egw/routesconfiguration | PATCH | Not applicable | array (RoutesConfiguration) | Modifies a set of NRF Egress routing configurations. |
Table 2-4 Ingress Gateway Microservice API Interfaces
| Resource Name | Resource URI | HTTP Method | Data Model for Request | Data Model for Response | Description |
|---|---|---|---|---|---|
| errorcodeprofiles | {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeprofiles | GET | errorcodeprofiles | Error Code Profiles | Retrieves the error code configuration of the required service in the Ingress Gateway. |
| errorcodeprofiles | {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeprofiles | PUT | errorcodeprofiles | Error Code Profiles | Updates the error code configuration of the required service in the Ingress Gateway. |
| discardpolicyconfiguration | {apiRoot}/nrf/nf-common-component/v1/igw/ocdiscardpolicies | GET | discardpolicyconfiguration | Discard Policy Configuration | Retrieves the discard policy configuration of the required service in the Ingress Gateway. |
| discardpolicyconfiguration | {apiRoot}/nrf/nf-common-component/v1/igw/ocdiscardpolicies | PUT | discardpolicyconfiguration | Discard Policy Configuration | Updates the discard policy configuration of the required service in the Ingress Gateway. |
| ocpolicymapping | {apiRoot}/nrf/nf-common-component/v1/igw/ocpolicymapping | GET | ocpolicymapping | Policy Mapping Configuration | Retrieves the policy mapping value n of the required service in the Ingress Gateway. |
| ocpolicymapping | {apiRoot}/nrf/nf-common-component/v1/igw/ocpolicymapping | PUT | ocpolicymapping | Policy Mapping Configuration | Updates the policy mapping value n of the required service in the Ingress Gateway. |
| errorcodeserieslist | {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeserieslist | GET | errorcodeserieslist | Error Code Series Configuration | Retrieves the error code series configuration of the required service in the Ingress Gateway. |
| errorcodeserieslist | {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeserieslist | PUT | errorcodeserieslist | Error Code Series Configuration | Updates the error code series configuration of the required service in the Ingress Gateway. |
| routesconfiguration | {apiRoot}/nrf/nf-common-component/v1/igw/routesconfiguration | GET | Not applicable | Routes Configuration | Retrieves the routes configuration of the required service in the Ingress Gateway. |
| routesconfiguration | {apiRoot}/nrf/nf-common-component/v1/igw/routesconfiguration | PUT | routesconfiguration | Routes Configuration | Updates the routes configuration of the required service in the Ingress Gateway. |
| controlledshutdownerrormapping | {apiRoot}/nrf/nf-common-component/v1/igw/controlledshutdownerrormapping | GET | controlledshutdownerrormapping | Controlled Shutdown Error Mapping | Retrieves the mapping between the routes and the error code profile in the Ingress Gateway. |
| controlledshutdownerrormapping | {apiRoot}/nrf/nf-common-component/v1/igw/controlledshutdownerrormapping | PUT | controlledshutdownerrormapping | Controlled Shutdown Error Mapping | Updates the mapping between the routes and the error code profile in the Ingress Gateway. |
| ccaheader | {apiRoot}/nrf/nf-common-component/v1/igw/ccaheader | GET | ccaheader | CCA Header Validation | Retrieves the details stored in DB for property ccaheader in the Ingress Gateway. |
| ccaheader | {apiRoot}/nrf/nf-common-component/v1/igw/ccaheader | PUT | ccaheader | CCA Header Validation | Updates the details in DB for property ccaheader in the Ingress Gateway. |
| ccaheader | {apiRoot}/nrf/nf-common-component/v1/igw/ccaheader | PATCH | ccaheader | CCA Header Validation | Modifies the details stored in DB for property ccaheader in the Ingress Gateway. |
| podprotection | {apiRoot}/nrf/nf-common-component/v1/igw/podprotection | GET | podprotection | Pod Protection | Retrieves Ingress Gateway pod protection options configuration. |
| podprotection | {apiRoot}/nrf/nf-common-component/v1/igw/podprotection | PUT | podprotection | Pod Protection | Updates Ingress Gateway pod protection options configuration. |
| copyHeaderOnGatewayError | {apiRoot}/nrf/nf-common-component/v1/igw/copyHeaderOnGatewayError | GET | copyHeaderOnGatewayError | Copy Header on Gateway Error | Retrieves the configuration of copyHeaderOnGatewayError in Ingress Gateway. |
| copyHeaderOnGatewayError | {apiRoot}/nrf/nf-common-component/v1/igw/copyHeaderOnGatewayError | PUT | copyHeaderOnGatewayError | Copy Header on Gateway Error | Updates the configuration of copyHeaderOnGatewayError in Ingress Gateway. |
| serverheaderdetails | {apiRoot}/nrf/nf-common-component/v1/igw/serverheaderdetails | GET | serverheaderdetails | Server Header Details | Retrieves the configuration of serverheaderdetails in Ingress Gateway. |
| serverheaderdetails | {apiRoot}/nrf/nf-common-component/v1/igw/serverheaderdetails | PUT | serverheaderdetails | Server Header Details | Updates the configuration of serverheaderdetails in Ingress Gateway. |
| congestionConfig | {apiRoot}/nrf/nf-common-component/v1/igw/congestionConfig | GET | congestionConfig | Congestion Level Configuration | Retrieves the configured congestion in Ingress Gateway. |
| congestionConfig | {apiRoot}/nrf/nf-common-component/v1/igw/congestionConfig | PUT | congestionConfig | Congestion Level Configuration | Updates the configured congestion in Ingress Gateway. |
| podProtectionByRateLimiting | {apiRoot}/nrf/nf-common-component/v1/igw/podProtectionByRateLimiting | GET | podProtectionByRateLimiting | PodProtection By Rate Limiting in Ingress Gateway | Retrieves the pod protection by rate limiting in Ingress Gateway. |
| podProtectionByRateLimiting | {apiRoot}/nrf/nf-common-component/v1/igw/podProtectionByRateLimiting | PUT | podProtectionByRateLimiting | PodProtection By Rate Limiting in Ingress Gateway | Updates the pod protection by rate limiting in Ingress Gateway. |
Table 2-5 Alternate Route Microservice API Interfaces
| Resource Name | Resource URI | HTTP Method | Data Model for Request | Data Model for Response | Description |
|---|---|---|---|---|---|
| upstreamdnsconfig | {apiRoot}/nrf/nf-common-component/v1/altRoute/upstreamdnsconfig | GET | upstreamdnsconfig | Upstream DNS Configuration | Retrieves the configuration of upstream DNS in Alternate Route Service. |
| upstreamdnsconfig | {apiRoot}/nrf/nf-common-component/v1/altRoute/upstreamdnsconfig | PUT | upstreamdnsconfig | Upstream DNS Configuration | Updates the configuration of upstream DNS in Alternate Route Service. |
2.2.1 Responses Supported by Service API Interfaces
Table 2-6 Response Body
| Data Type | Presence | Cardinality | Response Codes | Description |
|---|---|---|---|---|
| ProblemDetails | C | 1 | 500 Internal Server Error | Internal error occurred while processing the service API. |
| ProblemDetails | C | 1 | 400 Bad Request | JSON body sent by the client is not correct according to the data model defined. |
| As per Data Model Defined | C | 1 | 200 OK | Response body contains all the stored values from NRF. |
2.2.2 Common Data Types
Common data types
Table 2-7 Common Data Types
| DataType | Reference |
|---|---|
| NFType | 3GPP TS 29.510 |
| NFServiceVersion | 3GPP TS 29.510 |
| UriScheme | 3GPP TS 29.510 |
| Fqdn | 3GPP TS 29.510 |
| Ipv6Addr | 3GPP TS 29.571 |
| Ipv4Addr | 3GPP TS 29.571 |
| Ipv4AddressRange | 3GPP TS 29.510 |
| PlmnId | 3GPP TS 29.571 |
| Uri | 3GPP TS 29.571 |
| IpEndPoint | 3GPP TS 29.510 |
| NFType | 3GPP TS 29.510 |
| ProblemDetails | 3GPP TS 29.571 |
Table 2-8 NfConfig
| Attribute | DataType | Presence | Description |
|---|---|---|---|
| apiVersions | array (NFServiceVersion) | M | API Version of NF |
| scheme | UriScheme | M | URI schema supported by NF |
| host | string | M | Host of NF |
| port | integer | O |
Port of NF Default value: 80, if the scheme is HTTP 443, if the scheme is HTTPS |
| apiPrefix | string | O | ApiPrefix |
| priority | integer | M | Priority of NF |
| nfInstanceId | string | M | NF Instance Id of NF |
Table 2-9 ErrorInfo
| Attribute | DataType | Presence | Description |
|---|---|---|---|
| errorCondition | ErrorCondition | ReadOnly | Error Conditions for each configuration. See specific configuration sections for error conditions. |
| responseCode | integer | M | This response code is used when the corresponding error condition occurs. |
| errorResponse | string | M | This response description is used when the corresponding error condition occurs. |
| retryAfter | string | C |
The attribute indicates the time interval after which the NF retry the request. retryAfter header is added only for responseCodes - 503, 413, 429, 3xx. The value is in pHqMrS format. Where p,q,r are integers and H,M,S or h,m,s denote hours, minutes & seconds respectively. Range: 60s-1h Default Value: 5m |
| redirectUrl | string | C |
The attribute indicates the NF to redirect its request to this URI. Location header in redirectUrl is added only for responseCodes - 3xx. redirectUrl must be in URI format. It is mandatory to configure redirectUrl when responseCode is configured. |
Table 2-10 ResponseHttpStatusCodes
| Attribute | DataType | Description |
|---|---|---|
| pattern | string |
It is a regular expression that provides a mechanism to select specific strings from a set of character strings. Sample: "pattern":"^[3,5][0-9]{2}$" |
| codeList | array (integer) | It contains a list of HTTP response status
codes.
Sample: "codeList": [404,400] |
Note:
Either pattern or codeList must be present.Table 2-11 ScreeningRulesResult
| Attribute name | DataType | Presence | Cardinality | Description |
|---|---|---|---|---|
| nfScreeningRulesList | array (NfScreeningRules) | M | 0..N | It contains an array of NF Screening Rules List. An empty array means NF Screening list is not configured. |
2.3 General Options
This section provides REST API configuration parameter details to configure NRF general options.
URI: {apiRoot}/nrf-configuration/v1/generalOptions
Method: PUT and GET
- PUT: Updates NRF general options configuration.
- GET: Retrieves NRF general options configuration.
Content Type: application/json
Body:
{
"nrfPlmnList": [{
"mcc": "310",
"mnc": "14"
}],
"ocnrfHost": "ocnrf-ingressgateway.ocnrf.svc.cluster.local",
"ocnrfPort": 80,
"ocnrfScheme": "http",
"enableF3": true,
"enableF5": true,
"maximumHopCount": 3,
"defaultLoad": 5,
"defaultPriority": 100,
"defaultPriorityAssignment": false,
"defaultLoadAssignment": false,
"add3gppSbiCorrelationInfoHeader": "ENABLED",
"ocnrfUserAgentHeader": ""
}Configuration Attributes
Note:
- If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.
- nrfPlmnList, ocnrfHost, and ocnrfPort are mandatory values that must be configured before using NRF.
Table 2-12 Configuration Attributes for GeneralOptions
| Parameter | Description | Details |
|---|---|---|
nrfPlmnList |
This value contains at least one PLMN supported by NRF, and this value must be set before using NRF. | DataType: array (PlmnId)
Constraints: NA Default Value: See PLMN ID. |
ocnrfHost |
ocnrfHost needs to be NRF's external routable FQDN
(for example, ocnrf.oracle.com) OR external routable IpAddress (for
example, 10.75.212.60) OR for routing within the same Kubernetes
cluster use full NRF
Ingress Gateway's Service FQDN as below format:
helm-releasename: the helm release name (deployment name that will be used during "helm install"). namespace: the namespace in which NRF is deployed. cluster-domainname: the Kubernetes dnsDomain name
(dnsDomain can be found using Note: The value of this attribute can be FQDN, IPv4 or IPv6. |
DataType: string
Constraints: None Default Value: ocnrf-ingressgateway.ocnrf.svc.cluster.local |
ocnrfPort |
Indicates the NRF Host's Port | DataType: integer
Constraints: None Default Value: 80 |
ocnrfScheme |
Indicates the NRF Host's Scheme | DataType: string
Constraints: http or https Default Value: http |
enableF3 |
Indicates the specification to which NRF is compliant. If this flag
is set to true, NRF functions as per 3GPP TS
29510 v15.3 specification. If it is set to false, NRF functions as per 3GPP TS
29510 v15.2.
|
DataType: boolean
Constraints: true or false Default Value: true |
enableF5 |
Indicates the specification to which NRF is compliant. If this flag
is set to true, NRF functions as per 3GPP TS
29510 v15.5 specification. If it is set to false, NRF functions as per 3GPP TS
29510 v15.2 or v15.3 specification (depends on enableF3
flag).
|
DataType: boolean
Constraints: true or false Default Value: true |
defaultLoad |
defaultLoad value is set in NF load attribute of
NFProfile, if defaultLoadAssignment attribute is
set to true. In case NFProfile does not have load
attribute, this value is sent in NFDiscover response and NFProfile
in NFNotify operation.
|
DataType: integer
Constraints: 0 - 100 Default Value: 5 |
defaultLoadAssignment |
If NFProfile does not have load attribute, value of
default NF load is set in NF Load attribute of NFProfile while
sending the NFDiscover response and NFProfile sent in NFNotify
operation.
If the value of the
For more information, about the inheritance logic, see "NFService Priority Update" in Oracle Communications Cloud Native Core, Network Repository Function User Guide. |
DataType: boolean
Constraints: true or false Default Value: false |
defaultPriority |
This attribute is default value of NF Priority and
will be used if NFProfile does not have priority attribute set by
NF. This attribute value is set in NF Priority of NFProfile, if
defaultPriorityAssignment attribute is set to
true.
|
DataType: integer
Constraints: 0 - 65535 Default Value: 100 |
defaultPriorityAssignment |
If NFProfile does not have the priority attribute,
the value of default NF Priority is set in NF Priority attribute of
NFProfile while sending the NFDiscover response and NFProfile sent
in NFNotify operation.
If the value of
the
For more information, about the inheritance logic, see "NFService Priority Update" in Oracle Communications Cloud Native Core, Network Repository Function User Guide. |
DataType: boolean
Constraints: true or false Default Value: false |
maximumHopCount |
Indicates the maximum number of nodes with which
NRF
can communicate for providing service for a request.
Note:
The value of this parameter must be greater than the value
configured for the |
DataType: integer
Constraints: 1 - 5 Default Value: 3 |
add3gppSbiCorrelationInfoHeader |
This attribute indicates whether the
3gpp-Sbi-Correlation-Info can be added to the
request. If this flag is set to ENABLED, then
3gpp-Sbi-Correlation-Info header is added, if
not present. This configuration is applicable to NFDiscover service
operation only and when 3gpp-Sbi-Correlation-Info header is not
coming in the in-coming NF Discover service operation request. Along
with populate 3gpp-Sbi-Correlation-Info header if not present, value
is decided using SUPI and GPSI attributes only from NFDiscover
query.
|
DataType: String Constraints: ENABLED/DISABLED Default Value: ENABLED |
ocnrfUserAgentHeader |
This attribute indicates the value of the User-Agent header that is added to the outgoing requests for SLF query and NFStatusNotify. The recommended value starts with NRF followed by -<operator specific string/value> Few examples, NRF-<NrfInstanceId>, For example: NRF-4947a69a-f61b-4bc1-b9da-47c9c5d14b64 NRF-< FQDN>, For example: NRF-nrf05.testnetwork.org NRF-<NrfInstanceId> < FQDN>, For example: NRF-4947a69a-f61b-4bc1-b9da-47c9c5d14b64 nrf05.testnetwork.org Note:
|
Data Type: String Constraints: The length of the value can be 1-300 characters. Default Value: Empty String |
Table 2-13 PLMN ID
| Parameter | Description | Details |
|---|---|---|
mcc |
Provides unique Mobile Country Code (MCC). | Data Type: string
Default: 310 |
mnc |
Provides unique Mobile Network Code (MNC). | Data Type: string
Default: 14 |
Note:
For more information on the parameters, see Configuration Attributes for GeneralOptions.2.4 NF Management Options
This section provides REST API configuration parameter details to configure NRF management options.
URI: {apiRoot}/nrf-configuration/v1/nfManagementOptions
Method: PUT and GET
- PUT: Updates NRF Management options configuration.
- GET: Retrieves NRF Management options configuration.
Content Type: application/json
Body:
{
"nfHeartbeatTimers": [
{
"nfType": "ALL_NF_TYPE",
"minHbTimer": "30s",
"maxHbTimer": "5m",
"defaultHbTimer": "30s",
"nfHeartbeatMissAllowed": 3
}
],
"nfNotifyLoadThreshold": 5,
"nrfSupportForProfileChangesInResponse": true,
"defaultSubscriptionValidityTime": "24h",
"nrfSupportForProfileChangesInNotification": false,
"nfProfileSuspendDuration": "168h",
"errorResponseCodeForServiceUnavailable": 503,
"retryAfter": 10,
"acceptAdditionalAttributes": false,
"allowDuplicateSubscriptions": true,
"nfProfileLimit": {
"featureStatus": "DISABLED",
"nfProfileSizeLimit": [
{
"nfType": "ALL_NF_TYPE",
"maxSize": 12000
}
],
"errorResponses": [
{
"errorCondition": "Nf_Profile_Size_Limit_Breached",
"responseCode": 413,
"errorCause": "UNSPECIFIED_MSG_FAILURE",
"errorResponse": "NF Profile Size Limit Breached",
"retryAfter": "5m",
"redirectUrl": ""
}
]
},
"subscriptionLimit": {
"featureStatus": "DISABLED",
"globalMaxLimit": 850,
"rejectSubscriptionRenewalWhenLimitBreached": "ENABLED",
"errorResponses": [
{
"errorCondition": "Subscription_Global_Limit_Breached",
"responseCode": 500,
"errorCause": "INSUFFICIENT_RESOURCES",
"errorResponse": "Subscription global limit breached",
"retryAfter": "5m",
"redirectUrl": ""
}
],
"limitThresholds": [
{
"level": "WARN",
"onset": 50,
"abatement": 45
},
{
"level": "MINOR",
"onset": 60,
"abatement": 55
},
{
"level": "MAJOR",
"onset": 70,
"abatement": 65
},
{
"level": "CRITICAL",
"onset": 90,
"abatement": 75
}
]
},
"requestRetryDetails": {
"featureStatus": "DISABLED",
"retryCount": 3,
"requestTimeout": 3000,
"errorResponseCodeList": [
"408",
"409",
"5xx"
],
"exceptionResponseList": [
"java.util.concurrent.TimeoutException",
"java.net.ConnectException"
]
}
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-14 nfManagementOptions
| Parameter | Description | Details |
|---|---|---|
nfHeartbeatTimers |
This attribute is used to configure the heartbeat related information of the NF. It allows configuring the heartbeat information per NFType. By default, |
Data Type: array (HeartbeatInfo) Constraints: See HeartbeatInfo table for details. Default Value: NA |
nfNotifyLoadThreshold |
NRF generates the notification trigger when the difference
between the last notified load value and the current reported load
value is equal or greater than the configured value of
nfNotifyloadThreshold attribute.
Note:
|
Data Type: integer Constraints: 0 - 99 Default Value: 5 |
nrfSupportForProfileChangesInResponse |
When this flag is set to true and the nfProfile
contains nfProfileChangesSupportInd set to true,
NRFwill send only the changed attributes in the nfProfile in the
response.
When this value is set to false, the complete nfProfile will be sent in the response. |
Data Type: boolean Constraints: true or false Default Value: true |
defaultSubscriptionValidityTime |
If the ValidityTime attribute is not received in SubscriptionData during NFStatusSubscribe, this default value is used for the calculation of validity time (current time + default duration). If the ValidityTime attribute is received in SubscriptionData during NFStatusSubscribe, this is the minimum value that is used for validation and limits purposes. It means, if the value provided is less than (current time + minimum possible range value), then the minimum range value is considered as validity time for subscription. Similarly, in case the validity time is more than (current time + maximum possible range value), then the maximum range value is considered as validity time for subscription. The value is in pHqMrS format, where p, q, r are integers and H, M, S or h, m, s denotes hours, minutes, and seconds respectively. |
Data Type: string Constraints: 10s - 720h Default Value: 24h |
nrfSupportForProfileChangesInNotification |
NRF sends profileChanges attribute instead of NFProfile in the notification if this flag is set to true. |
Data Type: boolean Constraints: true or false Default Value: false |
nfProfileSuspendDuration |
Indicates the duration for which the NF is suspended,
before it is deleted from the NRF database.
The value is in pHqMrS format, where p, q, r are integers and H, M, S or h, m, s denotes hours, minutes, and seconds respectively. |
Data Type: string Constraints: 10s - 744h Default Value: 168h |
acceptAdditionalAttributes |
NRF preserves additional attributes that are not defined by 3GPP in NFProfile or NFService based on this attribute value. |
Data Type: boolean Constraints: true or false Default Value: false |
allowDuplicateSubscriptions |
This attribute specifies if NRF allows creation of duplicate subscriptions.
Note: If the value of
|
Data Type: boolean Constraints: true or false Default Value: true |
requestRetryDetails |
This attribute configuration indicates the
NfStatusNotify service operation request retry.
After NRF upgrade from 22.2.x to 22.3.x, if
you are enabling notification retry feature,
|
Data Type: array (Table 2-19) Constraints: See Table 2-19 table for details. Default Value: NA |
subscriptionLimit |
To configure Subscription Limit feature in NfManagementOptions. For more information, see Subscription Limit. |
Data Type: array (Subscription Limit) Constraints: See Subscription Limit table for details. Default Value: NA |
nfProfileLimit |
This attribute is used to configure the maximum size of a NF Profile. |
Data Type: object (Table 2-16) Constraints: See Table 2-16 table for details. Default Value: NA |
HeartbeatInfo
Table 2-15 HeartbeatInfo
| Attribute | Description | Details |
|---|---|---|
nfType |
All nftypes supported in 3GPP TS 29.510 Release 15.5 and Release 16.0. In addition to this, ALL_NF_TYPE and CUSTOM_NF_TYPE is also supported. ALL_NF_TYPE is the NF Type to be used to specify the default configuration that is to be used when nfType specific configuration is not present. Notes:
|
Data Type: string
Constraints: NFType Default Value: ALL_NF_TYPE |
minHbTimer |
The minimum Heartbeat Timer allowed for the NF.
The value is in pHqMrS format, where p,q,r are integers and H,M,S or h,m,s denotes hours, minutes, and seconds respectively. |
Data Type: string
Constraints: 10s-24h Default Value: 30s |
maxHbTimer |
The maximum Heartbeat Timer allowed for the NF.
The value is in pHqMrS format, where p, q, r are integers and H, M, S or h, m, s denotes hours, minutes, and seconds respectively. |
Data Type: string
Constraints: 10s-24h Default Value: 5m |
defaultHbTimer |
This default Heartbeat Timer value is used when the
network functions do not provide the Heartbeat Timer value in
NFProfile.
The value is in pHqMrS format, where p, q, r are integers and H, M, S or h, m, s denotes hours, minutes, and seconds respectively. |
Data Type: string
Constraints: minHbTimer and maxHbTimer attributes Default Value: 30s |
nfHeartbeatMissAllowed |
The allowed number of missed HeartBeat(s) after which the NFProfile is marked as suspended. If the value is set to 0, NF profiles for which even single heartbeat is missed will be marked as suspended. |
Data Type: integer
Constraints: 0-15 Default Value: 3 |
Table 2-16 NF Profile Limit
| Attribute | Description | Details |
|---|---|---|
featureStatus |
This attribute indicates if the NF Profile size limiting feature is enabled or not. If the value is set as ENABLED, NF Profile size trying to register or update can be limited. If the value is set as DISABLED, NF Profile size trying to register or update cannot be limited. |
Data Type: string Constraints: ENABLED or DISABLED Default Value: DISABLED |
nfProfileSizeLimit |
This attribute lists the entries for different NF types with the maximum profile size limit defined for that NF type. |
Data Type: array (NF Profile Size Limit) Constraints: See Table 2-17 table for details. Default Value: NA |
errorResponses |
Indicates the error response that is generated when a registration request is rejected. For more information, see Table 2-19Table 2-18. | Data Type: array list
Constraints: NA Default Value: NA |
Table 2-17 NF Profile Size Limit
| Attribute | Description | Details |
|---|---|---|
nfType |
All nftypes supported in 3GPP TS 29.510 Release 15.5 and Release 16.0. In addition to this, ALL_NF_TYPE and CUSTOM_NF_TYPE is also supported. This attribute indicates the NF type for which the profile size should be limited. Note:
|
Data Type: string Constraints: <NF_Type>, ALL_NF_TYPE, CUSTOM_NF_TYPE Default Value: ALL_NF_TYPE |
maxSize |
This attribute indicates the maximum allowed size of NF Profile being registered or updated in bytes. If the value is set as 0, then there is no restriction in the maximum size of the NF Profile. NRF allows the NF Profiles as received from the Consumer NF to the database. |
Data Type: integer Constraints: 0 -15000 B Default Value: 12000 B Unit: Bytes |
Table 2-18 PreLoaded records for errorResponses - Max NF profile size
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
Nf_Profile_Size_Limit_Breached |
413 |
UNSPECIFIED_MSG_FAILURE |
"NF Profile Size Limit Breached" |
5m | "" |
Table 2-19 RequestRetryProfile
| Attribute | Description | Details |
|---|---|---|
featureStatus |
This flag enables or disables the NfStatusNotify service operation request retry. If any attribute is null in request body, then the previously saved values are retained and considered. If featureStatus value is ENABLED, errorResponseCodeList and exceptionResponseList cannot be simultaneously null, either of the list must be present. If featureStatus value is ENABLED, value of the
However, if featureStatus value is DISABLED, both errorResponseCodeList and exceptionResponseList can be simultaneously empty. featureStatus value cannot be ENABLED, if both errorResponseCodeList and exceptionResponseList are null. |
Data Type: string
Constraints: ENABLED or DISABLED Default Value: DISABLED |
retryCount |
The number of retries that happens at Egress Gateway upon the following scenarios:
|
DataType: integer
Constraints: 1 - 5 Default Value: 3 |
requestTimeout |
This configuration decides the request timeout if response from notification callback server is not received. Note: a. The value here corresponds in milliseconds. b. Upon requestTimeout value elapsed for unsuccessful outbound request, retry will happen depending upon java.util.concurrent.TimeoutException configured in the exceptionResponseList attribute. |
DataType: integer
Constraints: 100 - 5000 Default Value: 3000 Unit: milliseconds |
errorResponseCodeList |
This configuration is the list of HTTP error codes that are authorized for retry. In case of the 4xx, 5xx Response Error Codes from the notification callback server, the HTTP status codes from error response are matched with this configuration. |
DataType: array(string)
Constraints: maximum 10 values can be configured Default Value: ["408","409","5xx"] |
exceptionResponseList |
This configuration is the list of exceptions that are authorized for retry. Below is the set of possible exceptions:
|
DataType: array(string)
Constraints: maximum 10 exceptions can be configured Default Value: [java.util.concurrent.TimeoutException,java.net.ConnectException] |
Subscription Limit
Table 2-20 Subscription Limit
| Attribute | Description | Details |
|---|---|---|
featureStatus |
This attribute is used to enable or disable the Subscription Limit feature. | DataType: string
Constraints: ENABLED or DISABLED Default Value: DISABLED |
globalMaxLimit |
This attribute is used to set the maximum number of subscriptions allowed for the NRF. Note: The value of this attribute must be same across all georedundant sites. |
DataType: integer
Constraints: 0 to 1000 Default Value: 850 |
rejectSubscriptionRenewalWhenLimitBreached |
This flag is used to indicate whether Subscription Renewal is allowed when the Global Subscription limit is breached. | DataType: string
Constraints: ENABLED or DISABLED Default Value: ENABLED |
limitThresholds |
This attribute is used to configure the subscription limit thresholds for which alerts are raised. Note: Duplicate level name is not allowed in limitThresholds. For more information, see Limit Threshold. |
DataType: array list
Constraints: NA Default Value: NA |
errorResponses |
Indicates the error response that is generated when
a subscription request is rejected.
For more information, see Table 2-23. |
DataType: array list
Constraints: NA Default Value: NA |
Table 2-21 Limit Threshold
| Attributes | Description | Details |
|---|---|---|
level |
This attribute indicates the name of the level.
For more information about the onset and abatement values, see Table 2-22. Note: Duplicate level name is not allowed. |
DataType: string
Constraints: NA Default Value: NA |
onset |
This attribute describes onset value in percentage. | DataType: integer
Constraints: NA Default Value: NA |
abatement |
This attribute describes abatement value in percentage. | DataType: integer
Constraints: NA Default Value: NA |
Table 2-22 Onset and abatement at different level
| Level | Onset | Abatement |
|---|---|---|
| WARN | 50 | 45 |
| MINOR | 60 | 55 |
| MAJOR | 70 | 65 |
| CRITICAL | 90 | 75 |
Table 2-23 PreLoaded records for errorResponses
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
| Subscription_Global_Limit_Breached | 500 | Subscription global limit breached | "INSUFFICIENT_RESOURCES" | 5m | "" |
Sample cURL Command
curl -X 'GET' \
'{apiRoot}/nrf-configuration/v1/nfManagementOptions' \
-H 'accept: application/json'2.5 NF Discovery Options
This section provides REST API configuration parameter details to configure NRF discovery options.
URI: {apiRoot}/nrf-configuration/v1/nfDiscoveryOptions
Method: PUT and GET
- PUT: Updates NRF discovery options configuration
- GET: Retrieves NRF discovery options configuration
Content Type: application/json
Body:
{
"profilesCountInDiscoveryResponse": 3,
"discoveryResultLoadThreshold": 0,
"servicePriorityUpdateFeatureStatus": "DISABLED"
"discoveryValidityPeriodCfg":
[
{
"nfType":"ALL_NF_TYPE",
"validityPeriod":"1h",
"emptyListValidityPeriod":"30s"
},
{
"nfType":"AMF",
"validityPeriod":"1h",
"emptyListValidityPeriod":"20s"
}
],
"emptyDiscoveryResponseConfig":{
"emptyListFeatureStatus": "DISABLED",
"emptyListConfig": [
{
"nfType": "AMF",
"featureStatus": "DISABLED"
},
{
"nfType": "SMF",
"featureStatus": "ENABLED"
}]
},
"extendedPreferredLocality": {
"featureStatus": "DISABLED",
"locationTypes": ["SAP", "NEC", "Category-x","Category-y","Category-xy"],
"locationTypeMapping": [{
"nfType": "PCF",
"nfServices": ["am_policy", "bdt_policy"],
"locationType": "Category-x"
},
{
"nfType": "PCF",
"nfServices": ["sm_policy"],
"locationType": "Category-y"
},
{
"nfType": "PCF",
"nfServices": ["*"],
"locationType": "Category-xy"
},
{
"nfType": "AMF",
"nfServices": ["*"],
"locationType": "SAP"
}
],
"preferredLocationDetails": [{
"preferredLocation": "Azusa",
"targetLocationType": "Category-x",
"maxNFProfilesFromFirstMatchLoc": 0,
"targetPreferredLocations": [{
"priority": 1,
"location": "Azusa"
}, {
"priority": 2,
"location": "Vista"
}, {
"priority": 3,
"location": "Ohio"
}]
},
{
"preferredLocation": "Azusa",
"targetLocationType": "Category-y",
"maxNFProfilesFromFirstMatchLoc": 0,
"targetPreferredLocations": [{
"priority": 1,
"location": "RKL"
}, {
"priority": 2,
"location": "CSP"
}, {
"priority": 3,
"location": "West-Region-Edge-Set01"
}]
}
],
"locationSets": [
{
"locationSetName": "West-Region-Edge-Set01",
"locations": ["London", "New York"]
}
]
}
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while it is being updated, the existing value in its database is preserved and used. At least one attribute is included during the PUT request.Table 2-24 nfDiscoveryOptions
| Attribute Name | Description | |
|---|---|---|
profilesCountInDiscoveryResponse |
This value restricts NF profile count in the
NFDiscover response.
If the value of this attribute is 0, it means this functionality is disabled, and all the NF profiles after the discovery filtering are returned in the NFDiscover response. Note: This attribute is not considered if the Limit attribute is present in SearchData URI. |
DataType: integer
Constraints: 0 to 20 Default Value: 3 |
discoveryResultLoadThreshold |
NFDiscover response contains NF profiles with load attribute value less than or equal to this configured value. In case there are no NF profiles matching this criteria, then the NF profiles with load greater than the configured value are included in the response. If service-names attribute is present in the discovery query and the NF profile has only one NF service instance and that NF service load value is non-null, then that load value is considered. If it is non-null, the NF profile load value is considered. Now the considered load value, if is non-null and has value greater than the load threshold value, then that NF Profile gets filtered out. Value 0 indicates this feature is disabled. |
DataType: integer
Constraints: 0 to 100 Default Value: 0 |
servicePriorityUpdateFeatureStatus |
This attribute determines if the NFService Priority Update feature is enabled or disabled. If this feature flag is ENABLED, NRF updates the NFService level priority along with the NFProfile level priority while processing the discovery query. If this feature flag is DISABLED, NRF does not update the NFService level priority along with the NFProfile level priority while processing the discovery query. |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
discoveryValidityPeriodCfg |
This attribute mentions the validity period of a discovery request for a specific target-nf-type. The NF that sent the discovery request must perform a discovery action again to get the latest values. By default, the validityPeriod information for ALL_NF_TYPE is present. |
DataType: array (DiscoveryValidityPeriodCfg)
Constraints: See DiscoveryValidityPeriodCfg table for details. Default Value: NA |
emptyDiscoveryResponseConfig |
This attribute provides the configuration for the EmptyList feature. |
DataType: List <Table 2-25> Default Value: Empty array |
extendedPreferredLocality |
This attribute is used for the Extended Preferred Locality feature. | DataType: array (ExtendedPreferredLocality)
Constraints: See ExtendedPreferredLocality table for details. Default Value: NA |
Table 2-25 emptyDiscoveryResponseConfig
| Parameter | Description | Details |
|---|---|---|
emptyListFeatureStatus |
This attribute defines if the empty list feature is enabled. If the value is set to ENABLED, then NRF checks if the
particular target-nf-type is configured in
If the value is set to DISABLED, then NRF does not send any Producer NF profile in the response. |
DataType: string Constraints: ENABLED or DISABLED Default Value: DISABLED |
emptyListConfig |
This attribute lists the configuration for the EmptyList feature for a specific NF type. |
DataType: List <emptyListConfig> Default Value: Empty array |
Table 2-26 emptyListConfig
| Parameter | Description | Details |
|---|---|---|
nfType |
This attribute indicates the NF type of a particular
Network Function. This value is matched with the target-nf-type in
the Discovery Query. In addition to this, CUSTOM_<NFType> is
also supported.
Note: CUSTOM_<NFType> is the NFType used to specify the configuration for custom NF types. |
DataType: NFType Constraints: Valid NFType Default Value: NA |
featureStatus |
This attribute describes the status of a particular nfType. If the value is set to ENABLED, NRF sends a discovery
response with a new validity period as mentioned in
If the value is set to DISABLED, NRF sends an empty response. Note: When |
DataType: string Constraints: ENABLED or DISABLED Default Value: DISABLED |
Table 2-27 ExtendedPreferredLocality
| Attribute | Description | Details |
|---|---|---|
featureStatus |
This decides extendedPreferredLocality feature is enabled or not. locationTypes, locationTypeMapping, and preferredLocationDetails are configured before or during enabling the feature. |
DataType: string
Constraints: ENABLED and DISABLED Default Value: DISABLED |
locationTypes |
This attribute decides different location types.
|
DataType: array (string)
Constraints: NA Default Value: Empty array |
locationTypeMapping |
This attribute specifies which NF Type (along with NF
services) is mapped to which Location Type.
See LocationTypeMapping table for details. |
DataType: array (LocationTypeMapping)
Constraints: Maximum 100 locationTypeMapping values can be configured. Default Value: Empty array |
preferredLocationDetails |
This attribute specifies the preferred location (derived from discovery search query) and locationType from locationTypeMapping attribute maps to extended preferred location(s). See PreferredLocationDetails table for details. | DataType: array (PreferredLocationDetails)
Constraints: Maximum 650 preferredLocationDetails values can be configured. Default Value: Empty array |
locationSets |
This attribute specifies a set of locations that
define the preferred locality for NfDiscovery.
See locationSets table for details. |
DataType: array (locationSets)
Constraints: Maximum of 255 location sets can be configured. Default Value: Empty array |
Table 2-28 LocationTypeMapping
| Attribute | Description | Details |
|---|---|---|
nfType |
This attribute indicates the NF type of a particular Network Function. This value is derived from the target-nf-type of Discovery Search query. | DataType: string
Constraints: It can be any one of 3GPP defined ones or values starting with CUSTOM_ Default Value: NA Presence: M |
nfServices |
This attribute indicates the NF Services that belong to the Network Function. | DataType: array (string)
Constraints:
Default Value: NA Presence: M |
locationType |
This attribute indicates the location type to which NF is mapped. | DataType: string
Constraints: It is one of locationTypes attributes. Default Value: NA Presence: M |
Table 2-29 PreferredLocationDetails
| Attribute | Description | Details |
|---|---|---|
preferredLocation |
This value is matched with preferredLocation from consumer NF in Discovery Search Query. | DataType: string
Constraints: NA Default Value: NA Presence: M |
targetLocationType |
This value is derived from the mapped locationType attribute value of the LocationTypeMapping table. | DataType: string
Constraints: This value is one of the configured in locationTypes attributes. Default Value: NA Presence: M |
maxNFProfilesFromFirstMatchLoc |
This attribute is used to configure the maximum
number of NF profiles that can be selected from the first matching
location from the targetPreferredLocations.
It is recommended to have the value of this
configuration to be less than or equal to
Note:
|
DataType: integer
Constraints: 0-20 Default Value: NA Presence: M . If the value of this attribute is 0, the feature is disabled. |
targetPreferredLocations |
The preferred locations are configured by the
operator for particular preferredLocation and
targetLocationType.
See TargetPreferredLocations table for details. |
DataType: string
Constraints: There can be minimum 1 and maximum 3 TargetPreferredLocations in this list. Default Value: NA Presence: M |
Table 2-30 TargetPreferredLocations
| Attribute | Description | Details |
|---|---|---|
priority |
Indicates the priority of PreferredLocation. | DataType: integer
Constraints: Duplicate priority is not allowed. Default Value: NA Presence: M |
location |
The operator can configure the location or set of locations. In case of location set, configure locationSet. | DataType: string
Constraints: Location can be same as preferredLocation mentioned in PreferredLocationDetails. Default Value: NA Presence: M |
Table 2-31 DiscoveryValidityPeriodCfg
| Attribute | Description | Details |
|---|---|---|
nfType |
This indicates all the nfTypes that are supported in
3GPP TS 29.510 Rel 16.3.0.
In addition to this, ALL_NF_TYPE and CUSTOM_<NFType> are also supported. ALL_NF_TYPE is the NF Type used to specify the default configuration that is to be used when nfType specific configuration is not present. Notes:
|
DataType: NfType Cardinality: 0..1 Default Value: NA |
validityPeriod |
This attribute mentions the validity period of a
discovery request of a specific target-nf-type after which requester
NF must perform discovery again to get the latest values.
The value is in pHqMrS format, where p, q, r are integers and H, M, S or h, m, s denote hours, minutes, and seconds respectively. |
DataType: string Range: 0s to 720h Default Value: NA |
emptyListValidityPeriod |
This attribute mentions the validity period for an empty list response of a discovery request of a specific target-nf-type. This value is sent as
In case the specific nfType is not configured, then
Upon expiry of the
The value is in pHqMrS format, where p, q, r are integers and H, M, S or h, m, s denote hours, minutes, and seconds respectively. |
DataType: string Range: 0s to 720h Default Value: NA |
Table 2-32 locationSets
| Attribute Name | Description | Details |
|---|---|---|
locationSetName |
An identifier to distinguish among other locations. It must be alphanumeric and allows only - and _ as special characters. Note: It is recommended to append Set
as a keyword for every |
DataType: string
Constraints: 0 or 1 The length of the location name can be in the range of 5 to 100 characters. Default Value: NA Presence: M |
locations |
Set of unique locations, where location is of type string. | DataType: list (String)
Constraints: 0 to 10 Default Value: NA Presence: M |
Table 2-33 NfTypeValidityPeriod Loaded Data
| Attribute | Default Loaded Value |
|---|---|
nfType |
ALL_NF_TYPE |
validityPeriod |
1h |
emptyListValidityPeriod |
30s |
2.6 NF Access Token Options
This section provides REST API configuration parameter details to configure NRF Access Token options.
URI: {apiRoot}/nrf-configuration/v1/nfAccessTokenOptions
Method: PUT and GET
- PUT: Updates NRF Access Token options configuration.
- GET: Retrieves NRF Access Token options configuration.
Content Type: application/json
Body:
{
"oauthTokenExpiryTime": "1h",
"authorizeRequesterNf": "ENABLED",
"logicalOperatorForScope": "AND",
"audienceType": "NF_INSTANCE_ID",
"authFeatureConfig": {
"featureStatus": "DISABLED",
"authRulesConfig": [
{
"targetNfType":"PCF",
"requesterNfType":"AMF",
"serviceNames":[
"npcf-am-policy-control",
"npcf-eventexposure"
]
},
{
"targetNfType":"UDM",
"requesterNfType":"AMF",
"serviceNames":[
"*"
]
}
],
"errorResponses": [{
"errorCondition": "RequesterNf_Unauthorized",
"responseCode": 400,
"errorResponse": "The Consumer NfType is not authorized to receive access token for the requested Nftype.",
"errorCause": "UNSPECIFIED_MSG_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}]
},
"tokenSigningDetails": {
"currentKeyID": "a14ef8e1bc5c",
"addkeyIDInAccessToken": true,
"oauthTokenIssuerId": "6faf1bbc-6e4a-4454-a507-a14ef8e1bc5c",
"defaultK8SecretDetails": {
"k8SecretName": "ocnrf",
"k8SecretNameSpace": "ocnrf"
},
"keyDetailsList": [
{
"keyID": "a14ef8e1bc5c",
"algorithm": "ES256",
"privateKey": {
"k8SecretName": "ocnrf",
"k8SecretNameSpace": "ocnrf",
"fileName": "ec_private_key_pkcs8.pem"
},
"certificate": {
"k8SecretName": "ocnrf",
"k8SecretNameSpace": "ocnrf",
"fileName": "ecdsa_ocnrfapigatewayTestCA.cer"
}
}
]
},
"errorResponses": [
{
"errorCondition": "Invalid_Key_Details",
"responseCode": 500,
"errorResponse": "Configured Key ID details are invalid and cannot be used",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
},
{
"errorCondition": "Current_Key_Id_Not_Configured",
"responseCode": 500,
"errorResponse": "Current Key ID is not configured",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}
]
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-34 nfAccessTokenOptions
| Attribute Name | Description | Details |
|---|---|---|
oauthTokenExpiryTime |
Oauth token expiry time. The value is in pHqMrS
format, where p,q,r are integers and H,M,S or h,m,s denotes hours,
minutes and seconds respectively.
Note: In case NRF signed certificate expiry duration is less than this attribute, then certificate expiry duration is used in Access Token Expiry Time. |
DataType: string
Constraints: 1s - 168h Default Value: 1h |
authorizeRequesterNf |
This attribute validates the requester NF is registered with NRF or not. NRF issues the access token only to the registered requester NFs. If NF is registered, then check if NFtype in Access Token Request is same as in NF profile registered with NRF and requesterPlmn received in the Access Token Request request is same as Registered Profile. If the value is set as DISABLED, NRF will issue token to non-registered NFs as well. |
DataType: string
Constraints: ENABLED, DISABLED Default Value: ENABLED |
audienceType |
This value decides the aud attribute (Type:- Audience) in AccessTokenClaim as per 3GPP specification. NRF considers this value only if targetNfType and targetNfInstanceId both are not received in AccessTokenRequest. Possible values are:
|
DataType: string
Constraints: NF_INSTANCE_ID,NF_TYPE Default Value: NF_INSTANCE_ID |
logicalOperatorForScope |
The value decides whether values in scope will have relationship AND or OR. If the value is set as AND, while looking for producer network function profiles, token will be issued for profiles matching all the services-names present in scope. If the value is set as OR, token will be issued for profiles matching any of the services-names present in scope. | DataType: string
Constraints: AND, OR Default Value: AND |
authFeatureConfig |
The attribute contains the parameters required to enable and configure NfAccessToken Authorization feature. | DataType: array (AuthFeatureConfig)
Constraints: See AuthFeatureConfig table for details. Default Value: NA |
tokenSigningDetails |
This attribute allows user to configure all of the details required to sign the token generated by NRF. | DataType: array
(TokenSigningDetails)
Constraints: See TokenSigningDetails for details. Default Value: null (None of token signing details are configured) |
errorResponses |
This attribute allows user to update details for different error conditions. | DataType: array (ErrorInfo)
Constraints: See table Preloaded Values for details. Default Value: NA |
Table 2-35 PreLoaded records for errorResponses
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
| Invalid_Key_Details | 500 | Configured Key ID details are invalid and cannot be used | UNSPECIFIED_NF_FAILURE | 5m | See ErrorInfo. |
| Current_Key_Id_Not_Configured | 500 | Current Key ID is not configured | UNSPECIFIED_NF_FAILURE | 5m | See ErrorInfo. |
AuthFeatureConfig
Table 2-36 AuthFeatureConfig
| Attribute | Description | Details |
|---|---|---|
featureStatus |
Enables or disables the NfAccessToken Authorization Feature. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
authRulesConfig |
The attribute defines a mapping across Requester NF Type, Target NF Type, and the allowed services. This attribute should be configured if the
|
DataType: array (AuthConfig)
Constraints: NA Default Value: NA |
errorResponses |
This attribute defines the error responses which are
sent during NRF AccessToken Authorization failure scenarios.
This attribute allows to update the error response code and error response description. This
attribute must be configured if the
By default, the RequesterNF_Unauthorized condition is preloaded. |
DataType: array (ErrorInfo)
Constraints: See PreLoaded records for AuthFeatureConfig errorResponses. Default Value: NA |
Table 2-37 PreLoaded records for AuthFeatureConfig errorResponses
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
| RequesterNf_Unauthorized | 400 | The RequesterNfType is not authorized to receive access token for the targetNfType. | UNSPECIFIED_MSG_FAILURE | 5m | See ErrorInfo. |
Note:
The attributes featureStatus, authRulesConfig, and errorResponses can be configured independently in any order. However, when the feature is enabled, it is expected that the authRulesConfig is configured or present in the current request.Table 2-38 AuthConfig
| Attribute | Description | Details |
|---|---|---|
targetNfType |
The attribute defines the NF Type of the target NF. | DataType: string
Constraints: NFType Default Value: NA |
requesterNfType |
The attribute defines the NF Type of the requester NF that is authorized to access the target NF Type and its services. | DataType: string
Constraints: NFType Default Value: NA |
serviceNames |
This attribute defines the NF services that are authorized to be accessed by the requester NF type. The value "*" indicates that all the services are authorized to be accessed by the requester NF Type. If "*" is to be used, The services contain only a single entry in the list with this value. | DataType: array (string)
Constraints: None Default Value: NA |
Note:
It is mandatory to configure all the attributes together.Table 2-39 TokenSigningDetails
| Attribute | Description | Details |
|---|---|---|
currentKeyID |
KeyID value corresponding to the token signing
details used to sign the token.
Mandatory attribute for Access Token Service to work. Newly added KeyID details can be used after values are validated by NRF. Newly added KeyID cannot be configured as currentKeyID in same request. |
DataType: string
Constraints: Once currentKeyID is configured, this value cannot be null. Default Value: NA |
addkeyIDInAccessToken |
The value of this attribute decides if the KeyID value can be added to AccessToken Response or not. If value is true, then currentKeyID value will be added in AccessToken Response. If value is false, then value will not be added in AccessToken Response. Value for this attribute cannot be set to true if currentKeyID is not set. |
DataType: boolean
Constraints: true, false Default Value: false |
oauthTokenIssuerId |
This attribute is NRF Instance ID that is used
for signing AccessTokenClaim (IE of AccessTokenClaim). If
NRF needs to issue
AccessTokenClaim using its own NF instance ID then the nrfInstanceId
configured in the global section
(global.nrfInstanceId) needs to configured
here. In case of fresh Install, this value is populated with
global.nrfInstanceId automatically. If
NRF needs to issue
AccessTokenClaim using a common or virtual then a common or virtual
NF instance ID needs to be configured here (along with the common or
virtual PrivateKey and Certificate Pair). The same NF instance id
and PrivateKey and Certificate Pair has to be configured in all
other NRFs so that tokens issued by all the NRFs can be validated
using a Single NfInstanceId and KeyPair. While upgrading from 1.12.x
to 1.14.x, this value is taken from
nfaccesstoken.oauth.nrfInstanceId helm
attribute. In case this value is not set in helm custom values.yaml,
value is taken from global.nrfInstanceId helm
attribute.
|
DataType: string
Constraints: Mandatory attribute for Access Token Service to work. It should be in UUID format. Default Value: NA |
defaultK8SecretDetails |
This attribute decides the default Kubernetes secret details and these details value are used in case individual key details for secret name and secret namespace are not configured. | DataType: DefaultK8SecretDetails
Constraints: See DefaultK8SecretDetails table for details. This value is mandatory in case secret namespace and secret name of any individual key details are not configured. Default Value: NA |
keyDetailsList |
This attribute provides details of oauth key details which is used by NRF to sign the token. For more information about adding Keys status, see Oracle Communications Cloud Native Core, Network Repository Function User Guide. Any key ID details cannot be removed if it is getting used as currentKeyID. See OauthKeyDetails table for details. |
DataType: array (OauthKeyDetails)
Constraints: Maximum 25 key details can be configured. In case any of key details need to be modified, then complete keyDetailList is used for updates. Change of specific keyId detail is not supported. Default Value: NA |
Table 2-40 DefaultK8SecretDetails
| Attribute | Description | Details |
|---|---|---|
k8SecretName |
Default Kubernetes secret name. | DataType: string
Constraints: Mandatory, if default Kubernetes secret details are configured. Both k8SecretName and k8SecretNameSpace are configured together. Default Value: NA |
k8SecretNameSpace |
Default Kubernetes secret namespace. | DataType: string
Constraints: Mandatory, if default Kubernetes secret details are configured. Both k8SecretName and k8SecretNameSpace are configured together. Default Value: NA |
Table 2-41 OauthKeyDetails
| Attribute | Description | |
|---|---|---|
keyID |
Unique value in list of keys. Key details are known by this value. | DataType: string
Constraints: Mandatory attribute, keyID length must not exceed 36 characters. Default Value: NA |
algorithm |
Algorithm value is used to sign the oauth token. | DataType: string
Constraints: Mandatory attribute, algorithm can be only ES256 and RS256. Default Value: NA |
privateKey |
NRF Private key details. Both k8SecretName and k8SecretNameSpace are configured together. | DataType: OauthSecretFiles
Constraints: Mandatory attribute, see OauthSecretFiles for details. Default Value: NA |
certificate |
NRF Public certificate details. Both k8SecretName and k8SecretNameSpace are configured together. | DataType: OauthSecretFiles
Constraints: Mandatory attribute, see OauthSecretFiles for details. Default Value: NA |
Table 2-42 OauthSecretFiles
| Attribute | Description | Details |
|---|---|---|
k8SecretName |
Kubernetes secret name where key and certificate details are stored. | DataType: string
Constraints: Optional, but if this attribute is present then k8SecretNameSpace must be present. Default Value: NA |
k8SecretNameSpace |
Kubernetes namespace for secret name. | DataType: string
Constraints: Optional, but if this attribute is present then k8SecretName must be present. Default Value: NA |
fileName |
Filename of Key or certificate. | DataType: string
Constraints: Mandatory attribute. Default Value: NA |
2.7 NRF-NRF Forwarding Options
This section provides REST API configuration parameter details to configure NRF forwarding options.
URI: {apiRoot}/nrf-configuration/v1/forwardingOptions
Method: PUT and GET
- PUT: Updates NRF forwarding options configuration.
- GET: Retrieves NRF forwarding options configuration.
Content Type: application/json
Body:
{
"profileRetrievalStatus": "DISABLED",
"subscriptionStatus": "DISABLED",
"discoveryStatus": "DISABLED",
"accessTokenStatus": "ENABLED",
"nrfHostConfig": [
{
"nfInstanceId": "c56a4180-65aa-42ec-a945-5fd21dec0538",
"apiVersions": [
{
"apiVersionInUri": "v1",
"apiFullVersion": "15.5.0"
}
],
"scheme": "http",
"host": "ocnrf-1-ingressgateway.ocnrf.svc.cluster.local",
"priority": 100,
"port": 80
}
],
"nrfRerouteOnResponseHttpStatusCodes": {
"pattern": "^[3,5][0-9]{2}$|408$",
"codeList": null
},
"errorResponses": [
{
"errorCondition": "NRF_Not_Reachable",
"responseCode": 504,
"errorResponse": "NRF not reachable",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
},
{
"errorCondition": "NRF_Forwarding_Loop_Detection",
"responseCode": 508,
"errorResponse": "Loop Detected",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}
],
"forwardingRulesFeatureConfig": {
"featureStatus": "ENABLED",
"forwardingRulesConfig": [
{
"targetNfType": "UDM",
"serviceNames": [
"nudm-uecm"
],
"serviceNamesMatchType": "ANYONE"
},
{
"targetNfType": "*",
"serviceNames": [
"UDMname14","UDMname15"
],
"serviceNamesMatchType": "EXACT"
}
]
}
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. The profileRetrievalStatus, subscriptionStatus, discoveryStatus, and accessTokenStatus attributes are mandatory in the PUT request.Table 2-43 forwardingOptions
| Attribute Name | Description | Details |
|---|---|---|
nrfHostConfig |
This attribute is used to configure Primary and
Secondary NRF details used for forwarding various requests.
It allows to configure details of NRF like apiVersion, scheme, host, port, and so on. The only supported value for apiVersionInUri is v1. Hence the apiVersions attribute must have at least one data record with apiVersionInUri attribute values set as v1. This configuration allows you to configure more than two NRF Details. NRF with highest priority is considered as Primary NRF for forwarding messages. NRF with second highest priority is considered as Secondary NRF for forwarding. To reset this attribute, please send empty array, for example:- "nrfHostConfig": [ ] If this attribute is already set then there is no need to provide the value again. Note: The value of this attribute can be FQDN, IPv4 or IPv6. |
DataType: array (NFConfig)
Constraints: NA Default Value: NA |
nrfRerouteOnResponseHttpStatusCodes |
This configuration is used to determine if the service operation message needs to be forwarded to Secondary NRF. The primary NRF receives a response. If the response status code matches the configured response status code list, then NRF reroutes the request to the secondary NRF. Refer nrfHostConfig for details for Primary and Secondary NRF details. | DataType: ResponseHttpStatusCodes
Constraints:: pattern or specific code list Default Value: "pattern": "^[3,5][0-9]{2}$|408$" |
profileRetrievalStatus |
This attribute controls the forwarding of NFProfileRetrieval service operation messages. If the flag is set to true and NRF is unable to complete the request due to the unavailability of any matching profile, then NRF forwards the NfProfileRetrieval request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If the flag is set to false, NRF will not forward the NfProfileRetrieval request. It returns a response to the consumer NF without forwarding it. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
subscriptionStatus |
This attribute controls the forwarding of NFStatusSubscribe, and NFStatusUnsubscribe service operation messages. If the flag is set to true and NRF cannot complete the request due to the unavailability of any matching profile, then NRF forwards the NfStatusSubscribe or NfStatusUnSubscribe request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If the flag is false, NRF will not forward the NFStatusSubscribe or NFStatusUnSubscribe request. It returns a response to the consumer NF without forwarding it. Note: NFStatusSubscribe forwarding is supported only if Subscription Condition is NfInstanceIdCond in the NFStatusSubscribe request. |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
discoveryStatus |
This attribute controls the forwarding of NFDiscover service operation messages. If the flag is set to ENABLED and NRF is not able to complete the request due to unavailability of any matching profile, then NRF forwards the NFDiscover request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If flag is DISABLED, NRF will not forward the NFDiscover request in any case. It will return a response to consumer NF without forwarding it. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
accessTokenStatus |
This attribute controls the forwarding of AccessToken service operation messages. If the flag is set to ENABLED and NRF is not able to complete the request due to unavailability of any matching Producer NF, then NRF forwards the AccessToken request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If flag is DISABLED, NRF will not forward the AccessToken request in any case. It will return a response to consumer NF without forwarding it. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
forwardingRulesFeatureConfig |
This attribute provide details for Forwarding Rules feature configuration. | DataType: ForwardingRulesFeatureConfig Constraints: NA Default Value: NA |
errorResponses |
This attribute defines the error responses which may be sent during NRF Forwarding scenarios. This attribute will allow to update the error response code and error response description for preloaded error conditions. | DataType: array (ErrorInfo)
Constraints: NA Default Value: NA |
Table 2-44 ForwardingRulesFeatureConfig
| Attribute | Description | |
|---|---|---|
featureStatus |
This attribute enables or disables the evaluation of forwarding eligibility of a service request based on target NF type and service names configured in forwardingRulesConfig. This flag can be ENABLED only if
Note: Once |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
forwardingRulesConfig |
While enabling the forwarding rules feature, this attribute is configured prior or during enabling the feature. | DataType: array (ForwardingRulesConfig)
Constraints: Maximum of 50 forwarding rules can be configured. Default Value: Empty array |
Table 2-45 ForwardingRulesConfig
| Attribute | Description | Details |
|---|---|---|
targetNfType |
This attribute defines target NF type in a forwarding rule. | DataType: string
Constraints: It has to be either 3gpp defined NF type, custom NF type following regular expression (^CUSTOM_([A-Za-z0-9_]+)), or a wildcard *. Default Value: NA |
serviceNames |
List of services allowed for target NF type. | DataType: array (string)
Constraints: Cannot be empty, either wildcard or any service name(s) must be defined. Note: Maximum of 20 service names can be configured for each forwarding rule. Default Value: NA |
serviceNamesMatchType |
This attribute provides details on how the service names are evaluated, based on the defined constraints. Exact: Service Names in incoming request must be present in the configured service names. Anyone: Service Names in incoming request must match with any one of the configured service names. Note: If serviceNames is a wildcard attribute, then this attribute can be skipped. |
DataType: string
Constraints: EXACT, ANYONE Default Value: NA |
2.8 SLF Options
This section provides REST API configuration parameter details to configure NRF Subscriber Location Function (SLF) options.
URI: {apiRoot}/nrf-configuration/v1/slfOptions
Method: PUT and GET
- PUT: Updates NRF SLF options configuration.
- GET: Retrieves NRF SLF options configuration.
Content Type: application/json
Body:
{
"slfLookupConfig": [{
"nfType": "UDM",
"preferredSubscriberIdType": "SUPI",
"skipSLFLookupParameters": ["group-id-list"],
"valueBasedSkipSLFLookupParams": [ {"parameterName": "dnn","parameterValue": "abc*"},{"parameterName": "group-id-list" ,"parameterValue": ".*"}],
"enableValueBasedSkipSLFLookup": false,
"exceptionListForMissingMandatoryParameter": ["routing-indicator"]
}],
"slfHostConfig": [{
"nfInstanceId": "c56a4180-65aa-42ec-a945-5fd21dec0538",
"apiVersions": [{
"apiVersionInUri": "v1",
"apiFullVersion": "15.5.0"
}],
"scheme": "http",
"host": "ocudrSlf-1-ingressgateway.ocnrf.svc.cluster.local",
"priority": 100,
"port": 80
}],
"rerouteOnResponseHttpStatusCodes": {
"pattern":"^[3,5][0-9]{2}$|408$",
"codeList": null
},
"featureStatus": "ENABLED",
"slfConfigMode": "DISCOVERED_SLF_CONFIG_MODE",
"maxSLFattempts": 0,
"useAlternateScp": false,
"preferredSLFLocality": "",
"populateSlfCandidateList": false,
"slfDiscoveredCandidateList": [],
"useOAuthToken": false,
"accessTokenCacheEnabled": true,
"preferredPortFromIPEndpoint": DISABLED,
"preferredRoutingParameter": [
{
"priority": 1,
"routingParameter": "Ipv4Address"
},
{
"priority": 2,
"routingParameter": "Ipv6Address"
},
{
"priority": 3,
"routingParameter": "Fqdn"
}],
"errorResponses": [{
"errorCondition": "SLF_Missing_Mandatory_Parameters",
"responseCode": 400,
"errorResponse": "Mandatory parameter missing for SLF Lookup",
"errorCause": "MANDATORY_QUERY_PARAM_MISSING",
"retryAfter": "5m",
"redirectUrl": ""
}, {
"errorCondition": "SLF_Subscriber_Not_Provisioned",
"responseCode": 200,
"errorResponse": "Subscriber not provisioned in SLF",
"errorCause": "",
"retryAfter": "5m",
"redirectUrl": ""
}, {
"errorCondition": "SLF_Not_Reachable",
"responseCode": 504,
"errorResponse": "SLF not reachable",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
},
{
"errorCondition": "SLF_OAuthToken_Failure",
"responseCode": 500,
"errorResponse": "SLF OauthToken Failure Occurred",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}
]
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-47 slfOptions
| Attribute Name | Description | Details |
|---|---|---|
featureStatus |
Enables or disables the SLF Feature.
|
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
slfConfigMode |
This attribute decides whether the SLF lookup can be performed based on preconfigured slfHostConfig configuration or UDR registered at the NRF. STATIC_SLF_CONFIG_MODE: If this value is set, the SLF lookup is performed based on preconfigured slfHostConfig. DISCOVERED_SLF_CONFIG_MODE: If this value is set, the SLF lookup is performed based on SLF or UDR registered with NRF. Note: The Once the featureStatus is ENABLED, and the
If The |
DataType: string
Constraints: STATIC_SLF_CONFIG_MODE, DISCOVERED_SLF_CONFIG_MODE Default Value: STATIC_SLF_CONFIG_MODE |
maxSLFattempts |
Indicates the maximum SLF attempts that can be made
when the SLF request fails. When this parameter is configured to the
value greater than 0, the number of attempts is calculated based on
the server header received in the response.
Note: The value of this parameter must be less than
or equal to the value configured for
|
DataType: integer
Constraints: 0 <=
Default Value: 0 |
useAlternateScp |
Indicates whether the reroute for SLF query can be
performed using alternate SCP. If the value is set to
true, the alternate SCP that is configured
under Egress Gateway route configuration is used for routing the SLF
query. If the value is set to false, the alternate
SCP is not used for routing.
Note:
|
DataType: string
Constraints: true or false Default Value: false |
preferredSLFLocality |
Indicates the preferred locality for SLF or UDR. When this attribute is configured, the SLF or UDR profile belonging to this locality is given the highest priority. |
DataType: string
Constraints: NA Default Value: "" |
populateSlfCandidateList |
This attribute triggers the creation of the
slfDiscoveredCandidateList when set to
true.
Note: If
|
DataType: boolean
Constraints: true, false Default Value: false |
slfDiscoveredCandidateList |
This attribute contains the list of SLF or UDR
profiles registered with the NRF which is used to send the SLF query when
the SLF feature is enabled and slfConfigMode is set
to DISCOVERED_SLF_CONFIG_MODE.
While
updating the existing SLF options, remove the
Note: This is a read-only attribute. For more information, see Table 2-51. |
DataType: array
Constraints: NA Default Value: [] |
slfHostConfig |
This attribute is used to configure Primary and
Secondary SLF details for forwarding various requests.
It allows to configure SLF details such as apiVersion, scheme, host, port, and so on. The only supported value for apiVersionInUri is v1. Hence the apiVersions attribute must have at least one data record with apiVersionInUri attribute value set as v1. This configuration allows you to configure more than two SLF Details. SLF with the highest priority is considered as Primary SLF for forwarding requests. SLF with the second highest priority is considered as Secondary SLF for forwarding. If supportedNfTypeList is set, then operator must set this attribute. This is because this value is used to contact the network function hosting the SLF. To reset this attribute, send an empty array, for example: "slfHostConfig": [ ] If this attribute is already set, then there is no need to provide the value again. Note:
The value of this attribute can be FQDN, IPv4, or IPv6. This
attribute is used only if For more information, see Table 2-8. |
DataType: array
Constraints: NA Default Value: [] |
slfLookupConfig |
This attribute defines details for SLF lookup. Different exception lists, preferredSubscriberIdType, and SLF lookup skip can be configured per NFType. While enabling the SLF feature, this attribute is configured before or while enabling the feature. |
DataType: array
Constraints: Maximum 30 configurations can be done, see table SLFLookupConfig for details. Default Value: [] |
valueBasedSkipSLFLookupParams |
This attribute indicates that if one of the key-value of this map attribute matches with the discovery search query then SLF lookup is skipped, and 3GPP defined discovery lookup is performed by ignoring subscriber Id attributes (SUPI or GPSI) from the discovery messages. | DataType: List [Table 2-52]
Constraints: Key value pairs where key is discovery parameter name and value is a list. Maximum 10 elements can be present in this map attribute. Limited the maximum number of characters in the value. Default Value: empty list |
enableValueBasedSkipSLFLookup |
This attribute is used to enable or disable the
The entries in the Note: The value cannot be toggled to true until the
|
DataType: Boolean Constraints: true, false Default Value: false |
rerouteOnResponseHttpStatusCodes |
This attribute is used to determine if SLF retry must
be performed to an alternate SLF based on the response code received
from the SLF. The alternate SLF is picked from the SLF Host Config,
if slfConfigMode is set to STATIC_SLF_CONFIG_MODE
or from the slfDiscoveredCandidateList if
slfConfigMode is set to
DISCOVERED_SLF_CONFIG_MODE.
For more information, see ResponseHttpStatusCodes. |
DataType: string
Constraints: pattern or codeList. Default Value:
|
useOAuthToken |
This attribute is used while performing the SLF query to SLF or UDR to query the Access Token service to get Oauth access token details. If the value of this attribute is true, the SLF function of NRF accesses the Access Token service. If the value of this attribute is false, the SLF function does not access the Access Token service and performs the SLF query without Oauth Access Token. | DataType: boolean
Constraints: true or false Default Value: false |
preferredPortFromIPEndpoint |
This attribute indicates if the ports defined in the ipEndpoints of the NfService must be used for routing where chosen routing parameter is not having port explicitly defined. If set to ENABLED, the port is picked from the ipEndpoints. If no port is present in the ipEndPoints, then NRF will fall back to use the scheme for determining the port. If set to DISABLED, the scheme is used for determining the port. If NfService.scheme is set to http, port 80 is used If NfService.scheme is set to https, port 443 is used. Note: For port selection, the first ipEndPoints configured with only port (without IPv4Addresses/IPv6Addresses) is used as port for routing. |
DataType: boolean
Constraints: DISABLED, ENABLED Default Value: DISABLED |
preferredRoutingParameter |
This attribute indicates the priority order of the routing parameters, Ipv4Address, Ipv6Address, and Fqdn, to be used for routing SLF requests. If the most preferred attribute is not present in the NfProfile, then the next available preferred attribute is selected for routing. Note: The highest preference is given for the routing parameter to which the lowest priority value is set. For more information, see Table 2-48. |
DataType: array
Constraints:
Default Value: As mentioned in Table 2-48. |
accessTokenCacheEnabled |
When this attribute is set to true, NRF will cache
the oAuth2 token for SLF communication and use it until the token is
expired. When this attribute is set to false, for each SLF query NRF
generates a new oAuth2 token.
Note: The operator must set this attribute to true after a successful NRF upgrade. |
DataType: boolean
Constraints: true or false Default Value: true |
errorResponses |
This attribute defines the error responses which may
be sent during SLF processing. This attribute allows the operator to
update the error response code and error response description for
preloaded error conditions.
For more information, see PreLoaded records for errorResponses. |
DataType: array
Constraints: NA Default Value: As mentioned in PreLoaded records for errorResponses. |
Table 2-48 PreferredRoutingParameter
| Parameter | Description | Details |
|---|---|---|
priority |
Indicates the priority for the routing parameter.
Note: No duplicate priority values are allowed. |
DataType: string
Constraints: 1, 2, 3 Default Value: NA |
routingParameter |
Indicates the routing parameter assigned for the
specific priority.
Note: Routing parameter value should be either Ipv4Address, Ipv6Address or Fqdn. |
DataType: integer
Constraints: Ipv4Address, Ipv6Address, Fqdn Default Value: NA |
Table 2-49 PreLoaded records for errorResponses
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
| SLF_Missing_Mandatory_Parameters | 400 | Mandatory parameter missing for SLF Lookup | MANDATORY_QUERY_PARAM_MISSING | 5m | See ErrorInfo. |
| SLF_Not_Reachable | 504 | SLF not reachable | UNSPECIFIED_NF_FAILURE | 5m | See ErrorInfo. |
| SLF_Subscriber_Not_Provisioned | 200 | Subscriber not provisioned in SLF | "" | 5m | See ErrorInfo. |
| SLF_OAuthToken_Failure | 500 | SLF OauthToken Failure Occurred | UNSPECIFIED_NF_FAILURE | 5m | See ErrorInfo. |
Table 2-50 SLFLookupConfig
| Attribute | Description | Details |
|---|---|---|
nfType |
NF Type for which SLF need to be supported. | DataType: string
Constraints: This value can be 3GPP defined NF type or Custom NFtype. Default Value: NA |
preferredSubscriberIdType |
This attribute is only used to pick one Subscriber Identifier if more than one subscriber identifiers (SUPI, GPSI) are present in the NFDiscover service operation message. | DataType: string
Constraints: SUPI or GPSI Default Value: NA |
exceptionListForMissingMandatoryParameter |
This attribute indicates if the mandatory attributes (SUPI or GPSI) are present in the discovery query and if any of the discovery query parameter matches with the value configured in this attribute, NRF continues to perform SLF Lookup. If the mandatory attributes (SUPI or GPSI) are not present in the
discovery query parameters and if NFDiscover search query
attribute is not present in configured
If any of the discovery query parameter matches with the value configured in this attribute, NRF will not reject the request and continues to process the discovery request based on the other query parameters. |
DataType: array (string)
Constraints: Maximum 10 elements can be present in this list attribute. Default Value: NA |
skipSLFLookupParameters |
If the discovery query parameter matches with any of the values configured in this attribute, SLF lookup is to be skipped. In this case, NRF ignores the SUPI or GPSI if present in the discovery search query and processes the discovery query based on the remaining query attributes. Note: NRF does not check if the mandatory parameters (SUPI or GPSI) are present in the discovery query if any of its parameters matches with this attribute. |
DataType: array (string)
Constraints: Maximum 10 elements can be present in this list attribute. Default Value: NA |
Table 2-51 slfDiscoveredCandidate
| Attribute | Datatype | Description |
|---|---|---|
nfInstanceId |
String | The NfInstanceId of the registered UDR profile. |
nfSetIdList |
array(String) | The NfSetIdList of the registered UDR profile.
Note: Only the first NfSetId in this list is included in the 3gpp-Sbi-Discovery-target-nf-set-id header. |
capacity |
Integer | If the profile is present in the 'nudr-group-id-map' service, the capacity is set from the 'nudr-group-id-map', else it is set from the NfProfile. If not present in either NfProfile or 'nudr-group-id-map' service, the capacity will not be set. |
priority |
Integer | If the profile is present in the 'nudr-group-id-map' service, the priority is set from the 'nudr-group-id-map', else it is set from the NfProfile. If not present in either NfProfile or 'nudr-group-id-map' service, the priority will not be set. |
load |
Integer | If the profile is present in the 'nudr-group-id-map' service, the load is set from the 'nudr-group-id-map', else it is set from the NfProfile. If not present in either NfProfile or 'nudr-group-id-map' service, the load will not be set. |
fqdn |
String | The FQDN of the registered UDR profile
Note: The order of priority for picking the fqdn
from the registered UDR profile is as follows:
See the Note. |
ipv4Address |
array(String) |
The IPv4 address of the registered UDR profile Note: The order of priority for picking the ipv4Address
from the registered UDR profile is as follows:
See the Note. |
ipv6Address |
array(String) |
The IPv6 address of the registered UDR profile Note: The order of priority for picking the ipv6Address
from the registered UDR profile is as follows:
See the Note. |
oauth2Required |
Boolean | This attribute indicates if Oauth2-based authorization
is required. This value is set to
slfOptions.useOAuthToken.
|
locality |
String | The locality of the registered UDR profile. |
Table 2-52 skipSLFLookup
| Attribute | Description | Details |
|---|---|---|
parameterName |
This parameter is a valid discovery parameter for which the SLF lookup is to be skipped. |
DataType: String Constraints: Must be a valid discovery parameter name |
parameterValue |
This is the value for which the SLF lookup is skipped if it matches the value from the discovery request. If the value is set to ".*", the SLF is to be skipped for any value if the key is present in the discovery request. |
DataType: String Constraints: Regex. The parameterValue string cannot be empty Maximum length of string is 200 characters. |
Note:
Atleast one of the attributes fqdn, ipv4Address or ipv6Address must be included by the registered UDR.
For routing, the service level attributes is considered first. If none of the attributes are present at service level, then the profile level attributes are considered.
ipv4Adress, ipv6Address, fqdn2.9 Georedundancy Options
This section provides REST API configuration parameter details to configure NRF georedundancy options.
URI: {apiRoot}/nrf-configuration/v1/geoRedundancyOptions
Method: PUT and GET
- PUT: Updates NRF georedundancy options configuration.
- GET: Retrieves NRF georedundancy options configuration.
Content Type: application/json
{
"featureStatus": "DISABLED",
"monitorDBReplicationStatusInterval": "5s",
"monitorNrfServiceStatusInterval": "5s",
"replicationDownTimeTolerance": "10s",
"replicationLatency": "5s",
"replicationLatencyThreshold": "20s",
"replicationStatusUri": "null",
"replicationUpTimeTolerance": "10s",
"siteNameToNrfInstanceIdMappingList":[{"siteName":"Site-2","nrfInstanceId":"6faf1bbc-6e4a-4454-a507-a14ef8e1bc5d"}],
"useRemoteDataWhenReplDown": true
}Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-53 geoRedundancyOptions
| Attribute Name | Description | Details |
|---|---|---|
featureStatus |
Enables or disables the georedundancy feature in NRF. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
replicationLatency |
The default replication Latency of the replication
channel. This value will be used only if the actual replication
channel latency is not reported by the DBTier Replication Service.
This value must always be lesser than the configured value of
replicationLatencyThreshold.
The value is in pHqMrS format, where p, q, r are integers and H, M, S or h,m,s denotes hours, minutes, and seconds respectively. |
DataType: string
Constraints: 1s - 10m Default Value: 5s |
monitorNrfServiceStatusInterval |
The attribute defines the time interval for monitoring the aggregated Nf_Management service status (combined status of nfRegistration, nfSubscription, and nrfAuditor service). The value is in pHqMrS format, where p, q, r are integers and H, M, S or h,m,s denotes hours, minutes, and seconds respectively. | DataType: string
Constraints: 1s - 10m Default Value: 5s |
monitorDBReplicationStatusInterval |
This attribute defines the time interval for monitoring the DB replication status. The value is in pHqMrS format, where p, q, r are integers and H, M, S or h,m,s denotes hours, minutes, and seconds respectively. | DataType: string
Constraints: 1s - 10m Default Value: 5s |
replicationDownTimeTolerance |
The attribute defines the minimum time for the reported replication channel status to remain as DOWN before NRF considers the replication status is DOWN. The value is in pHqMrS format, where p, q, r are integers and H, M, S or h,m,s denotes hours, minutes, and seconds respectively. | DataType: string
Constraints: 1s - 3m Default Value: 10s |
replicationUpTimeTolerance |
The attribute defines the minimum time for the reported replication channel status to remain as UP before NRF considers the replication status is UP. The value is in pHqMrS format, where p, q, r are integers and H, M, S or h,m,s denotes hours, minutes, and seconds respectively. | DataType: string
Constraints: 1s - 3m Default Value: 10s |
replicationLatencyThreshold |
The attribute defines the maximum allowed replication channel latency beyond which the replication channel status is considered as DOWN. The value is in pHqMrS format, where p, q, r are integers and H, M, S or h,m,s denotes hours, minutes, and seconds respectively. | DataType: string
Constraints: 1s - 10m Default Value: 20s |
useRemoteDataWhenReplDown |
This attribute specifies whether the remote NRF
records are considered for NRF service operations when the DB
replication is down.
Note: This attribute only impacts the read-only service requests. The service requests in this category are NfDiscovery, NfAccessToken, NfProfileRetrieval, and NfListRetrieval. When replication channel status is down, the mate NRF records are not used for processing the service requests. |
DataType: boolean
Constraints: true or false Default Value: true |
siteNameToNrfInstanceIdMappingList |
The attribute specifies the list of NRF Instance Id
and the corresponding DBTier site name of the remote site(s). The
attribute "nrfInstanceId" is configured as per the value of
global.nrfInstanceId of the REMOTE site
NRF. The attribute
"siteName" is configured as per the value of the remote
DBTier site name.
Following is the sample
configuration at site Chicago which is georedundant with sites
Atlantic (SiteName: atlantic, NrfInstanceId:
723da493-528f-4bed-871a-2376295c0020) and Pacific (SiteName:
pacific, NrfInstanceId:
cfa780dc-c8ed-11eb-b8bc-0242ac130003)
Note: It is mandatory only if the georedundancy feature is enabled. |
DataType: array (SiteNameToNrfInstanceIdMapping)
Constraints: 1..N Default Value: NA |
replicationStatusUri |
The URI that is used to query the DB replication
status.
Note: It is mandatory only if the georedundancy feature is enabled. The URI is defined as:http://<appinfo-svc>:<appinfo-port>/status/category/replicationstatusWhere,
For more information about using appinfo microservice to fetch the replication status, see "NRF Georedundancy" section in Oracle Communications Cloud Native Core, Network Repository Function User Guide. |
DataType: string
Constraints: NA Default Value: null |
Table 2-54 SiteNameToNrfInstanceIdMapping
| Attribute Name | Description | Details |
|---|---|---|
siteName |
Represents site name. | DataType: string
Presence: M Cardinality: 1 |
nrfInstanceId |
Represents nrfInstanceId of NRF. | DataType: string
Presence: M Cardinality: 1 |
2.10 NF Authentication Options
This section provides REST API configuration parameter details to configure NRF NF authentication options.
URI: {apiRoot}/nrf-configuration/v1/nfAuthenticationOptions
Method: PUT and GET
- PUT: Updates NRF NF authentication options configuration.
- GET: Retrieves NRF NF authentication options configuration.
Content Type: application/json
{
"nfRegistrationStatus": "DISABLED",
"nfSubscriptionStatus": "DISABLED",
"nfDiscoveryStatus": "DISABLED",
"accessTokenStatus": "DISABLED",
"nfProfileRetrievalStatus": "DISABLED",
"nfListRetrievalStatus": "DISABLED",
"checkIfNfIsRegistered": "DISABLED",
"errorResponses": [{
"errorCondition": "Nf_Fqdn_Authentication_Failure",
"responseCode": 403,
"errorResponse": "Failed to authenticate NF using FQDN",
"errorCause": "UNSPECIFIED_MSG_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}]
}Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-55 nfAuthenticationOptions
| Attribute Name | Description | Details |
|---|---|---|
nfRegistrationStatus |
This attribute controls the authentication of consumer NF for NFRegister, NFUpdate, and NFDeregister service operations. If the value of this attribute is set as ENABLED, then the identity of consumer NF is validated. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
nfSubscriptionStatus |
This attribute controls the authentication of consumer NF for NFStatusSubscribe and NFStatusUnsubscribe service operations. If the value of this attribute is set as ENABLED, then the identity of consumer NF is validated, and NRF allows the subscription only if the NF is registered with NRF. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
nfDiscoveryStatus |
This attribute controls the authentication of consumer NF for NFDiscover service operation. If the value of this attribute is set as ENABLED, then the identity of consumer NF is validated. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF. In case NF identity is not present in discovery
request messages then validation is performed as per the
|
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
accessTokenStatus |
This attribute controls the authentication of consumer NF for AccessToken service operation. If the value of this attribute is set as ENABLED, then the identity of consumer NF is validated. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
nfProfileRetrievalStatus |
This attribute controls the authentication of consumer NF for NF Profile Retrieval service operation. If the value of this attribute is set as ENABLED, then the identity of consumer NF is validated. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
nfListRetrievalStatus |
This attribute controls the authentication of consumer NF for NF List Retrieval service operation. If the value of this attribute is set as ENABLED, then the identity of consumer NF is validated. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
errorResponses |
This attribute defines the error responses which may be sent for NF Authentication scenarios. This attribute will allow to update the response code, error response description, retryAfter, and redirectUrl for preloaded error conditions. | DataType: array (ErrorInfo)
Constraints: ENABLED, DISABLED Default Value: See PreLoaded values for more details. |
checkIfNfIsRegistered |
This attribute controls the mechanism to check if NF is registered or not with NRF. If the value of this attribute is set as ENABLED, then the validation is performed. If the value of this attribute is set as DISABLED, then the validation is not performed for consumer NF.
|
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
Table 2-56 PreLoaded records for errorResponses
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
| Nf_Fqdn_Authentication_Failure | 403 | Failed to authenticate NF using FQDN | UNSPECIFIED_MSG_FAILURE | 5m | See ErrorInfo. |
2.11 Logging Level Options
NRF allows retrieving or updating of logs levels of each service. It also allows to retrieve the log levels of all the services together, including the common services like Ingress Gateway, Egress Gateway, and appinfo.
Retrieving all service level logs
Configuration Attributes for all service level logs
URI:{apiRoot}/nrf-configuration/v1/all/logging
Method: GET
Content Type: application/json
[{"nfAccessToken":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nfDiscovery":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"},{\"packageName\":\"cache\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nfRegistration":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nfSubscription":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nrfAuditor":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nrfConfiguration":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nrfArtisan":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"nrfCacheData":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"},{\"packageName\":\"cache\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}",
"ingressGateway":"{\"appLogLevel\":\"WARN\",\"logDiscarding\":{\"enabled\":false,\"featureToThresholdMapping\":[{\"feature\":\"RATE_LIMITING\",\"thresholdFactor\":100},{\"feature\":\"OVERLOAD_CONTROL\",\"thresholdFactor\":100},{\"feature\":\"ROUTE_LEVEL_RATE_LIMITING\",\"thresholdFactor\":100},{\"feature\":\"RSS_RATE_LIMITING\",\"thresholdFactor\":100},{\"feature\":\"EGRESS_RATE_LIMITING\",\"thresholdFactor\":100}]},\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"},{\"packageName\":\"oauth\",\"logLevelForPackage\":\"WARN\"}],\"logSubscriberInfo\":\"DISABLED\",\"additionalErrorLogging\":\"DISABLED\"}",
"egressGateway":"{\"appLogLevel\":\"WARN\",\"logDiscarding\":{\"enabled\":false,\"featureToThresholdMapping\":[{\"feature\":\"RATE_LIMITING\",\"thresholdFactor\":100},{\"feature\":\"NOTIFICATION_RATE_LIMITING\",\"thresholdFactor\":100}]},\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"},{\"packageName\":\"oauth\",\"logLevelForPackage\":\"WARN\"}],\"logSubscriberInfo\":\"DISABLED\",\"additionalErrorLogging\":\"DISABLED\"}",
"appInfo":"{\"appLogLevel\":\"WARN\"}",
"perfInfo":"{\"appLogLevel\":\"WARN\"}",
"alternateroute":"{\"appLogLevel\":\"WARN\",\"packageLogLevel\":[{\"packageName\":\"root\",\"logLevelForPackage\":\"WARN\"}],\"additionalErrorLogging\":\"DISABLED\",\"logSubscriberInfo\":\"DISABLED\"}"}]Table 2-57 allLoggingOptions
| Attribute | DataType | Presence | Description |
|---|---|---|---|
| nfAccessToken | string | M | Specifies the log level options for nfAccessToken microservice. |
| nfDiscovery | string | M | Specifies the log level options for nfDiscovery microservice. |
| nfRegistration | string | M | Specifies the log level options for nfRegistration microservice. |
| nfSubscription | string | M | Specifies the log level options for nfSubscription microservice. |
| nrfArtisan | string | M | Specifies the log level options for artisan microservice. |
| nrfAuditor | string | M | Specifies the log level options for nrfAuditor microservice. |
| nrfConfiguration | string | M | Specifies the log level options for nrfConfiguration microservice. |
| nrfCacheData | string | M | Specifies the log level options for Cache Data Service. |
| ingressGateway | string | M | Specifies the log level options for Ingress Gateway. |
| egressGateway | string | M | Specifies the log level options for Egress Gateway. |
| appInfo | string | M | Specifies the log level options for appinfo. |
| altRoute | string | M | Specifies the log level options for alternate-route service |
| perfinfo | string | M | Specifies the log level options for Perf Info |
Retrieving log levels at service level
Configuration example for nfAccessToken Logging
URI: {apiRoot}/nrf-configuration/v1/nfAccessToken/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nfDiscovery Logging
URI: {apiRoot}/nrf-configuration/v1/nfDiscovery/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nfRegistration Logging
URI: {apiRoot}/nrf-configuration/v1/nfRegistration/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nfSubscription Logging
URI: {apiRoot}/nrf-configuration/v1/nfSubscription/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nrfArtisan Logging
URI: {apiRoot}/nrf-configuration/v1/nrfArtisan/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nrfAuditor Logging
URI: {apiRoot}/nrf-configuration/v1/nrfAuditor/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nrfConfiguration Logging
URI: {apiRoot}/nrf-configuration/v1/nrfConfiguration/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for nrfCacheData Logging
URI: {apiRoot}/nrf-configuration/v1/nrfCacheData/logging
Method: PUT
Content Type: application/json
{
"appLogLevel":"WARN",
"packageLogLevel":[
{
"packageName":"root",
"logLevelForPackage":"WARN"
}
],
"additionalErrorLogging":"DISABLED",
"logSubscriberInfo":"DISABLED",
"logRateControl":[{
"logLevel":"DEBUG",
"rate":"3000"
}
]
}Configuration example for Ingress Gateway Logging
URI: {apiRoot}/nrf/nf-common-component/v1/igw/logging
Method: PUT
Content Type: application/json
{ "appLogLevel":"WARN",
"packageLogLevel":[{
"packageName":"root",
"logLevelForPackage":"WARN"
},
{
"packageName": "oauth",
"logLevelForPackage": "WARN"
}],
"additionalErrorLogging": "DISABLED",
"logSubscriberInfo": "DISABLED"
}Configuration example for Egress Gateway Logging
URI: {apiRoot}/nrf/nf-common-component/v1/egw/logging
Method: PUT
Content Type: application/json
{
"appLogLevel": "WARN",
"packageLogLevel": [{
"packageName": "root",
"logLevelForPackage": "WARN"
}, {
"packageName": "oauth",
"logLevelForPackage": "WARN"
}],
"additionalErrorLogging": "DISABLED",
"logSubscriberInfo": "DISABLED"
}Configuration example for AppInfo Logging
URI: {apiRoot}/nrf/nf-common-component/v1/appinfo/logging
Method: PUT
Content Type: application/json
{
"appLogLevel": "INFO"
}Configuration example for Alternate-Route Logging
URI: {apiRoot}/nrf/nf-common-component/v1/altRoute/logging
Method: PUT
Content Type: application/json
{ "appLogLevel":"WARN",
"packageLogLevel":[{
"packageName":"root",
"logLevelForPackage":"WARN"
}],
"additionalErrorLogging": "DISABLED",
"logSubscriberInfo": "DISABLED"
}Note:
If either (additionalErrorLogging or logSubscriberInfo)
attribute is not present in JSON request body while updating the Log Level Options,
existing value (the last configured value) will be preserved and used. At least one
attribute shall be included during PUT request.
Table 2-58 Logging
| Attribute Name | Description | Details |
|---|---|---|
appLogLevel |
Specifies the log level of the application. |
Data Type: string Constraints: INFO, DEBUG, WARN, ERROR, FATAL, OFF, TRACE Default Value: WARN |
packageLogLevel |
Specifies a list of individual packages and their respective log levels. |
Data Type: array (PackageLogLevel) Constraints: NA Default Value: See PackageLogLevel for more details. |
additionalErrorLogging |
This is an optional parameter. This attribute specifies if the additional attributes should be added to the ERROR log or not. If the value of this attribute is ENABLED, NRF adds the
If the value of this attribute is DISABLED, NRF does not
add the Note: This attribute is available for the
following microservices:
|
Data Type: string Constraints: ENABLED, DISABLED Default Value: DISABLED |
logSubscriberInfo |
This is an optional parameter. If the value of the
additionalErrorLogging is ENABLED, and
additionally if logSubscriberInfo attribute is
ENABLED, NRF checks for the presence of subscriberId:
If the value of the
additionalErrorLogging is ENABLED, and if
logSubscriberInfo attribute is DISABLED, NRF
checks for the presence of subscriberId:
Note: This attribute is available only for the
following microservices:
|
Data Type: string Constraints: ENABLED, DISABLED Default Value: DISABLED |
logRateControl |
This is an optional parameter. Specifies the log levels of the application to support rate control. |
Data Type: array (logRateControl) Constraints: NA Default Value: See Table 2-60 for more details. |
Table 2-59 PackageLogLevel
| Attribute Name | Description | Details |
|---|---|---|
packageName |
Specifies the name of the package. |
DataType: string Constraints: root, cache Note: Default Value: NA |
logLevelForPackage |
Specifies the log level for the given package. |
DataType: string Constraints: INFO, DEBUG, WARN, ERROR, FATAL, OFF, TRACE Default Value: WARN |
Table 2-60 Log Rate Control
| Attribute Name | Description | Details |
|---|---|---|
logLevel |
This is an optional parameter. Indicates the log level to control the log rate. For Example, If |
Data Type: string Constraints: Possible values {"OFF","FATAL","ERROR","WARN","INFO","DEBUG","TRACE","ALL"} Default Value: DEBUG |
rate |
This is an optional parameter. Indicates the average number of logs per second that should be allowed. |
Data Type: integer Constraints: 1<=rate<=10000 Default Value: 3000 |
2.12 Roaming Options
This section provides REST API configuration parameter details to configure NRF roaming options.
URI: {apiRoot}/nrf-configuration/v1/roamingOptions
Method: PUT and GET
- PUT: Updates NRF roaming options configuration.
- GET: Retrieves NRF roaming options configuration.
Content Type: application/json
Body:
{
"featureStatus": "DISABLED",
"genericInterPlmnFqdn": "nrf.5gc.mnc012.mcc345.pub.3gppnetwork.org",
"userAgentMandatory": true,
"notificationAPIversion": "v1",
"3GPPAPIRootScheme": "http",
"errorResponses": [{
"errorCondition": "Mandatory_Attributes_Missing",
"responseCode": 400,
"errorResponse": "Mandatory attribute(s) for Roaming are not present",
"errorCause": "MANDATORY_QUERY_PARAM_MISSING",
"retryAfter": "5m",
"redirectUrl": ""
}, "errorCondition": "Roaming_Attributes_Present_Feature_Disabled",
"responseCode": 400,
"errorResponse": "Roaming attributes are present while Roaming feature is disabled",
"errorCause": "UNSPECIFIED_MSG_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
},{
"errorCondition": "UserAgent_Header_NotPresent",
"responseCode": 400,
"errorResponse": "User agent header not present",
"errorCause": "MANDATORY_IE_MISSING",
"retryAfter": "5m",
"redirectUrl": ""
},{
"errorCondition": "Loop_Detected",
"responseCode": 508,
"errorResponse": "Loop detected during roaming routing",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}]
]
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-61 Roaming Options
| Attribute | Description | Details |
|---|---|---|
featureStatus |
Flag to control roaming feature. If the value is set as ENABLED, the roaming specific routing occurs. If the value is set as DISABLED, the roaming specific routing does not occur. |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
genericInterPlmnFqdn |
Generic FQDN required to be added in Inter-PLMN headers request. Every NRF whether it is vNRF or hNRF role, adds the genericInterPlmnFqdn in the header. This helps to detect the loop. This is a mandatory attribute. Note: It is recommended to configure this FQDN value as Inter-PLMN format. Example: nrf.5gc.mnc012.mcc345.pub.3gppnetwork.org Note: Length of this attribute is limited upto 255 characters. |
DataType: string
Constraints: Format: 5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org Default Value: null |
userAgentMandatory |
This flag is to regulate the consideration to relax or reject the request if the user-agent is not present in the request at home NRF for Access Token Request Validation feature processing. Access Token Request Validation feature is disabled then user-agent header presence is not checked. When the Access Token Request Validation feature is
enabled, and this flag value is set as true:
When the Access Token Request Validation feature is
enabled, and this flag value is set as false:
Note: User-agent header is only applicable when the nfType attribute of the access token request is not present at home NRF. |
DataType: boolean
Constraints: true, false Default Value: true |
notificationAPIversion |
This attribute specifies the version of Notification Server that is required as part of 3gpp-Sbi-Callback header input. This is a mandatory attribute for Roaming feature. Example: v1 Note: Length of this attribute is limited upto 255 characters. |
DataType: string
Constraints: NA Default Value: null |
3GPPAPIRootScheme |
This attribute defines the scheme which is used while constructing the 3GPP API root header. | DataType: string
Constraints: http, https Default Value: http |
errorResponses |
This attribute defines the error responses which may be sent during NRF roaming traffic processing. This attribute allows configuring the error response code and error response description for preloaded error conditions. | DataType: array (errorResponses)
Constraints: See PreLoaded Error Response values. Default Value: NA |
Table 2-62 Preloaded values for errorResponses
| errorCondition | responseCode | errorResponse | errorCause | retryAfter | redirectUrl |
|---|---|---|---|---|---|
| Mandatory_Attributes_Missing | 400 | Mandatory attribute(s) for roaming are not present. | MANDATORY_QUERY_PARAM_MISSING | 5m | See ErrorInfo. |
| UserAgent_Header_NotPresent | 400 | User agent header not present. | MANDATORY_IE_MISSING | 5m | See ErrorInfo. |
| Loop_Detected | 508 | Loop detected during roaming message processing. | UNSPECIFIED_NF_FAILURE | 5m | See ErrorInfo. |
| Roaming_Attributes_Present_Feature_Disabled | 400 | Roaming attributes are present while roaming feature is disabled. | UNSPECIFIED_MSG_FAILURE | 5m | See ErrorInfo. |
2.13 NF Screening Options
This section provides REST API configuration parameter details to configure NF screening options.
URI: {apiRoot}/nrf-configuration/v1/nfScreeningOptions
Method: PUT and GET
- PUT: Updates NF screening options configuration.
- GET: Retrieves NF screening options configuration.
Content Type: application/json
Body:
{
"featureStatus": "DISABLED",
"responseCode": 403
}Configuration Attributes
Note:
If there are no attributes in JSON request body while updating, existing value in database is preserved and used. Atleast one attribute is included during PUT request.Table 2-63 nfScreeningOptions
| Attribute Name | Details |
|---|---|
featureStatus |
This attribute indicates if NF Screening feature is
enabled or not globally.
If the value is set as ENABLED, the NF screening is allowed. If the value is set as DISABLED, the NF screening is not allowed. DataType: string Constraints: ENABLED, DISABLED Default Value: DISABLED |
responseCode |
This attribute indicates HTTP status code which is
returned, if incoming request does not qualify NF screening
rules.
DataType: integer Constraints: NA Default Value: 403 |
2.14 NF Screening Rules Configuration
This section provides REST API configuration parameter details to configure NRF NF screening rules options.
Screening Rules List Update
The following NF screening rules update particular rule configuration (except read only attributes).
URI:{apiRoot}/nrf-configuration/v1/screening-rules/CALLBACK_URI
Method: PUT and GET
- PUT: Updates NF screening options configuration.
- GET: Retrieves NF screening options configuration.
Content Type: application/json
Body:
Request Body
{
"nfScreeningRulesList": [
{
"nfScreeningRulesListType": "NF_FQDN",
"nfScreeningType": "BLOCKLIST",
"nfScreeningRulesListStatus": "DISABLED"
},
{
"nfScreeningRulesListType": "NF_IP_ENDPOINT",
"nfScreeningType": "BLOCKLIST",
"nfScreeningRulesListStatus": "ENABLED",
"amfScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfIpEndPointList": [
{
"ipv4Address": "198.21.87.192",
"ports": [
10,
20
]
}
]
}
},
{
"nfScreeningRulesListType": "CALLBACK_URI",
"nfScreeningType": "BLOCKLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfCallBackUriList": [
{
"fqdn": "ocnrf-d5g.oracle.com",
"ports": [
10,
20
]
}
]
}
},
{
"nfScreeningRulesListType": "PLMN_ID",
"nfScreeningType": "BLOCKLIST",
"nfScreeningRulesListStatus": "DISABLED"
},
{
"nfScreeningRulesListType": "NF_TYPE_REGISTER",
"nfScreeningType": "ALLOWLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfTypeList": [
"AMF",
"SMF",
"PCF"
]
}
}
]
}Configuration Attributes
Table 2-64 nfScreeningRulesList
| Attribute name | Details |
|---|---|
nfScreeningRulesListType |
This is an optional parameter.
Indicates the screening rule list type that is applied for the specific attribute in the NfProfile. For more information on the list, see Table 2-66. Note: This is a read-only attribute. DataType: array (Table 2-66) Constraints: NA Default Value: NA |
nfScreeningType |
This is a mandatory parameter. Indicates whether the configured screening rule list type for the complete screening list. Following are the possible values:
DataType: string Range: Blocklist, Allowlist Default Value: Depends on the screening rule list type |
nfScreeningRulesListStatus |
This is a mandatory parameter. Indicates whether the screening rules are enabled or disabled for the configured screening rule list type. If the value is set as ENABLED, the NF screening is allowed. If the value is set as DISABLED, the NF screening is not allowed. DataType: string Range: ENABLED, DISABLED Default Value: Depends on the screening rule list type |
globalScreeningRulesData |
This is a mandatory parameter. Indicates if the screening rule that is applicable globally for the service request. For more information about the configuration, see Table 2-67. DataType: array (Table 2-67) Range: NA Default Value: NA |
<nf>ScreeningRulesData |
This is a mandatory parameter. Indicates if the screening rule that is applicable per NfType for the service request. For more information about the configuration, see Table 2-67. The supported NfTypes are listed in the Table 2-65. DataType: array Range: NA Default Value: NA |
Table 2-65 nfScreeningRules
| Attribute name | Details |
|---|---|
| udmScreeningRulesData | This attribute is present if screening rules for
Unified Data Management (UDM) need to be configured.
DataType: array Range: NA Default Value: NA |
| afScreeningRulesData | This attribute is present if screening rules for
Application Function (AF) need to be configured.
DataType: array Range: NA Default Value: NA |
| amfScreeningRulesData | This attribute is present if screening rules for
Access and Mobility Management Function (AMF) need to be
configured.
DataType: array Range: NA Default Value: NA |
| smfScreeningRulesData | This attribute is present if screening rules for
custom Session Management Function (SMF) need to be configured.
DataType: array Range: NA Default Value: NA |
| ausfScreeningRulesData | This attribute is present if screening rules for
Authentication Server Function (AUSF) need to be configured.
DataType: array Range: NA Default Value: NA |
| nefScreeningRulesData | This attribute is present if screening rules for
Network Exposure Function (NEF) need to be configured.
DataType: array Range: NA Default Value: NA |
| pcfScreeningRulesData | This attribute is present if screening rules for
Policy Control Function (PCF) need to be configured.
DataType: array Range: NA Default Value: NA |
| nssfScreeningRulesData | This attribute is present if screening rules for
Network Slice Selection Function (NSSF) need to be configured.
DataType: array Range: NA Default Value: NA |
| udrScreeningRulesData | This attribute is present if screening rules for
Unified Data Repository (UDR) need to be configured.
DataType: array Range: NA Default Value: NA |
| lmfScreeningRulesData | This attribute is present if screening rules
Location Management Function (LMF) for need to be configured.
DataType: array Range: NA Default Value: NA |
| gmlcScreeningRulesData | This attribute is present if screening rules for
Gateway Mobile Location Center (GMLC) need to be configured.
DataType: array Range: NA Default Value: NA |
| fiveG_EirScreeningRulesData | This attribute is present if screening rules for
Equipment Identity Register (EIR) need to be configured.
DataType: array Range: NA Default Value: NA |
| seppScreeningRulesData | This attribute is present if screening rules for
Security Edge Protection Proxy (SEPP) need to be configured.
DataType: array Range: NA Default Value: NA |
| upfScreeningRulesData | This attribute is present if screening rules for
User Plane Function (UPF) need to be configured.
DataType: array Range: NA Default Value: NA |
| n3iwfScreeningRulesData | This attribute is present if screening rules for
Interworking Function (IWF) need to be configured.
DataType: array Range: NA Default Value: NA |
| udsfScreeningRulesData | This attribute is present if screening rules for
Unstructured Data Storage Function (UDSF) need to be configured.
DataType: array Range: NA Default Value: NA |
| bsfScreeningRulesData | This attribute is present if screening rules for
Binding Support Function (BSF) need to be configured.
DataType: array Range: NA Default Value: NA |
| chfScreeningRulesData | This attribute is present if screening rules for
Charging Function (CHF) need to be configured.
DataType: array Range: NA Default Value: NA |
| nwdafScreeningRulesData | This attribute is present if screening rules for
Network Data Analytics Function (NWDAF) need to be configured.
DataType: array Range: NA Default Value: NA |
| slfScreeningRulesData | This attribute is present if screening rules for
Subscriber Location Function (SLF) need to be configured.
DataType: array Range: NA Default Value: NA |
| cbcfScreeningRulesData | This attribute is present if screening rules for Cell
Broadcast Center Function (CBCF) need to be configured.
DataType: array Range: NA Default Value: NA |
| nssaafScreeningRulesData | This attribute is present if screening rules for
Network Slice Specific Authentication and Authorization Function
(NSSAAF) need to be configured.
DataType: array Range: NA Default Value: NA |
| mmeScreeningRulesData | This attribute is present if screening rules for
Mobile Management Entity (MME) need to be configured.
DataType: array Range: NA Default Value: NA |
| icscfScreeningRulesData | This attribute is present if screening rules for
Interrogating Call Session Control Function (ICSCF) need to be
configured.
DataType: array Range: NA Default Value: NA |
| scsasScreeningRulesData | This attribute is present if screening rules for
Security Assurance Specification (SCSAS) need to be configured.
DataType: array Range: NA Default Value: NA |
| draScreeningRulesData | This attribute is present if screening rules for
Diameter Routing Agent (DRA) need to be configured.
DataType: array Range: NA Default Value: NA |
| ucmfScreeningRulesData | This attribute is present if screening rules for UE
Capability Management Function (UCMF) need to be configured.
DataType: array Range: NA Default Value: NA |
| sorafScreeningRulesData | This attribute is present if screening rules for
Steering of Roaming Application Function (SOR_AF) need to be
configured.
DataType: array Range: NA Default Value: NA |
| spafScreeningRulesData | This attribute is present if screening rules for
Service Provider Application Function (SPAF) need to be
configured.
DataType: array Range: NA Default Value: NA |
| scefScreeningRulesData | This attribute is present if screening rules for
Service Capability Exposure Function (SCEF) need to be configured.
DataType: array Range: NA Default Value: NA |
| imsasScreeningRulesData | This attribute is present if screening rules for IP
Multimedia Subsystem Application Server (IMS_AS) need to be
configured.
DataType: array Range: NA Default Value: NA |
| nrfScreeningRulesData | This attribute is present if screening rules for
Network Repository Function (NRF) need to be configured.
DataType: array Range: NA Default Value: NA |
Table 2-66 NfScreeningRulesListType
| Attribute | Details |
|---|---|
| "NF_IP_ENDPOINT" | Screening list type for IP Endpoint. This screening rule type is
applicable for ipv4address,
ipv6address attributes at NfProfile level.
Also, it is applicable for ipEndPoint attribute at
nfServices level for NF_Register and NF_Update service
operation.
|
| "CALLBACK_URI" | Screening list type for callback URIs in NF Service and
nfStatusNotificationUri in SubscriptionData.
This is also applicable for nfStatusNotificationUri
attribute of SubscriptionData for NFStatusSubscribe service
operation. This screening rule type is applicable for
defaultNotificationSubscription attribute at NF
service level for NF_Register and NF_Update service
operation.
|
| "PLMN_ID" | Screening list type for PLMN ID. This screening rule type is
applicable for plmnList attribute at NfProfile
level for NF_Register and NF_Update service operation.
|
| "NF_TYPE_REGISTER" | Screening list type for allowed NF Types to register. NRF
supports 3GPP TS 29510 Release 15 and specific Release 16 NF Types.
For more information on the supported NF Types list, see "Supported
NF Types" section in Oracle Communications Cloud Native Core,
Network Repository Function User Guide. This screening
rule type is applicable for nfTypeList attribute at
NfProfile level for NF_Register and NF_Update service operation.
|
| "NF_FQDN" | Screening List type for NF FQDN. This screening rule type is
applicable for fqdn attribute of a NfProfile in
NF_Register and NF_Update service operation.
|
Table 2-67 ScreeningRulesData
| Attribute | Details |
|---|---|
failureAction |
Indicates what action needs to be taken during failure.
DataType: string Range: CONTINUE, SEND_ERROR Default Value: Depends on the screening rule list type |
nfFqdn |
This attribute is configured if nfScreeningRulesListType is set as NF_FQDN. For more information about the configuration, see Table 2-68. DataType: string Range: NA Default Value: NA |
nfCallBackUriList |
This attribute is configured if nfScreeningRulesListType is set as CALLBACK_URI. For more information about the configuration, see Table 2-69. DataType: array Range: NA Default Value: NA |
nfIpEndPointList |
This attribute is configured if nfScreeningRulesListType is set as NF_IP_ENDPOINT. For more information about the configuration, see Table 2-70. DataType: array Range: NA Default Value: NA |
plmnList |
This attribute is configured if nfScreeningRulesListType is set as PLMN_ID. DataType: integer Range: NA Default Value: NA |
nfTypeList |
This attribute is configured if nfScreeningRulesListType is set as NF_TYPE_REGISTER. For more information about the configuration, see Table 2-65. DataType: string Range: NA Default Value: NA |
Table 2-68 NfFqdn
| Attribute | Details |
|---|---|
pattern |
Indicates the regular expression for FQDN. Note: Atleast one of the attributes must be present. DataType: array Range: NA Default Value: NA |
fqdn |
Indicates the exact FQDN to be matched. This is conditional, at least one attribute is present. DataType: string Range: NA Default Value: NA |
Table 2-69 NfCallBackUri
| Attribute | Details |
|---|---|
fqdn |
Indicates the exact FQDN to be matched. DataType: string Range: NA Default Value: NA |
pattern |
Indicates the regular expression for FQDN, Ipv4Address, and Ipv6Address. DataType: string Range: NA Default Value: NA |
ipv4Address |
Indicates the IPv4 address to be matched. DataType: string Range: NA Default Value: NA |
ipv4AddressRange |
Indicates the range of IPv4 addresses. Note: It should be valid IPv4 addresses. DataType: string Range: NA Default Value: NA |
ipv6Address |
Indicates the IPv6 address to be matched. DataType: string Range: NA Default Value: NA |
ipv6AddressRange |
Indicates the range of IPv6 addresses. Note: It should be valid IPv6 addresses. DataType: string Range: NA Default Value: NA |
port |
Indicates the port that must be matched. If this attribute is not configured, then it will not be considered for validation. DataType: integer Range: 1-65535 Default Value: NA |
portRange |
Indicates the range of port that must be matched. If this attribute is not configured then it will not be considered for validation. For more information about the configuration, see Table 2-71. DataType: array (Table 2-71) Range: NA Default Value: NA |
Table 2-70 NfIpEndPoint
| Attribute | Details |
|---|---|
ipv4Address |
Indicates the IPv4 address to be matched. DataType: string Range: NA Default Value: NA |
ipv4AddressRange |
Indicates the range of IPv4 addresses. DataType: string Range: NA Default Value: NA |
ipv6Address |
Indicates the IPv6 address to be matched. DataType: string Range: NA Default Value: NA |
ipv6AddressRange |
Indicates the range of IPv6 addresses. DataType: string Range: NA Default Value: NA |
port |
Indicates the port that must be matched. If this attribute is not configured, then it is not considered for validation. DataType: Integer Range:1-65535 Default Value: NA |
portRange |
Indicates the range of port that must be matched. If this attribute is not configured, then it is not considered for validation. For more information about the configuration, see Table 2-71. DataType: array (Table 2-71) Range: NA Default Value: NA |
Table 2-71 PortRange
| Attribute | Details |
|---|---|
start |
Indicates the first port value identifying the start of port range. Note: The value of start must be less than or equal to the value of end. DataType: Integer Range: 1-65535 Default Value: NA |
end |
Indicates the last port value identifying the end of port range. DataType: Integer Range: 1-65535 Default Value: NA |
2.14.1 NF_FQDN Screening Rule
NRF screens the Fully
Qualified Domain Name (FQDN) present in the service request before allowing access to
management service. This screening rule type is applicable for fqdn of
a NfProfile in NF_Register and NF_Update service operation.
URI: {apiroot}/nrf-configuration/v1/screening-rules/NF_FQDN
Method: PUT, PATCH, GET
Content Type: application/json
Sample Body:
{
"nfScreeningRulesListType": "NF_FQDN",
"nfScreeningType": "BLOCKLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfFqdn": {
"fqdn": [
"abc.def"
]
}
},
"customNfScreeningRulesData": null,
"nrfScreeningRulesData": null,
"udmScreeningRulesData": null,
"amfScreeningRulesData": null,
"smfScreeningRulesData": null,
"ausfScreeningRulesData": null,
"nefScreeningRulesData": null,
"pcfScreeningRulesData": null,
"nssfScreeningRulesData": null,
"udrScreeningRulesData": null,
"lmfScreeningRulesData": null,
"gmlcScreeningRulesData": null,
"fiveG_EirScreeningRulesData": null,
"seppScreeningRulesData": null,
"upfScreeningRulesData": null,
"n3iwfScreeningRulesData": null,
"afScreeningRulesData": null,
"udsfScreeningRulesData": null,
"bsfScreeningRulesData": null,
"chfScreeningRulesData": null,
"nwdafScreeningRulesData": null,
"scpScreeningRulesData": null
}Note:
TheglobalScreeningRulesData configuration indicates the global
screening rule. For more information about the configuration parameters, see NF Screening Rules Configuration.
2.14.2 NF_IP_ENDPOINT Screening Rule
NRF screens the IP endpoint(s) present in the request before allowing access to management service for NF_Register and NF_Update service operation. This screening rule type is applicable for the following:
- NfProfile.ipv4Addresses
- NfProfile.ipv6Addresses
- NfService.ipEndPoints
URI: {apiroot}/nrf-configuration/v1/screening-rules/NF_IP_ENDPOINT
Method: PUT, PATCH, GET
Content Type: application/json
Sample Body:
{
"nfScreeningRulesListType": "NF_IP_ENDPOINT",
"nfScreeningType": "BLOCKLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfIpEndPointList": [
{
"ipv6AddressRange": {
"start": "5001:0db8:85a3:0000:0000:8a2e:0370:7300",
"end": "5001:0db8:85a3:0000:0000:8a2e:0370:7334"
},
"ports": [
600
]
},
{
"ipv4Address": "192.168.2.100"
}
]
},
"customNfScreeningRulesData": null,
"nrfScreeningRulesData": null,
"udmScreeningRulesData": null,
"amfScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfIpEndPointList": [
{
"ipv6AddressRange": {
"start": "5001:0db8:85a3:0000:0000:8a2e:0370:7400",
"end": "5001:0db8:85a3:0000:0000:8a2e:0370:7434"
},
"ports": [
200
]
},
{
"ipv4Address": "192.168.2.101"
}
]
},
"smfScreeningRulesData": null,
"ausfScreeningRulesData": null,
"nefScreeningRulesData": null,
"pcfScreeningRulesData": null,
"nssfScreeningRulesData": null,
"udrScreeningRulesData": null,
"lmfScreeningRulesData": null,
"gmlcScreeningRulesData": null,
"fiveG_EirScreeningRulesData": null,
"seppScreeningRulesData": null,
"upfScreeningRulesData": null,
"n3iwfScreeningRulesData": null,
"afScreeningRulesData": null,
"udsfScreeningRulesData": null,
"bsfScreeningRulesData": null,
"chfScreeningRulesData": null,
"nwdafScreeningRulesData": null,
"scpScreeningRulesData": null,
"failureAction": "SEND_ERROR",
"nfScreeningListType": "NF_IP_ENDPOINT"
}2.14.3 CALLBACK_URI Screening Rule
This section describes the screening list type for callback URIs in NF Service and
nfStatusNotificationUri in subscription data. This screening rule
type is applicable for defaultNotificationSubscription attribute at NF
service level for NF_Register service operation. This is also applicable for
nfStatusNotificationUri attribute of SubscriptionData for
NFStatusSubscribe service operation.
NRF screens the callback URI present in the request before allowing access to management service. Host present in callback URI (FQDN+port or IP+port) must be used for screening. In CALLBACK_URI, the attributes that can be modified are FQDN, Port and IP address.
URI: {apiroot}/nrf-configuration/v1/screening-rules/CALLBACK_URI
Method: PUT, PATCH, GET
Content Type: application/json
Sample Body:
{
"nfScreeningRulesListType": "CALLBACK_URI",
"nfScreeningType": "ALLOWLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfCallBackUriList": [
{
"fqdn": "abc.oracle.com",
"ports": [
440,
490
],
"portRanges": [
{
"start": 190,
"end": 192
},
{
"start": 160,
"end": 182
}
]
},
{
"fqdn": "amf.oracle.com",
"ports": [
640,
690,
68
],
"portRanges": [
{
"start": 790,
"end": 792
},
{
"start": 860,
"end": 882
}
]
},
{
"fqdn": "pcf.oracle.com"
},
{
"fqdn": "amf2.oracle.com",
"ports": [
540,
590
]
},
{
"fqdn": "amf3.oracle.com",
"portRanges": [
{
"start": 190,
"end": 192
},
{
"start": 160,
"end": 182
}
]
},
{
"pattern": "xyz.[a-z]*.oracle.com",
"ports": [
40,
90
],
"portRanges": [
{
"start": 1900,
"end": 1920
},
{
"start": 1600,
"end": 1802
}
]
},
{
"pattern": "^(?:[0-9]{1,3}\\\\.){3}[0-9]{1,3}$",
"ports": [
443
]
},
{
"pattern": "udm.[a-z]*.oracle.com"
},
{
"pattern": "udr.[a-z]*.oracle.com",
"ports": [
443
]
},
{
"pattern": "nssf.[a-z]*.oracle.com",
"portRanges": [
{
"start": 2900,
"end": 2920
}
]
},
{
"pattern": "^(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$",
"ports": [
80
]
},
{
"ipv6Address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"portRanges": [
{
"start": 90,
"end": 100
}
]
},
{
"ipv6Address": "3001:0db8:85a3:0000:0000:8a2e:0370:7334",
"ports": [
82
]
},
{
"ipv6Address": "4001:0db8:85a3:0000:0000:8a2e:0370:7334",
"portRanges": [
{
"start": 4000,
"end": 5000
}
]
},
{
"ipv6AddressRange": {
"start": "1001:0db8:85a3:0000:0000:8a2e:0370:7300",
"end": "1001:0db8:85a3:0000:0000:8a2e:0370:7334"
},
"portRanges": [
{
"start": 4000,
"end": 5000
}
]
},
{
"ipv6AddressRange": {
"start": "5001:0db8:85a3:0000:0000:8a2e:0370:7300",
"end": "5001:0db8:85a3:0000:0000:8a2e:0370:7334"
},
"ports": [
600
]
},
{
"ipv4Address": "192.168.2.100",
"portRanges": [
{
"start": 90,
"end": 100
}
]
},
{
"ipv4Address": "192.168.2.102",
"ports": [
82
]
},
{
"ipv4Address": "192.168.2.104",
"portRanges": [
{
"start": 4000,
"end": 5000
}
]
},
{
"ipv4AddressRange": {
"start": "192.168.8.100",
"end": "192.168.8.200"
},
"portRanges": [
{
"start": 4000,
"end": 5000
}
]
},
{
"ipv4AddressRange": {
"start": "192.168.9.100",
"end": "192.168.9.200"
},
"ports": [
6000
]
},
{
"ipv4Address": "192.168.10.109"
}
]
},
"customNfScreeningRulesData": null,
"nrfScreeningRulesData": null,
"udmScreeningRulesData": null,
"amfScreeningRulesData": null,
"smfScreeningRulesData": null,
"ausfScreeningRulesData": null,
"nefScreeningRulesData": null,
"pcfScreeningRulesData": null,
"nssfScreeningRulesData": null,
"udrScreeningRulesData": null,
"lmfScreeningRulesData": null,
"gmlcScreeningRulesData": null,
"fiveG_EirScreeningRulesData": null,
"seppScreeningRulesData": null,
"upfScreeningRulesData": null,
"n3iwfScreeningRulesData": null,
"afScreeningRulesData": null,
"udsfScreeningRulesData": null,
"bsfScreeningRulesData": null,
"chfScreeningRulesData": null,
"nwdafScreeningRulesData": null,
"scpScreeningRulesData": null,
"failureAction": "SEND_ERROR",
"nfScreeningListType": "CALLBACK_URI"
}Note:
TheglobalScreeningRulesData configuration indicates the global
screening rule. For more information about the configuration parameters, see NF Screening Rules Configuration.
2.14.4 PLMN_ID Screening Rule
NRF screens the PLMN
ID present in the request before allowing access to management service. This screening
rule type is applicable for plmnList attribute at NfProfile level for
NF_Register and NF_Update service operation.
URI: {apiroot}/nrf-configuration/v1/screening-rules/PLMN_ID
Method: PUT, PATCH, GET
Content Type: application/json
Sample Body:
{
"nfScreeningRulesListType": "PLMN_ID",
"nfScreeningType": "ALLOWLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"plmnList": [
{
"mcc": "311",
"mnc": "15"
},
{
"mcc": "310",
"mnc": "14"
}
]
},
"customNfScreeningRulesData": null,
"nrfScreeningRulesData": null,
"udmScreeningRulesData": null,
"amfScreeningRulesData": null,
"smfScreeningRulesData": null,
"ausfScreeningRulesData": null,
"nefScreeningRulesData": null,
"pcfScreeningRulesData": null,
"nssfScreeningRulesData": null,
"udrScreeningRulesData": null,
"lmfScreeningRulesData": null,
"gmlcScreeningRulesData": null,
"fiveG_EirScreeningRulesData": null,
"seppScreeningRulesData": null,
"upfScreeningRulesData": null,
"n3iwfScreeningRulesData": null,
"afScreeningRulesData": null,
"udsfScreeningRulesData": null,
"bsfScreeningRulesData": null,
"chfScreeningRulesData": null,
"nwdafScreeningRulesData": null,
"scpScreeningRulesData": null
}Note:
TheglobalScreeningRulesData configuration indicates the global
screening rule. For more information about the configuration parameters, see NF Screening Rules Configuration.
2.14.5 NF_TYPE_REGISTER Screening Rule
NRF screens the NF type present in the incoming service request. NRF supports 3GPP TS 29510 Release 15 and specific Release 16 NF Types. This screening rule type is applicable for nfTypeList attribute at NfProfile level for NF_Register and NF_Update service operation. For more information on the supported NF Types list, see "Supported NF Types" section in Oracle Communications Cloud Native Core, Network Repository Function User Guide.
URI: {apiroot}/nrf-configuration/v1/screening-rules/NF_TYPE_REGISTER
Method: PUT, PATCH, GET
Content Type: application/json
Sample Body:
{
"nfScreeningRulesListType": "NF_TYPE_REGISTER",
"nfScreeningType": "ALLOWLIST",
"nfScreeningRulesListStatus": "ENABLED",
"globalScreeningRulesData": {
"failureAction": "SEND_ERROR",
"nfTypeList": [
"AMF",
"AUSF",
"PCF"
]
},
"customNfScreeningRulesData": null,
"nrfScreeningRulesData": null,
"udmScreeningRulesData": null,
"amfScreeningRulesData": null,
"smfScreeningRulesData": null,
"ausfScreeningRulesData": null,
"nefScreeningRulesData": null,
"pcfScreeningRulesData": null,
"nssfScreeningRulesData": null,
"udrScreeningRulesData": null,
"lmfScreeningRulesData": null,
"gmlcScreeningRulesData": null,
"fiveG_EirScreeningRulesData": null,
"seppScreeningRulesData": null,
"upfScreeningRulesData": null,
"n3iwfScreeningRulesData": null,
"afScreeningRulesData": null,
"udsfScreeningRulesData": null,
"bsfScreeningRulesData": null,
"chfScreeningRulesData": null,
"nwdafScreeningRulesData": null,
"scpScreeningRulesData": null
}Note:
TheglobalScreeningRulesData configuration indicates the global
screening rule. For more information about the configuration parameters, see NF Screening Rules Configuration.
2.15 DNS NAPTR Update Options Configuration
This section provides REST API configuration parameter details to update Name Authority Pointer (NAPTR) record in Domain Name System (DNS) during Access and Mobility Functions (AMF) registration, update, and deregistration.
2.15.1 DNS NAPTR Configuration in Alternate Route Service
This URI can be used to configure alternate route service for DNS NAPTR.
URI: /{nfType}/nf-common-component/v1/{serviceName}/upstreamdnsconfig
/{nfType}/nf-common-component/v1/{serviceName}/{instanceId}/upstreamdnsconfig
Method: GET, PUT
Content Type: application/json
{
"enabled": false,
"watchSecretTimeout": 2000,
"fixedTsigKeyMonitorDelay": 5000,
"tsigKeyNamespace": "ocnrf",
"tsigKeySecretName": "tsig-secret",
"host": "10.75.175.222",
"port": "53",
"zone": "example.search",
"upstreamDNSTimeout": 10000
}Configuration Attributes
Table 2-72 Upstream DNS Server
| Attribute Name | Description | Details |
|---|---|---|
enabled |
Enables or disables the update or delete of DNS NAPTR record in DNS Server. |
DataType: boolean
Constraints: true, false Default Value: false |
watchSecretTimeout |
This configuration is to watch event timeout (in second) while reading the secret. | DataType: integer
Constraints: It should be always 2000 or 3000 ms
less than the Default Value: 2000 |
fixedTsigKeyMonitorDelay |
This configuration is for monitoring interval to secret added or updated. | DataType: integer
Constraints: NA Default Value: 5000 |
tsigKeyNamespace |
Indicates the namespace in which transaction signature key secret is created. | DataType: string
Constraints: NA Default Value: ocnrf |
tsigKeySecretName |
Indicates the transaction signature key secret name. | DataType: string
Constraints: NA Default Value: tsig-secret |
host |
This configuration is host IP of the DNS server. | DataType: string
Constraints: NA Default Value: NA |
port |
This configuration is port of the DNS server. | DataType: string
Constraints: NA Default Value: NA |
zone |
This configuration is zone of the DNS server. | DataType: string
Constraints: NA Default Value: example.search |
upstreamDNSTimeout |
This configuration is set timeout for a upstream DNS server transaction. | DataType: string
Constraints: NA Default Value: 10000 |
2.15.2 DNS NAPTR Update Options
This URI can be used to configure DNS NAPTR Update at NRF.
URI: {apiRoot}/nrf-configuration/v1/dnsNaptrUpdateOptions
- GET: Retrieves NAPTR record from DNS configuration.
- PUT: Updates NAPTR record in DNS configuration.
Content Type: application/json
{
"featureStatus": "DISABLED",
"maxRetryCount": 2,
"defaultPriority": "100",
"defaultCapacity":"65435"
}Configuration Attributes
Note:
If any attribute is not present in the JSON request body while updating, the existing value in the database is preserved and used. At least one attribute is included during the PUT request.Table 2-73 DNS-NAPTR Update Options
| Attribute Name | Description | Details |
|---|---|---|
featureStatus |
Enables or disables the DNS NAPTR update. If the value of this attribute is ENABLED, then NRF performs DNS NAPTR update during AMF NFRegister, NFUpdate, NFDeregister service operations, and suspension of NF by NRF. If the value of this attribute is DISABLED, then NRF does not perform any DNS NAPTR update. |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
maxRetryCount |
This attribute defines the maximum number of retries in case DNS NAPTR update fails. | DataType: integer
Constraints: 0-10 Default Value: 2 |
defaultPriority |
The value of this attribute is considered as NF priority in case NFProfile does not have a priority attribute. | DataType: integer
Constraints: 0 - 65535 Default Value: 100 |
defaultCapacity |
The value of this attribute is considered as NF capacity in case NFProfile does not have the capacity attribute. | DataType: integer
Constraints: 0 - 65535 Default Value: 65435 |
2.15.3 DNS NAPTR Status API
This section explains the status API for DNS NAPTR records.
URI: {apiRoot}/nrf-status-data/v1/dnsNAPTRRecords
Method: GET
Content Type: application/json
{
"dnsNAPTRRecordStatus": [{
"amfSetFqdn": "set1ab.region23.amfset.5gc.mnc014.mcc310.3gppnetwork.org",
"amfInstanceId": "bbab9915-c8bd-47dd-9438-14709bc2b452",
"capacity": 63535,
"priority": 20,
"amfName": "amf1.cluster1.net2.amf.5gc.mnc014.mcc310.3gppnetwork.org",
"syncStatus": "DNSRecordCreated",
"operationType": "update",
"amfFqdn": "AMF.d5g.oracle.com",
"arecord": ["192.168.3.110"]
}]
}Table 2-74 DNS NAPTR Record Status
| Attribute Name | Description | Details |
|---|---|---|
dnsNAPTRRecordStatus |
This attribute defines the DNS NAPTR Record details along with their status. The value for this attribute is populated in GET response. |
DataType: array (DnsNAPTRUpdateRecord)
Constraints: NA Default Value: Not applicable |
Table 2-75 DnsNAPTRUpdateRecord
| Attribute Name | Description | Details |
|---|---|---|
amfSetFqdn |
Domain name or FQDN for this NAPTR | DataType: string
Constraints: NA Default Value: NA |
amfInstanceId |
This is 3GPP attribute. This is kept in Status response, to map NF Instance | DataType: string
Constraints: NA Default Value: NA |
capacity |
Preference value is used to break the tie when order is same among the two AMF NFs. In the NAPTR record this value is: (Maximum capacity of AMF) - Declared Capacity of AMF) It means value will be 65535 - capacity |
DataType: integer
Constraints: NA Default Value: NA |
priority |
Determines which record is processed first. It processes the record with the lowest value first. | DataType: integer
Constraints: NA Default Value: NA |
amfName |
Replacement field specifies the FQDN for the next lookup, if it was not specified in the regular expression | DataType: string
Constraints: NA Default Value: NA |
syncStatus |
This attribute tells about DNS NAPTR record status with NRF. Possible values:-
|
DataType: string
Constraints: NA Default Value: NA |
operationType |
DNS NAPTR record entry with NRF and specific operation type.
|
DataType: string
Constraints: update, delete Default Value: NA |
amfFqdn |
FQDN of the AMF. | DataType: string
Constraints: NA Default Value: NA |
arecord |
Indicates the IPv4 Endpoint Address. | DataType: integer
Constraints: NA Default Value: NA |
aaaarecord |
Indicates the IPv6 Endpoint Address. | DataType: integer
Constraints: NA Default Value: NA |
Table 2-76 Mapping of DnsNAPTRUpdateRecord with DNS NAPTR and 3GPP Attributes
| Attribute in DnsNAPTRUpdateRecord | Mapped Attribute in DNS NAPTR | Mapped Attribute in 3GPP |
|---|---|---|
| amfSetFqdn | Lookup domain name |
This attribute is built using various attributes from AMF Profile. The AMF Set FQDN is constructed as follows: set<AMF Set Id>.region<AMF Region Id>.amfset.5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org Where, AMF Set Id:- amfSetId of AMFInfo AMF Region Id:- amfRegionId of AMFInfo MCC and MNC values are extracted from amfName attribute of n2InterfaceAmfInfo (AmfInfo) |
| amfInstanceId | No mapped attribute | NfInstanceId of AMF (NFProfile) |
| capacity | Preference
In the NAPTR record this value is: (Maximum capacity of AMF) - Declared Capacity of AMF) It means value will be 65535 - capacity |
capacity (NFProfile) |
| priority | Order | priority (NFProfile) |
| amfName | Replacement | amfName (AmfInfo) |
| syncStatus | None | None |
| amfFqdn | None | fqdn (NFProfile) |
| arecord | IPv4 address | ipv4EndpointAddress (n2InterfaceAmfInfo) |
| aaaarecord | IPv6 address | ipv6EndpointAddress (n2InterfaceAmfInfo) |
Note:
There can be additional attributes in DNS NAPTR record with specific values and does not get impacted by 3GPP attribute. For example,class = 1, ttl = 0, flag = A,
regexp = “”, service = x-3gpp-amf:x-n2.
2.15.4 DNS NAPTR Retrigger API
This section explains the retrigger API for DNS NAPTR records. This API is
used to retrigger the operations on any particular NfInstanceId
provided in DNS NAPTR Status API output.
URI: {apiRoot}/nrf-status-data/v1/reTriggerNAPTRUpdate
Method: PUT
Content Type: application/json
{ "reTriggerNAPTRUpdateRecords":["9e21368f-fd27-4d64-8dc4-70dc1529c319","9e21368f-fd27-4d64-8dc4-70dc1529c319"]}
Sample response codes with details:
204 STATUS CODE with No content: If all of the NfInstanceIds from the request are present with OCNRF.
404 STATUS CODE with Problem details: If any one of the NfInstanceId from the request is not present with OCNRF.
GET Method: It is supported and retained for future use. Currently, 204 No Content response is sent for GET method.Table 2-77 DNS NAPTR Retrigger API
| Attribute Name | Description | Details |
|---|---|---|
reTriggerNAPTRUpdateRecords |
This attribute defines AMF NFInstanceIds for which retrigger needs to be performed. |
DataType: array (NFInstanceIds)
Constraints: NfInstanceIds up to 10. Mandatory attribute. Default Value: NA |
2.16 Pod Protection Options
This section provides REST API configuration parameter details to configure pod protection options for NRF subscription microservice.
URI: {apiRoot}/nrf-configuration/v1/nfSubscription/podProtectionOptions
- GET: Retrieves NRF pod protection options configuration.
- PUT: Enables or Disables NRF pod protection feature.
Content Type: application/json
Body:
{
"enabled": true,
"monitoringInterval": 1200,
"congestionControl": {
"enabled": true,
"stateChangeSampleCount": 2,
"actionSamplingPeriod": 2,
"states": [
{
"name": "Normal",
"weight": 0,
"entryAction": [
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"incrementBy": 30,
"incrementByActionSamplingPeriod": 3,
"maxConcurrentStreamsPerCon": 100
}
},
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": true
}
}
]
},
{
"name": "DoC",
"weight": 1,
"resourceThreshold": {
"cpu": 60,
"pendingMessage": 100
},
"entryAction": [
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": false
}
},
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"incrementBy": 30,
"incrementByActionSamplingPeriod": 3,
"decrementBy": 30,
"decrementByActionSamplingPeriod": 1,
"maxConcurrentStreamsPerCon": 50
}
}
]
},
{
"name": "Congested",
"weight": 2,
"resourceThreshold": {
"cpu": 75,
"pendingMessage": 150
},
"entryAction": [
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": false
}
},
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"decrementBy": 30,
"decrementByActionSamplingPeriod": 1,
"maxConcurrentStreamsPerCon": 10
}
}
]
}
]
}
}Table 2-78 Pod Protection Options
| Attribute | Description | Details |
|---|---|---|
enabled |
This attribute indicates if the Pod Protection feature is enabled or disabled. | DataType: Boolean
Constraints: true, false Default Value: false |
monitoringInterval |
This attribute indicates the periodicity at which the overload state is monitored. Unit: Milliseconds Note: This is a read-only attribute. |
DataType: Integer
Constraints: NA Default Value: 1200 |
congestionControl |
This attribute specifies the congestion control configuration. For more information about congestion control parameters, see Table 2-79. |
DataType: Object
Constraints: NA Default Value: NA |
Table 2-79 CongestionControlConfig
| Attribute | Description | Details |
|---|---|---|
enabled |
This attribute allows the configuration of pod protection
attributes for the nfSubscription pods.
Note: This must be set to true for Pod Protection feature. |
DataType: Boolean
Constraints: true, false Default Value: false |
actionSamplingPeriod |
This attribute indicates the interval at which the
configured action must be considered. The actions are configured
under The interval is calculated as ( Note: This is a read-only attribute. |
DataType: Integer
Constraints: NA Default Value: 2 |
stateChangeSampleCount |
This attribute indicates the number of times the pod must be in the particular congestion state before transitioning to another state. For example, if the current state is normal, and the new state is
DoC, then NRF moves the pod to DoC only if the state is reported for
10 times in 1 second ( Note: This is a read-only attribute. |
DataType: Integer
Constraints: NA Default Value: 2 |
states |
This attribute indicates the congestion states, the
thresholds, and corresponding actions.
For more information about congestion states, see Table 2-80. |
DataType: Object
Constraints: NA Default Value: NA |
Table 2-80 CongestionStates
| Attribute | Description | Details |
|---|---|---|
name |
The name of the congestion state.
Note: This is a read-only attribute. |
DataType: String
Constraints: Normal, Doc, Congested Default Value: NA |
weight |
The weight of the congestion state. The weight indicates
the critical of the congestion state. The lower the value, the lower the
criticality.
Note: This is a read-only attribute. |
DataType: Integer
Constraints: NA Default Value: Normal= 0, DoC= 1, and Congested= 2 |
entryAction |
This attribute indicates the actions for the congestion state. For more information about the entry action configuration, see Table 2-81. Note: This is a read-only attribute. |
DataType: List
Constraints: NA Default Value: NA |
resourceThreshold |
This attribute indicates the resource thresholds for the given congestion state. This configuration is mandatory for the 'DoC' and 'Congested' states. For more information about the threshold for each resources, see Table 2-82. Note: This is a read-only attribute. |
DataType: Object
Constraints: NA Default Value: NA |
Table 2-81 EntryActionConfig
| Attribute | Description | Details |
|---|---|---|
action |
This attribute indicates the action for the congestion
state.
|
DataType: String
Constraints: MaxConcurrentStreamsUpdate, AcceptIncomingConnections Default Value: NA |
arguments |
This attribute indicates the actions for the congestion state. For more information about the arguments, see Table 2-83. |
DataType: Map <String, Object>
Constraints: NA Default Value: NA |
Table 2-82 ResourceThreshold
| Attribute | Description | Details |
|---|---|---|
cpu |
The CPU threshold is expressed in
percentage.
Note: This is a read-only attribute. |
DataType: Integer
Constraints: NA Default Value: For DoC, the default CPU is 60. For Congested, the default CPU is 75. |
pendingMessageCount |
The number of messages pending to be processed, expressed
in absolute value.
Note: This is a read-only attribute. |
DataType: Integer
Constraints: NA Default Value: For DoC, the default count is 100. For Congested, the default count is 150. |
Table 2-83 Possible Arguments
| Attribute | Description | Details |
|---|---|---|
accept |
The attribute indicates if the incoming connection should
be accepted or not. Applicable when the action is
AcceptIncomingConnections.
true: The incoming connection is accepted. false: The incoming connection is rejected. |
DataType: Boolean
Constraints: true, false Default Value: For Normal state, the default value is true. For DoC and Congested state, the default value is false. |
incrementBy |
The attribute indicates the factor by which the current
concurrent streams value will be incremented till it reaches
maxConcurrentStreamsPerCon.
Note: This is preconfigured for Normal and DoC state. |
DataType: Integer
Constraints: NA Default Value: 30 |
decrementBy |
The attribute indicates the factor by which the current
concurrent streams value will be decremented till it reaches
Note: This is preconfigured for DoC and Congested state. |
DataType: Integer
Constraints: NA Default Value: 30 |
maxConcurrentStreamsPerCon |
The attribute indicates the maximum number of concurrent streams per connection allowed. | DataType: Integer
Constraints: NA Default Value: For Normal, the default value is 100. For DoC, the default count is 50. For Congested, the default count is 10. |
decrementByActionSamplingPeriod |
The attribute indicates the time interval at which the
decrementBy is applied to reach
maxConcurrentStreamsPerCon. If not provided, the
actionSamplingPeriod is used.
Note: This is preconfigured for DoC and Congested state. |
DataType: Integer
Constraints: NA Default Value: 1 |
incrementByActionSamplingPeriod |
The attribute indicates the time interval at which the
incrementBy is applied to reach
maxConcurrentStreamsPerCon. If not provided, the
actionSamplingPeriod is used.
Note: This is preconfigured for Normal and DoC state. |
DataType: Integer
Constraints: NA Default Value: 30 |
2.17 Controlled Shutdown Options
This section provides REST API configuration parameter details to configure Controlled Shutdown options.
URI: {apiRoot}/nrf-configuration/v1/controlledShutdownOptions
- GET: Retrieves the operational state.
- PUT: Updates the operational state.
Content Type: application/json
Body:
{
"operationalState": "NORMAL"
}
Table 2-84 Controlled Shutdown Options
| Attribute | Description | Details |
|---|---|---|
operationalState |
The operational state of NRF. If the controlled shutdown feature is disabled (global Helm attribute global.enableControlledShutdown is set to false), then the operator will not be able to perform a controlled shutdown operation and NRF responds with 403 response. | DataType: string
Constraints:NORMAL, COMPLETE_SHUTDOWN Default Value: NORMAL |
2.17.1 Operational State History
The below API is used to retrieve the history of the operational state changes. This API lists the last 5 operational state changes. The topmost entry indicates the latest change in the operational state.
URI: {apiRoot}/nrf-configuration/v1/operationalStateHistory
Method: GET: Retrieves operational state history.
Content Type: application/json
Body:
{
"operationalStateHistory":
[
{
"operationalState": "NORMAL",
"timeStamp": "2022-08-30T08:12:45.88519",
"status": "SUCCESS"
},
{
"operationalState": "COMPLETE_SHUTDOWN",
"timestamp": "2023-02-02 13:42:08.148351775",
"status": "SUCCESS"
},
{
"operationalState": "NORMAL",
"timestamp": "2023-02-02 13:35:07.111230791",
"status": "SUCCESS"
},
{
"operationalState": "COMPLETE_SHUTDOWN",
"timestamp": "2023-02-02 13:33:22.06605161",
"status": "SUCCESS"
}
]
}
Table 2-85 Operational State History
| Attribute | Description | Details |
|---|---|---|
operationalState |
The operational state value of the NRF. This is a read-only attribute. |
DataType: string Constraints:NORMAL, COMPLETE_SHUTDOWN Default Value: NA |
timestamp |
Logs the timestamp when the operational state event took place. This is a read-only attribute. |
DataType: Date Constraints: NA Default Value: NA |
status |
Indicates if the operational state was changed successfully.
This is a read-only attribute. |
DataType: string Constraints: SUCCESS, FAILURE Default Value: NA |
2.18 NRF Growth Options
This section provides REST API configuration parameter details to set or retrieve the NRF Growth feature configuration.
URI: {apiRoot}/nrf-configuration/v1/nrfGrowth/featureOptions
- GET: Retrieves NRF Growth configuration.
- PUT: Updates NRF Growth configuration.
Content Type: application/json
Sample Body:
{
"featureStatus": "ENABLED",
"nfSetId": "set101.nrfset.5gc.mnc012.mcc345",
"nrfHostConfig": {
"hostConfigMode": "STATIC_MODE",
"staticNrfConfigList": [
{
"nfSetId": "set101.nrfset.5gc.mnc012.mcc345",
"nrfHostConfigList": [
{
"nfInstanceId": "6faf1bbc-6e4a-4454-a507-a14ef8e1bc5c",
"apiVersions": [
{
"apiVersionInUri": "v1",
"apiFullVersion": "15.5.0"
}
],
"scheme": "http",
"host": "ocnrf-ingressgateway.ocnrf.svc.cluster.local",
"priority": 0,
"port": 80
}
]
},
{
"nfSetId": "set201.nrfset.5gc.mnc012.mcc345",
"nrfHostConfigList": [
{
"nfInstanceId": "6faf1bbc-6e4a-4454-a507-a14ef8e1bc5d",
"apiVersions": [
{
"apiVersionInUri": "v1",
"apiFullVersion": "15.5.0"
}
],
"scheme": "http",
"host": "ocnrf-1-ingressgateway.ocnrf.svc.cluster.local",
"priority": 1,
"port": 80
}
]
}
]
},
"nrfRerouteProfile": {
"rerouteAttempts": 1,
"httpStatusCodeList": {
"pattern": "^[3,5][0-9]{2}$",
"codeList": null
}
}
}Table 2-86 featureOptions
| Attribute | Description | Details |
|---|---|---|
featureStatus |
This is an optional parameter. This attribute is used to enable or disable the NRF Growth feature.
If the value of this attribute is set as ENABLED, then the state data from multiple sets is used for processing service requests. |
DataType: String
Constraints: NA Default Value: DISABLED Range: ENABLED or DISABLED |
nfSetId |
This is a mandatory parameter. This attribute indicates the NRF set ID to which the NRF belongs. The value of this is the same for all the georedundant sites. The value for this attribute is set as per 3GPP TS 29.571 v16.7.0. |
DataType: String
Constraints: maximum length is 255. Default Value: null Range: NA |
nrfHostConfig |
This is a mandatory parameter. This attribute is used to configure the NRF host details of the remote NRF set. See Table 2-87 for details. |
DataType: Array
Constraints: NA Default Value: NA Range: NA |
nrfRerouteProfile |
The attribute indicates the number of reroutes to be performed when the NRF of a remote NRF set is unreachable. See Table 2-89 for details. |
DataType: Array
Constraints: NA Default Value: NA Range: NA |
Table 2-87 nrfHostConfig
| Attribute | Description | Details |
|---|---|---|
hostConfigMode |
This is a mandatory parameter. The attribute defines the mode in which the configurations are used. STATIC_MODE: When this value is set, the NRF hosts configured
in the Note: STATIC_MODE is the only mode supported in this release. |
DataType: String
Constraints: NA Default Value: STATIC_MODE Range: NA |
staticNrfConfigList |
This is a mandatory parameter. This attribute is used to configure the host details of the NRFs from the remote NRF set. The attribute must have at least two entries to enable the feature. One of the entries must contain the details of the local NRF Set. See Table 2-88 for details. Note: A maximum of three NRF sets can be configured. In each NRF set, a maximum of four hosts per set are allowed. |
DataType: Array
Constraints: NA Default Value: NA Range: NA |
Table 2-88 staticNrfConfigList
| Attribute | Description | Details |
|---|---|---|
nfSetId |
This is a mandatory parameter. This attribute represents the unique ID of the NRF set. The value of this is the same for all the georedundant sites. The value for this attribute is set as per 3GPP TS 29.571 v16.7.0. |
DataType: String
Constraints: maximum length is 255. Default Value: NA Range: NA |
nrfHostConfigList |
This is a mandatory parameter. This attribute is used to configure the NRF host details of the remote NRF set(s). See Table 2-8 for details. |
DataType: Array
Constraints: NA Default Value: NA Range: NA |
Table 2-89 nrfRerouteProfile
| Attribute | Description | Details |
|---|---|---|
rerouteAttempts |
This is an optional parameter. This attribute indicates the number of alternate NRF reroutes when the retry attempts are exhausted. |
DataType: Integer
Constraints: NA Default Value: 1 Range: 0-3 |
httpStatusCodeList |
This is an optional parameter. This attribute indicates the HTTP status codes to which retry and reroute must be attempted. |
DataType: Array
Constraints: NA Default Value: "pattern": "^[3,5][0-9]{2}$" Range: NA |
2.18.1 Forwarding Options for NRF Growth
This section provides REST API configuration parameter details to set or retrieve the forwarding configuration when the NRF Growth feature is enabled.
Note:
When the growth feature is enabled, NRF-NRF Forwarding Options configurations are not considered.URI: {apiRoot}/nrf-configuration/v1/nrfGrowth/nrfForwardingOptions
- GET: Retrieves forwarding options for NRF Growth feature.
- PUT: Updates forwarding options for NRF Growth feature.
Content Type: application/json
{
"profileRetrievalStatus": "DISABLED",
"subscriptionStatus": "DISABLED",
"discoveryStatus": "DISABLED",
"accessTokenStatus": "DISABLED",
"nrfHostConfig": {
"hostConfigMode": "STATIC_MODE",
"staticNrfConfigList": [
{
"segmentId": "Segment-1",
"nfSetId": "set401.nrfset.5gc.mnc012.mcc345",
"priority": 0,
"nrfHostConfigList": [
{
"nfInstanceId": "c56a4180-65aa-42ec-a945-5fd21dec0540",
"apiVersions": [
{
"apiVersionInUri": "v1",
"apiFullVersion": "15.5.0"
}
],
"scheme": "http",
"host": "ocnrf-1-ingressgateway.ocnrf.svc.cluster.local",
"priority": 0,
"port": 80
},
{
"nfInstanceId": "c56a4180-65aa-42ec-a945-5fd21dec0541",
"apiVersions": [
{
"apiVersionInUri": "v1",
"apiFullVersion": "15.5.0"
}
],
"scheme": "http",
"host": "ocnrf-2-ingressgateway.ocnrf.svc.cluster.local",
"priority": 1,
"port": 80
}
]
}
]
},
"nrfRerouteOnResponseHttpStatusCodes": {
"pattern": "^[3,5][0-9]{2}$",
"codeList": null
},
"errorResponses": [
{
"errorCondition": "NRF_Not_Reachable",
"responseCode": 504,
"errorResponse": "NRF not reachable",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
},
{
"errorCondition": "NRF_Forwarding_Loop_Detection",
"responseCode": 508,
"errorResponse": "Loop Detected",
"errorCause": "UNSPECIFIED_NF_FAILURE",
"retryAfter": "5m",
"redirectUrl": ""
}
],
"forwardingRulesFeatureConfig": {
"featureStatus": "ENABLED",
"forwardingRulesConfig": [
{
"targetNfType": "UDM",
"serviceNames": [
"nudm-uecm"
],
"serviceNamesMatchType": "ANYONE"
},
{
"targetNfType": "*",
"serviceNames": [
"UDMname14",
"UDMname15"
],
"serviceNamesMatchType": "EXACT"
}
]
}
}Table 2-90 nrfForwardingOptions
| Attribute Name | Description | Details |
|---|---|---|
profileRetrievalStatus |
This attribute controls the forwarding of NFProfileRetrieval service operation messages. If the flag is set to true and NRF is unable to complete the request due to the unavailability of any matching profile, then NRF forwards the NfProfileRetrieval request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If the flag is set to false, NRF will not forward the NfProfileRetrieval request. It returns a response to the consumer NF without forwarding it. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
subscriptionStatus |
This attribute controls the forwarding of NFStatusSubscribe, and NFStatusUnsubscribe service operation messages. If the flag is set to true and NRF cannot complete the request due to the unavailability of any matching profile, then NRF forwards the NfStatusSubscribe or NfStatusUnSubscribe request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If the flag is false, NRF will not forward the NFStatusSubscribe or NFStatusUnSubscribe request. It returns a response to the consumer NF without forwarding it. Note: NFStatusSubscribe forwarding is supported only if Subscription Condition is NfInstanceIdCond in the NFStatusSubscribe request. |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
discoveryStatus |
This attribute controls the forwarding of NFDiscover service operation messages. If the flag is set to ENABLED and NRF is not able to complete the request due to unavailability of any matching profile, then NRF forwards the NFDiscover request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If flag is DISABLED, NRF will not forward the NFDiscover request in any case. It will return a response to consumer NF without forwarding it. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
accessTokenStatus |
This attribute controls the forwarding of AccessToken service operation messages. If the flag is set to ENABLED and NRF is not able to complete the request due to unavailability of any matching Producer NF, then NRF forwards the AccessToken request to the configured NRF host(s) and relays the response received from forwarding NRF to the Consumer NF. If flag is DISABLED, NRF will not forward the AccessToken request in any case. It will return a response to consumer NF without forwarding it. | DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
nrfHostConfig |
This is a mandatory parameter. This attribute is used to configure the NRF host details of the remote NRF set. See Table 2-91 table for details. Note: The value of this attribute can be FQDN, IPv4, or IPv6. |
DataType: array
Constraints: NA Default Value: NA |
nrfRerouteOnResponseHttpStatusCodes |
This configuration is used to determine if the service
operation message needs to be forwarded to remote NRF set. The local NRF
set receives a response. If the response status code matches the
configured response status code list, then NRF reroutes the request to
the remote NRF set.
Refer Table 2-91 for details for local and remote NRF set details. |
DataType: ResponseHttpStatusCodes
Constraints: pattern or specific code list Default Value: "pattern": "^[3,5][0-9]{2}$|408$" |
errorResponses |
This attribute defines the error responses which may be
sent during NRF Forwarding scenarios. This attribute will allow to
update the error response code and error response description for
preloaded error conditions.
See Table 2-95 table for details. |
DataType: array
Constraints: NA Default Value: NA |
forwardingRulesFeatureConfig |
This attribute provide details for Forwarding Rules
feature configuration.
See Table 2-93 table for details. |
DataType: Array
Constraints: NA Default Value: NA |
Table 2-91 nrfHostConfig
| Attribute | Description | Details |
|---|---|---|
hostConfigMode |
This is a mandatory parameter. The attribute defines the mode in which the configurations are used. STATIC_MODE: The NRF hosts configured in the
|
DataType: String
Constraints: NA Default Value: STATIC_MODE Range: NA |
staticNrfConfigList |
This is a mandatory parameter. This attribute is used to configure the host details of the NRFs from the remote NRF set. The attribute must have at least 2 entries to enable the feature. One of the entries must contain the details of the own NRF Set. See Table 2-92 for details. Note: A maximum of 3 NRF sets can be configured. In each NRF set, a maximum of 4 hosts are allowed. |
DataType: Array
Constraints: NA Default Value: NA Range: NA |
Table 2-92 staticNrfConfigList
| Attribute | Description | Details |
|---|---|---|
segmentId |
This is a mandatory parameter. This attribute provides details of the segment information in the deployment. This attribute is the unique identifier of the segment.
|
DataType: String
Constraints: NA Default Value: NA Range: NA |
nfSetId |
This is a mandatory parameter. This attribute provides details of the set information in the deployment. This attribute is the unique identifier of a NRF set. |
DataType: String
Constraints: NA Default Value: NA Range: NA |
priority |
This is a mandatory parameter. This attribute indicates the priority of the segment and also the NRF set for which the NRF forwarding is applied. |
DataType: Integer
Constraints: NA Default Value: NA Range: NA |
nrfHostConfigList |
This is a mandatory parameter. This attribute is used to configure the NRF host details of the remote NRF set. This attribute is used to configure local and remote NRF set details used for forwarding various requests. It allows to configure details of NRF like apiVersion, scheme, host, port, and so on. The only supported value for apiVersionInUri is v1. Hence the apiVersions attribute must have at least one data record with apiVersionInUri attribute values set as v1. See Table 2-8 for details. This configuration allows you to configure more than two NRF Details. NRF with the highest priority is considered as local NRF for forwarding messages. NRF with the second highest priority is considered as remote NRF set for forwarding. To reset this attribute, send an empty array, for example: "nrfHostConfig": [ ] If this attribute is already set, then there is no need to provide the value again. Note: The value of this attribute can be FQDN, IPv4, or IPv6. |
DataType: Array
Constraints: NA Default Value: NA Range: NA |
Table 2-93 ForwardingRulesFeatureConfig
| Attribute | Description | Details |
|---|---|---|
featureStatus |
This attribute enables or disables the evaluation of forwarding eligibility of a service request based on target NF type and service names configured in forwardingRulesConfig. This flag can be ENABLED only if
Note: Once |
DataType: string
Constraints: ENABLED, DISABLED Default Value: DISABLED |
forwardingRulesConfig |
While enabling the forwarding rules feature, this
attribute is configured prior or during enabling the feature.
See ForwardingRulesConfig table for details. |
DataType: array
Constraints: Maximum of 50 forwarding rules can be configured. Default Value: Empty array |
Table 2-94 ForwardingRulesConfig
| Attribute | Description | Details |
|---|---|---|
targetNfType |
This attribute defines target NF type in a forwarding rule. | DataType: string
Constraints: It has to be either 3gpp defined NF type, custom NF type following regular expression (^CUSTOM_([A-Za-z0-9_]+)), or a wildcard *. Default Value: NA |
serviceNames |
List of services allowed for target NF type. | DataType: array (string)
Constraints: Cannot be empty, either wildcard or any service name(s) must be defined. Note: Maximum of 20 service names can be configured for each forwarding rule. Default Value: NA |
serviceNamesMatchType |
This attribute provides details on how the service names are evaluated, based on the defined constraints. Exact: Service Names in incoming request must be present in the configured service names. Anyone: Service Names in incoming request must match with any one of the configured service names. Note: If serviceNames is a wildcard attribute, then this attribute can be skipped. |
DataType: string
Constraints: EXACT, ANYONE Default Value: NA |
2.19 Perf-Info Configuration
This section explains REST API configurations required at Perf-Info to enable Overload control feature.
2.19.1 Overload Level Threshold Configuration in Perf-Info
The following URI can be used for configuring overload threshold in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/perfinfo/overloadLevelThreshold
Method:
- GET: Get Overload Threshold Value of the required service (Backend service).
- PUT: Update the Overload Threshold Value of the required service (Backend service).
- DELETE: Delete the Overload Threshold Value of the required service (Backend service).
Content Type: application/json
[
{
"svcName": "ocnrf-nfdiscovery",
"metricsThresholdList": [
{
"metricsName": "svc_failure_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 1800,
"abatementValue": 1500
},
{
"level": "L2",
"onsetValue": 2500,
"abatementValue": 1600
},
{
"level": "L3",
"onsetValue": 5100,
"abatementValue": 3100
},
{
"level": "L4",
"onsetValue": 7700,
"abatementValue": 5000
}
]
},
{
"metricsName": "cpu",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 75,
"abatementValue": 70
},
{
"level": "L2",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L3",
"onsetValue": 85,
"abatementValue": 80
},
{
"level": "L4",
"onsetValue": 90,
"abatementValue": 85
}
]
},
{
"metricsName": "svc_pending_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 12000,
"abatementValue": 11000
},
{
"level": "L2",
"onsetValue": 15500,
"abatementValue": 12500
},
{
"level": "L3",
"onsetValue": 18000,
"abatementValue": 16700
},
{
"level": "L4",
"onsetValue": 21000,
"abatementValue": 19374
}
]
}
]
},
{
"svcName": "ocnrf-nfregistration",
"metricsThresholdList": [
{
"metricsName": "svc_failure_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L2",
"onsetValue": 300,
"abatementValue": 280
},
{
"level": "L3",
"onsetValue": 600,
"abatementValue": 480
},
{
"level": "L4",
"onsetValue": 900,
"abatementValue": 720
}
]
},
{
"metricsName": "cpu",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 65,
"abatementValue": 60
},
{
"level": "L2",
"onsetValue": 75,
"abatementValue": 70
},
{
"level": "L3",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L4",
"onsetValue": 90,
"abatementValue": 85
}
]
},
{
"metricsName": "svc_pending_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 5000,
"abatementValue": 4500
},
{
"level": "L2",
"onsetValue": 6000,
"abatementValue": 5300
},
{
"level": "L3",
"onsetValue": 7000,
"abatementValue": 6200
},
{
"level": "L4",
"onsetValue": 8000,
"abatementValue": 7200
}
]
}
]
},
{
"svcName": "ocnrf-nfaccesstoken",
"metricsThresholdList": [
{
"metricsName": "svc_failure_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L2",
"onsetValue": 300,
"abatementValue": 280
},
{
"level": "L3",
"onsetValue": 600,
"abatementValue": 480
},
{
"level": "L4",
"onsetValue": 900,
"abatementValue": 720
}
]
},
{
"metricsName": "cpu",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 65,
"abatementValue": 60
},
{
"level": "L2",
"onsetValue": 75,
"abatementValue": 70
},
{
"level": "L3",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L4",
"onsetValue": 92,
"abatementValue": 87
}
]
},
{
"metricsName": "svc_pending_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 100,
"abatementValue": 58
},
{
"level": "L2",
"onsetValue": 190,
"abatementValue": 125
},
{
"level": "L3",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L4",
"onsetValue": 400,
"abatementValue": 300
}
]
}
]
}
]Table 2-96 Overload Level Threshold
| Attribute Name | Description | Details |
|---|---|---|
svcName |
Name of the backend service (svcName). | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList |
List of criteria used to calculate the load level. | DataType:
array
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.metricsName |
Name of overload indicator such as cpu, svc_failure_count, svc_pending_count, and memory. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList |
List of threshold values. | DataType: array
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList.level |
Specifies the name of the level. The name specified in this parameter
must match the level name in Ingress Gateway's
ocdiscardpolicies.
|
DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList.abatementValue |
The overload condition is considered as cleared, if the
load level for the indicator mentioned in
metricsThresholdList.metricsName is below the abatement value.
|
DataType:
integer
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList.onsetValue |
The load level for the indicator mentioned in
metricsThresholdList.metricsName is set as per the
metricsThresholdList.levelThresholdList.level, if the overload
condition is breached this onset value.
|
DataType:
integer
Mandatory(M)/Optional(O)/Conditional(C): M |
2.20 Egress Gateway Configuration
This section explains REST API configurations required at Egress Gateway for various features.
2.20.1 Peer Configuration
This resource is used in SbiRouting feature. This URI can be used to add
or update the list of peers wherein each peer consists of ID, host, port or virtualHost,
and apiPrefix. The ID of each peer is mapped to peerIdentifier in
"peersetconfiguration" resource. The default value is null.
Peer Configuration
URI: {apiRoot}/nrf/nf-common-component/v1/egw/peerconfiguration
Method: PUT, PATCH, GET
- PUT: Updates peer configuration.
- GET: Retrieves peer configuration.
- PATCH: Updates specific peer configuration.
Resource: array (PeerConfiguration)
Body:
curl -v -X PUT "http://10.75.226.126:30747/nrf/nf-common-component/v1/egw/peerconfiguration" -H "Content-Type: application/json" -d @peer.json
peer.json sample:-
[
{
"id": "peer1",
"host": "scp-stub-service01",
"port": "8080",
"apiPrefix": "/",
"healthApiPath":"/{scpApiRoot}/{apiVersion}/status"
},
{
"id": "peer2",
"host": "scp-stub-service02",
"port": "8080",
"apiPrefix": "/",
"healthApiPath":"/{scpApiRoot}/{apiVersion}/status"
}
]curl -v -X PUT "http://10.75.226.126:30747/nrf/nf-common-component/v1/egw/peerconfiguration" -H "Content-Type: application/json" -d @peer.json
peer.json sample:-
[
{
"id": "peer3",
"virtualHost": "scp-stub-service03",
"apiPrefix": "/",
"healthApiPath":"/{scpApiRoot}/{apiVersion}/status"
}
]Note:
Combination of static and virtual host configuration is not supported.Table 2-97 Peer Configuration
| Attribute Name | Description | Details |
|---|---|---|
id |
Peer identifier | DataType: string
Constraints: Unique value in peer configuration Default Value: NA |
host |
Host details of a local peer. It can be IPv4, IPv6 and FQDN details. |
DataType: string
Constraints: NA Default Value: NA |
port |
Port details of a local host peer. | DataType: string
Constraints: NA Default Value: NA |
virtualHost |
Host details of a remote peer.
This FQDN is sent to Alternate Route Service for DNS SRV resolution. |
DataType: string
Constraints: NA Default Value: NA |
apiPrefix |
API prefix details of a peer. | DataType: string
Constraints: Keep the value as / only for NRF Default Value: NA |
healthApiPath |
Include the SCP API details. | DataType: string
Constraints: NA Default Value: /{scpApiRoot}/{apiVersion}/status |
2.20.2 Peer Set Configuration
This section provides details about peer set configuration at Egress
Gateway. This URI is used to add or update the list of peer sets wherein each peer
set consists of id and list of http/https instances. Each instance
consists of priority and peer identifier that is mapped to id in peerconfiguration
resource. The id of each peer set is mapped to
peerSetIdentifier in routesconfiguration
resource. The default value is null.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/peersetconfiguration
Method: PUT, PATCH, GET
- PUT: Updates peer set configuration.
- GET: Retrieves peer set configuration.
- PATCH: Updates specific peer set configuration.
Resource: array (PeerSetConfiguration)
curl -v -X PUT "http://10.75.226.126:32247/nrf/nf-common-component/v1/egw/peersetconfiguration" -H "Content-Type: application/json" -d @peerset.json
sample peerset.json
[
{
"id":"set0",
"httpConfiguration":[
{
"priority": 1,
"peerIdentifier": "peer1"
}],
"httpsConfiguration":[
{
"priority": 1,
"peerIdentifier": "peer1"
}]
}
]Table 2-98 Peer Set Configuration
| Attribute | Description | Details |
|---|---|---|
id |
Identifier for Peer Set. | DataType: string
Constraints: Unique value in peer set configuration. Default Value: NA |
httpConfiguration |
Configuration for HTTP based Peers. This value will be selected, if 3GPPAPIRootScheme value is http. | DataType: array (Table 2-99)
Constraints: NA Default Value: NA |
httpsConfiguration |
Configuration for HTTPs based Peers. This value will be selected, if 3GPPAPIRootScheme value is https. | DataType: array (Table 2-99)
Constraints: NA Default Value: NA |
Table 2-99 Peer Identifier Configuration
| Attribute | Description | Details |
|---|---|---|
priority |
Priority of peer to be used in a peer set. | DataType: integer
Constraints: Priority must be unique. Default Value: NA |
peerIdentifier |
Peer identifier is the value of peer configured during PeerConfiguration. | DataType: string
Constraints: NA Default Value: NA |
2.20.3 Peer Monitoring Configuration
The below API is used to retrieve the peer monitoring configuration.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/peermonitoringconfiguration
- GET: Fetches the details of peer monitoring configuration.
- PUT: Updates replace the existing values with the new value sent for peer monitoring configuration.
- PATCH: Changes the value of the modified parameters in peer monitoring configuration.
Content Type: application/json
Body:
{
"enabled":true,
"timeout":1000,
"frequency":2000,
"failureThreshold":3,
"successThreshold":4
}Table 2-100 Peer Monitoring Configuration
| Attribute | Description | Details |
|---|---|---|
enabled |
Indicates the attribute to enable or disable monitoring at a global level. |
DataType: Boolean Constraints:true or false Default Value: false |
timeout |
Indicates the flag to configure the duration of time after which calls to the SCP health API is timed out. |
DataType: long Constraints:NA Recommended Range: 300 milliseconds to 10000 milliseconds Default Value: 1000 milliseconds |
frequency |
Indicates the frequency or interval at which Egress Gateway microservice initiates health check calls toward SCP. |
DataType: long Constraints:NA Recommended Range: 300 milliseconds to 10000 milliseconds Default Value: 2000 milliseconds |
failureThreshold |
Indicates the number of consecutive failure responses after which a healthy SCP can be marked as unhealthy. Health API call to given SCP fails consecutively to these many attempts before it is marked as Unavailable from Available. |
Data Type: Integer Constraints: NA Recommended Range: 1 to 5 Default Value: 3 |
successThreshold |
Indicates the number of successful responses after which an unhealthy SCP can be marked as healthy. Health API call to given SCP shall succeed consecutively to these many attempts before it is marked as Available from Unavailable. |
Data Type: Integer Constraints: NA Recommended Range: 1 to 5 Default Value: 4 |
2.20.4 Error Criteria Sets
This section provides details about error criteria set configuration at Egress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerrorcriteriasets
Method: PUT, PATCH, GET
- PUT: Updates sbiroutingerrorcriteria configuration.
- GET: Retrieves sbiroutingerrorcriteria configuration.
- PATCH: Updates specific sbiroutingerrorcriteria configuration.
[
{
"id":"criteria_0",
"method":[
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"exceptions":[
"java.util.concurrent.TimeoutException",
"java.net.UnknownHostException"
]
},
{
"id":"criteria_1",
"method":[
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"response":{
"statuses":[
{
"statusSeries":"4xx",
"status":[
400,
404
]
},
{
"statusSeries":"5xx",
"status":[
500,
503
]
}
]}
}
]Table 2-101 sbiroutingerrorcriteriasets
| Attribute | Description | Details |
|---|---|---|
sbiroutingerrorcriteriasets.id |
Unique id for a sbiRoutingErrorCriteriaSet | DataType: string
Constraints: Unique value of route Default Value: NA |
sbiroutingerrorcriteriasets.method |
Methods for which reroute or retry is triggered. | DataType: string
Constraints: GET, POST, PUT, PATCH, DELETE Default Value: NA |
sbiroutingerrorcriteriasets.response.exceptions |
Specific exceptions for which reroute or retry is
triggered.
Note: exceptions and response cannot be configured under same criteria Id. |
DataType: string
Constraints: NA Default Value: java.util.concurrent.TimeoutException |
sbiroutingerrorcriteriasets.response.statuses.statusSeries |
Http Status Series for which reroute or retry is triggered, when the error response is received from downstream. | DataType: string
Constraints: 4xx, 5xx Default Value: NA |
sbiroutingerrorcriteriasets.response.statuses.status |
Specific HTTP Statuses that belongs to above mentioned status series for which reroute or retry is triggered. To enable retry or reroute for all the HTTP status belonging to a status series, configure this as -1. | DataType: string
Constraints: 401, 404 or -1 Default Value: NA |
sbiroutingerrorcriteriasets.response.exceptions |
Specific exceptions for which reroute or retry is
triggered.
Note: exceptions and response cannot be configured under same criteria Id. |
DataType: string
Constraints: NA Default Value: java.util.concurrent.TimeoutException |
2.20.5 Error Action Sets
This section provides details about error action set configuration at Egress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerroractionsets
Method: PUT, PATCH, GET
- PUT: Updates sbiroutingerroraction configuration.
- GET: Retrieves sbiroutingerroraction configuration.
- PATCH: Updates specific sbiroutingerroraction configuration.
[
{
"id":"action_0",
"action":"reroute",
"attempts":2,
"blacklist":{
"enabled":false,
"duration":60000
}
},
{
"id":"action_1",
"action":"reroute",
"attempts":2,
"blacklist":{
"enabled":false,
"duration":60000
}
}
]Table 2-102 sbiroutingerroractionsets
| Attribute | Description | Details |
|---|---|---|
sbiroutingerroractionsets.id |
Unique Id for sbiRoutingErrorActionSet | DataType: string
Constraints: Default Value: NA |
sbiroutingerroractionsets.action |
Action that needs to be taken when specific criteria set is matched. | DataType: string
Constraints: reroute, retry Default Value: reroute |
sbiroutingerroractionsets.attempts |
Maximum no of retries to either same or different peer in case of error or failures from backend. | DataType: string
Constraints: NA Default Value: 3 |
sbiroutingerroractionsets.blackList.enabled |
This flag enables the peer blacklist feature using the server headers received in the response. | DataType: boolean
Constraints: true, false Default Value: false |
sbiroutingerroractionsets.blackList.duration |
The duration for which the peer is blacklisted and no traffic is routed to that peer for this period. | DataType: integer
Constraints: NA Default Value: 60000 |
2.20.6 Routes Configuration
This URI can be used to fetch and update the list of routes configuration.
Routes Configuration
URI: {apiRoot}/nrf/nf-common-component/v1/egw/routesconfiguration
Method: PUT, PATCH, GET
- PUT: Updates route configuration.
- GET: Retrieves route configuration.
- PATCH: Updates specific route configuration.
Resource: array (RoutesConfiguration)
Body
{
"id":"egress_scp_proxy2",
"uri":"http://localhost:32069/",
"order":3,
"metadata":{
"httpsTargetOnly":false,
"httpRuriOnly":false,
"sbiRoutingEnabled":false
},
"predicates":[
{
"args":{
"pattern":"/nef"
},
"name":"Path"
}
],
"filters":[
{
"name":"SbiRouting",
"args":{
"peerSetIdentifier":"set0",
"customPeerSelectorEnabled":false
}
}
]
}Table 2-103 Routes Configuration
| Attribute | Description | Details |
|---|---|---|
id |
Route configuration identifier CAUTION:- Default Route with id
' |
DataType: string
Constraints: Unique value of route Default Value: NA |
uri |
Provide any dummy URL, or leave the existing URL with the existing value. | DataType: string
Constraints: NA Default Value: NA |
order |
Provide the order of the execution of this route. Note: The value of the order attribute must be unique for each routing configuration. |
DataType: integer
Constraints: NA Default Value: NA |
httpRuriOnly |
This flag indicates the scheme of the outgoing request from
OCNRF.
If the value is set to true, the scheme of RURI is changed to http. If the value is set to false, no change occurs to the scheme. Note: In case of non-ASM configuration and
|
DataType: boolean (true,false)
Constraints: NA Default Value: NA |
httpsTargetOnly |
For NRF, the value of this flag must always be set to true. Note: This is a read-only attribute. |
DataType: boolean (true, false)
Constraints: NA Default Value: NA |
sbiRoutingEnabled |
Enables or disables SBI routing
true: SbiRouting functionality is enabled false: SbiRouting functionality is disabled |
DataType: boolean (true, false)
Constraints: NA Default Value: false |
predicates |
Header predicate details for matching target PLMN mapped to this SBIRoute rule. Note: The predicates can be combined in a single configuration as shown in the Body, or only the required configuration can be retained for processing the message. Sample value:- "predicates": [{ "args": { "header": "OC-MCCMNC", "regexp": "310014" }, "name": "Header" }] Note: "header": "OC-MCCMNC" must not be changed. Only "regexp": "310014" can be modified. regexp consists of MCC and MNC values. In this example, value of MCC and MNC is 310 and 014. Multiple values can be provided for regexp as shown below: "predicates": [{ "args": { "header": "OC-MCCMNC", "regexp": "310014" }, "name": "Header" }, { "args": { "header": "OC-MCCMNC", "regexp": "315012" }, "name": "Header" }] |
DataType: Predicate structure. See description for more
details.
Constraints: NA Default Value: NA |
filters |
Filters can be created for various purposes. Use all of the filters as mentioned in the example without any updates. See Table 2-104 for more information. | DataType: array [filters]
Constraints: NA Default Value: NA |
Table 2-104 Filters Configuration
| Attribute | Description | Details |
|---|---|---|
filters.name |
Provide filtername as "SBIRoutingFilter" | DataType: boolean (true, false)
Constraints: NA Default Value: NA |
filters.args.peerSetIdentifier |
This flag maps to id of
peerSetConfiguration.
|
DataType: String
Constraints: NA Default Value: NA |
filters.args.customPeerSelectorEnabled |
This flag allows the user to send request to a particular instance
directly when enabled according to "ocalternaterouteattempt" header.
Note: When |
DataType: boolean (true, false)
Constraints: NA Default Value: NA |
2.21 Ingress Gateway Configuration
This section explains REST API configurations required at Ingress Gateway for various features.
2.21.1 Error Code Profile Configuration
The following URI can be used to update the errorcodeprofiles that is used in Overload Control, Controlled Shutdown feature for populating details in error responses when a request is discarded.
Note:
Below is the sample error code profile that can be linked for controlled shutdown. The errorcodeprofiles configuration is used for other features as well. Hence, the configuration must be performed with caution.By default, the errorcodeprofiles remains null.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeprofiles
Method:
- GET: Get Error Code configuration of the required service.
- PUT: Update Error Code configuration of the required service.
Content Type: application/json
[
{
"name": "error429",
"errorCode": 429,
"errorCause": "Too many requests",
"errorTitle": "Too many requests",
"redirectURL": "",
"retry-after": "",
"errorDescription": "Too many requests"
},
{
"name": "error503",
"errorCode": 503,
"errorCause": "Backend not able to handle traffic",
"errorTitle": "Backend not able to handle traffic",
"redirectURL": "",
"retry-after": "",
"errorDescription": "Backend not able to handle traffic"
},
{
"name": "shutdownerror503",
"errorCode": 503,
"errorCause": "UNSPECIFIED_NF_FAILURE",
"errorTitle": "NRF is in COMPLETE_SHUTDOWN state. Service temporarily unavailable",
"redirectURL": "",
"retry-after": "",
"errorDescription": "NRF is in COMPLETE_SHUTDOWN state. Service temporarily unavailable"
}
]Table 2-105 Error Code Profile Configuration
| Attribute Name | Description | Details |
|---|---|---|
name |
Error name. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCode |
errorCode field in an errorScenario determines the HttpStatusCode that needs to be populated in ProblemDetails (HttpStatus field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCause |
errorCause field in an errorScenario determines the error cause that needs to be populated in ProblemDetails (Cause field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
errorTitle |
errorTitle field in an errorScenario determines the title that needs to be populated in ProblemDetails (Title field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
redirectURL |
redirectURL field in an errorScenario determines the redirection URL, this value is populated in LOCATION header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the redirectUrl field for the particular errorScenario is configured appropriately. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
retry-after |
retry-after field in an errorScenario determines the value in seconds or particular date after which the service should be retried, this value is populated in Retry-After header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the retry-after field for the particular errorScenario is configured appropriately in seconds. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
errorDescription |
errorDescription field in an errorScenario determines the description that needs to be populated in ProblemDetails (Detail field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
2.21.2 Discard Policy Configuration
The following URI can be used to update discard policies that are used in
overload control to select the appropriate policy from the configured list based on the
load level of a particular service. By default, ocdiscardpolicies is
null.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/ocdiscardpolicies
Method:
- GET: Get discard policy configuration of the required service.
- PUT: Update discard policy configuration of the required service.
Content Type: application/json
[
{
"name": "nfdiscoveryPolicy",
"scheme": "PercentageBased",
"policies": [
{
"level": "L1",
"value": 0,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L2",
"value": 10,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L3",
"value": 25,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L4",
"value": 50,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error503"
}
]
},
{
"name": "nfaccesstokenPolicy",
"scheme": "PercentageBased",
"policies": [
{
"level": "L1",
"value": 0,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L2",
"value": 10,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L3",
"value": 25,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L4",
"value": 50,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error503"
}
]
},
{
"name": "nfregistrationPolicy",
"scheme": "PercentageBased",
"policies": [
{
"level": "L1",
"value": 0,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L2",
"value": 10,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L3",
"value": 15,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L4",
"value": 25,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error503"
}
]
}
]Table 2-106 Discard Policy Configuration
| Attribute Name | Description | Details |
|---|---|---|
name |
Name of the discarded policy. Note: name must be the value configured in policyName under ocpolicymapping. |
DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
scheme |
Discarded policy scheme based on percentage. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
policies.value |
Value of priority above which requests are considered as potential candidates for drop. Percentage of requests to drop in the current sampling period over the calculated rate in the previous sampling period. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
policies.action |
Defines the action to be taken on selected requests rejection based on error code. | DataType: string
The value can be: RejectWithErrorCode Mandatory(M)/Optional(O)/Conditional(C): M |
policies.level |
Defines the overload level. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
policies.errorCodeProfile |
The error code profiles. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
2.21.3 Policy Mapping Configuration
The following URI can be used to update service names and corresponding policy names for the service that is mapped to "ocDiscardPolicies" based on "policyName" and enable or disable the Overload Control feature and the sampling period in overload control. The Overload Control feature is disabled by default, and the sampling period is 200. To enable the feature, invoke REST API and update the enabled flag to true.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/ocpolicymapping
Method:
- GET: Get Policy mapping value of the required service.
- PUT: Update the Policy mapping value of the required service.
Content Type: application/json
{
"enabled": true,
"mappings": [
{
"svcName": "ocnrf-nfdiscovery",
"policyName": "nfdiscoveryPolicy"
},
{
"svcName": "ocnrf-nfaccesstoken",
"policyName": "nfaccesstokenPolicy"
},
{
"svcName": "ocnrf-nfregistration",
"policyName": "nfregistrationPolicy"
}
],
"samplingPeriod": 200
}Table 2-107 Policy Mapping Configuration
| Attribute Name | Description | Details |
|---|---|---|
enabled |
To enable or disable discard policy at Ingress Gateway. | DataType:
boolean
Mandatory(M)/Optional(O)/Conditional(C): M |
mappings.svcName |
The service entry to determine a mapping between service and discard
policy name per service. svcName must be added in the following
format:<deployment-name>-<servicename>
Note: servicename is fixed and cannot be changed. |
DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
mappings.policyName |
The discard policy entry to determine a mapping between service and discard policy name per service. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
samplingPeriod |
Time frame for each cycle of Overload Control per service. Its value is in milliseconds. | DataType:
integer
Mandatory(M)/Optional(O)/Conditional(C): M |
2.21.4 Error Code Series Configuration
The following URI can be used to update the errorcodeserieslist used in Overload Control feature to list the configurable exception or error for an error scenario in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeserieslist
Method:
- GET: Get Error Code Series configuration of the required service.
- PUT: Update Error Code Series configuration of the required service.
Content Type: application/json
[
{
"id": "E1",
"exceptionList": [
"RequestTimeout",
"ConnectionTimeout",
"UnknownHostException",
"NotFoundException"
],
"errorCodeSeries":
[
{
"errorSet": "4xx",
"errorCodes": [408]
},
{
"errorSet": "5xx",
"errorCodes": [500, 503]
}
]
}
]Table 2-108 Error Code Series Configuration
| Attribute Name | Description | Details |
|---|---|---|
id |
Indicates the error code identifier. | Data Type: string
Mandatory(M)/Optional(O)/Conditional(C): M |
exceptionList |
Lists the configurable exception or error for an error scenario in Ingress Gateway. The only supported values are: ConnectionTimeout, RequestTimeout, UnknownHostException, ConnectException, RejectedExecutionException, InternalError and NotFoundException, ClosedChannelException, BlackListIpException |
Data Type: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCodeSeries |
Lists the error codes for a specific service. Note:
|
DataType: object Constraints: Array [Table 2-108] Mandatory(M)/Optional(O)/Conditional(C): M |
Table 2-109 Error Code Series Configuration
| Attribute Name | Description | Details |
|---|---|---|
errorSet |
Possible values for "errorSet" attribute: 5xx, 4xx, 3xx, 2xx, 1xx | Data Type: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCodes |
Possible values include all error codes in the respective HttpSeries value assigned for "errorSet". Note: Use single value of "-1" if all error codes in that HttpSeries are to be considered. |
Data Type: string
Mandatory(M)/Optional(O)/Conditional(C): M |
2.21.5 Routes Configuration
The following URI can be used to configure the route ID, server header, and configuration in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/routesconfiguration
Method: PUT
Content Type: application/json
[ {
"id": "registration_mapping",
"failureReqCountErrorCodeSeriesId": "E1",
"serverHeaderDetails": {
"enabled": true,
"errorCodeSeriesId": "E1"
}
},
{
"id": "accesstoken_mapping",
"failureReqCountErrorCodeSeriesId": "E1",
"serverHeaderDetails": {
"enabled": true,
"errorCodeSeriesId": "E1"
}
},
{
"id": "subscription_mapping",
"failureReqCountErrorCodeSeriesId": "E1",
"serverHeaderDetails": {
"enabled": true,
"errorCodeSeriesId": "E1"
}
},
{
"id": "disc_mapping",
"failureReqCountErrorCodeSeriesId": "E1",
"serverHeaderDetails": {
"enabled": true,
"errorCodeSeriesId": "E1"
}
}
]Table 2-110 Routes Configuration
| Attribute Name | Description | Details |
|---|---|---|
id |
Value of "id" attribute defines a specific service for
route configuration.
This attribute can have the following values: registration_mapping, subscription_mapping,
disc_mapping,and accesstoken_mapping |
Data Type: string
Mandatory(M)/Optional(O)/Conditional(C): M |
failureReqCountErrorCodeSeriesId |
Indicates the ID that is used to map the service with the error code ID defined in errorcodeserieslist. | Data Type: string
Mandatory(M)/Optional(O)/Conditional(C): M |
serverHeaderDetails |
Indicates if the server header details feature is available at Routes configuration. For more information, see Server Header Details. Note: If server header is enabled at RoutesConfiguration, the configuration details like nfType and nfInstanceId are retrieved from the Global level. If errorCodeSeriesId is not configured at Route level, errorCodeSeriesId configured at Global level will be used as a fallback when serverHeaderDetails at RouteLevel is set as true. |
Data Type: array [Table 2-111] Mandatory(M)/Optional(O)/Conditional(C): O |
Table 2-111 Server Header Details
| Attribute Name | Description | Details |
|---|---|---|
enabled |
Indicates if the server header feature is enabled or disabled. If the value is true, NRF adds the server header in the error responses. If the value is false, NRF does not add the server header in the error responses. |
Data Type: boolean Constraints: true, false Default Value: false Mandatory(M)/Optional(O)/Conditional(C): M |
errorCodeSeriesId |
Indicates the error list IDs. This attribute is compared with the
For more information about |
Data Type: string
Constraints: This value should be one of the id attribute values configured inTable 2-108 Error Code Series Configuration.Default Value: NA Mandatory(M)/Optional(O)/Conditional(C): M |
2.21.6 Controlled Shutdown Error Mapping Configuration
The following URI can be used for mapping between the routes and the error code profile that is used when the Ingress Gateway rejects incoming requests.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/controlledshutdownerrormapping
- GET: Gets the mapping between the routes and the error code profile.
- PUT: Updates the mapping between the routes and the error code profile.
Content Type: application/json
{
"routeErrorProfileList": [
{
"routeId":"disc_mapping",
"errorProfileName":"shutdownerror503"
},
{
"routeId":"registration_mapping",
"errorProfileName":"shutdownerror503"
},
{
"routeId":"accesstoken_mapping",
"errorProfileName":"shutdownerror503"
},
{
"routeId":"subscription_mapping",
"errorProfileName":"shutdownerror503"
}
]
}Table 2-112 Controlled Shutdown Error Mapping
| Attribute Name | Description | Details |
|---|---|---|
routeErrorProfileList.routeId |
The route id that is configured in routes configuration. |
DataType: string Constraints: NA Possible values: <subscription_mapping,accesstoken_mapping,registration_mapping,disc_mapping> The possible values should match with the routeId of the routes configuration. Default Value: NA |
routeErrorProfileList.errorProfileName |
The error profile name that is used to fetch the error from errorcodeprofiles. |
DataType: string Constraints: NA Default Value: shutdownerror503 |
2.21.7 CCA Header Validation
The following URI can be used for configuring the CCA header validation requests.
URI:
{apiRoot}/nrf/nf-common-component/v1/igw/ccaheader
- GET: Gets the details stored in DB for property ccaheader.
- PUT: Replaces the existing values with the new value sent.
- PATCH: Updates the value of the parameters modified.
Content Type: application/json
{
"enabled": false,
"minExpiryTime": 2000,
"maxTokenAge": 20,
"role": "NRF",
"subKey": "subjectAltName",
"validationRule": "strict",
"k8SecretName": "ocingress-secret",
"k8NameSpace": "ocingress-ns",
"fileName": "caroot.cer"
}Table 2-113 CCA Header Validation Configuration
| Attribute Name | Description | Details |
|---|---|---|
enabled |
Indicates if the CCA validation feature flag is enabled
or disabled.
Note: This is a read-only parameter. If you want to enable
this feature, use
|
Data Type: boolean Constraints: true, false Default Value: false Presence: M |
minExpiryTime |
Indicates the buffer or additional time that is added to the current time to check it with the certificate expiry time. |
Data Type: integer Constraints:NA Default Value: 0 Presence: M |
maxTokenAge |
Indicates the maximum token age allowed.
Note: It skips the check if the value is 0. |
Data Type: integer Constraints: 0 - 86400 seconds Default Value: 0 Recommended Value: 60 for NRF. Presence: M |
role |
Indicates the CCA token validator role to match the
audience claim in the header.
Note: This is a read-only parameter. |
Data Type: string Constraints: NA Default Value: NRF Presence: M |
subKey |
Indicates if the certificate extension name to be read in
the public key certificate received in CCA request for
consumer NFs Instance Id.
For NRF this value should be NF Instance
Id.
Note: This is a read-only parameter. |
Data Type: string Constraints: NA Default Value: subjectAltName Presence: M |
validationRule |
Indicates the CCA validation rule.
For NRF, this value is always strict. |
Data Type: string Constraints: strict, relaxed Default Value: strict Presence: M |
k8SecretName |
Indicates the name of the Kubernetes secret in which the
CA bundle is present.
Note: After fresh installation, these attributes must be configured with appropriate values as per the system requirement using the Rest API as these values are sample ones. Example
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
k8SecretNameSpace |
Indicates the Kubernetes namespace in which CA bundle is
present.
Note: changens value is updated with NRF secret for CCA header. Note: After fresh installation, these attributes must be configured with appropriate values as per the system requirement using the Rest API as these values are sample ones. Example
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
fileName |
Indicates the name of the CA bundle file used for CCA.
This is the file generated by certificate and key generation steps.
Note: After fresh installation, these attributes must be configured with appropriate values as per the system requirement using the Rest API as these values are sample ones. Example:
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
2.21.8 Pod Protection Options
URI: {apiRoot}/nrf/nf-common-component/v1/igw/podprotection
- GET: Retrieves Ingress Gateway pod protection options configuration.
- PUT: Enables or disables Ingress Gateway pod protection feature.
Content Type: application/json
{
"enabled": true,
"monitoringInterval": 100,
"congestionControl": {
"enabled": true,
"stateChangeSampleCount": 10,
"actionSamplingPeriod": 3,
"states": [
{
"name": "Normal",
"weight": 0,
"entryAction": [
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"incrementBy": 30,
"incrementByActionSamplingPeriod": 3,
"maxConcurrentStreamsPerCon": 100
}
},
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": true
}
}
]
},
{
"name": "DoC",
"weight": 1,
"resourceThreshold": {
"pendingMessage": 1500,
"CPU": 75
},
"entryAction": [
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": false
}
},
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"incrementBy": 30,
"incrementByActionSamplingPeriod": 3,
"decrementBy": 30,
"decrementByActionSamplingPeriod": 1,
"maxConcurrentStreamsPerCon": 10
}
}
]
},
{
"name": "Congested",
"weight": 2,
"resourceThreshold": {
"pendingMessage": 2000,
"CPU": 85
},
"entryAction": [
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": false
}
},
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"decrementBy": 30,
"decrementByActionSamplingPeriod": 1,
"maxConcurrentStreamsPerCon": 1
}
}
]
}
]
}
}Table 2-114 Pod Protection Options
| Attribute | Description | Details |
|---|---|---|
enabled |
This attribute indicates if the Pod Protection feature is enabled or disabled. | DataType: Boolean
Constraints: true, false Default Value: false |
monitoringInterval |
This attribute indicates the periodicity at which the overload state is monitored. Unit: Milliseconds Note: The proposed value for this attribute is 100. |
DataType: Integer
Constraints: NA Default Value: NA |
congestionControl |
This attribute specifies the congestion control configuration. For more information about congestion control parameters, see Table 2-79. |
DataType: Object
Constraints: NA Default Value: NA |
Table 2-115 CongestionControlConfig
| Attribute | Description | Details |
|---|---|---|
enabled |
This attribute allows the configuration of pod protection
attributes for the Ingress Gateway pods.
Note:
This must be set to |
DataType: Boolean
Constraints: true, false Default Value: false |
actionSamplingPeriod |
This attribute indicates the interval at which the
configured action must be considered. The actions are configured
under The interval is calculated as
( Note: The proposed value for this attribute is 3. |
DataType: Integer
Constraints: NA Default Value: NA |
stateChangeSampleCount |
This attribute indicates the number of times the pod must be in the particular congestion state before transitioning to another state. For example, if the current state is normal, and the new
state is DoC, then NRF moves the pod to DoC only if the state is
reported for 10 times in 1 second
( Note: The proposed value for this attribute is 10. |
DataType: Integer
Constraints: NA Default Value: NA |
states |
This attribute indicates the congestion states, the
thresholds, and corresponding actions.
For more information about congestion states, see Table 2-80. |
DataType: Object
Constraints: NA Default Value: NA |
Table 2-116 CongestionStates
| Attribute | Description | Details |
|---|---|---|
name |
The name of the congestion state.
|
DataType: String
Constraints: Normal, Doc, Congested Default Value: NA |
weight |
The weight of the congestion state. The weight indicates
the critical of the congestion state. The lower the value, the lower the
criticality.
Note: The proposed value for this attribute is for Normal is 0, DoC is 1, and Congested is 2. |
DataType: Integer
Constraints: NA Default Value: NA |
entryAction |
This attribute indicates the actions for the congestion state. For more information about the entry action configuration, see Table 2-81. |
DataType: List
Constraints: NA Default Value: NA |
resourceThreshold |
This attribute indicates the resource thresholds for the given congestion state. This configuration is mandatory for the 'DoC' and 'Congested' states. For more information about the threshold for each resources, see Table 2-82. |
DataType: Object
Constraints: NA Default Value: NA |
Table 2-117 EntryActionConfig
| Attribute | Description | Details |
|---|---|---|
action |
This attribute indicates the action for the congestion
state.
|
DataType: String
Constraints: MaxConcurrentStreamsUpdate, AcceptIncomingConnections Default Value: NA |
arguments |
This attribute indicates the actions for the congestion state. For more information about the arguments, see Table 2-83. |
DataType: Map <String, Object>
Constraints: NA Default Value: NA |
Table 2-118 ResourceThreshold
| Attribute | Description | Details |
|---|---|---|
cpu |
The CPU threshold is expressed in percentage.
Note:: The recommended value for this attribute is for DoC is 75 and for Congested is 85. |
DataType: Integer
Constraints: NA Default Value: NA |
pendingMessage |
The number of pending messages to be processed, expressed
in absolute count.
Note:: The recommended value for this attribute is for DoC is 1500 and for Congested is 2000. |
DataType: Integer
Constraints: NA Default Value: NA |
Table 2-119 Possible Arguments
| Attribute | Description | Details |
|---|---|---|
accept |
The attribute indicates if the incoming connection should
be accepted or not. Applicable when the action is
AcceptIncomingConnections.
true: The incoming connection is accepted. false: The incoming connection is rejected. The proposed
value for Normal state is |
DataType: Boolean
Constraints: true, false Default Value: NA |
incrementBy |
The attribute indicates the factor by which the current
concurrent streams value will be incremented till it reaches
maxConcurrentStreamsPerCon.
Note: The proposed value for this attribute is 30 for Normal and DoC state. |
DataType: Integer
Constraints: NA Default Value: NA |
decrementBy |
The attribute indicates the factor by which the current
concurrent streams value will be decremented till it reaches
Note: The proposed value for this attribute is 30 for DoC and Congested state. |
DataType: Integer
Constraints: NA Default Value: NA |
maxConcurrentStreamsPerCon |
The attribute indicates the maximum number of concurrent
streams per connection allowed.
Note: The proposed value for this attribute is for Normal is 100, DoC is 10, and Congested is 1. |
DataType: Integer
Constraints: NA Default Value: NA |
decrementByActionSamplingPeriod |
The attribute indicates the time interval at which the
decrementBy is applied to reach
maxConcurrentStreamsPerCon. If not provided, the
actionSamplingPeriod is used.
Note: The proposed value for this attribute is 1 for DoC and Congested state. Unit is seconds. |
DataType: Integer
Constraints: NA Default Value: NA |
incrementByActionSamplingPeriod |
The attribute indicates the time interval at which the
incrementBy is applied to reach
maxConcurrentStreamsPerCon. If not provided, the
actionSamplingPeriod is used.
Note: The proposed value for this attribute is 3 for Normal and DoC state. Unit is seconds. |
DataType: Integer
Constraints: NA Default Value: NA |
2.21.9 Copy Header On Gateway Error
The following URI can be used to update the configuration of copyHeaderOnGatewayError in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/copyHeaderOnGatewayError
- GET: Get the configuration of copyHeaderOnGatewayError in Ingress Gateway.
- PUT: Update the configuration of copyHeaderOnGatewayError in Ingress Gateway.
Content Type: application/json
{
"enabled": false,
"requestToResponse": {
"requestHeaderNames": [
"3gpp-Sbi-Correlation-Info"
]
}
}Table 2-120 copyHeaderOnGatewayError
| Attribute Name | Description | Details |
|---|---|---|
copyHeaderOnGatewayError.enabled |
Indicates if the copyHeaderOnGatewayError feature is enabled or disabled. If the value of this feature is true, and if 3gpp-Sbi-Correlation-Info header is available in the Copy HeaderOn Gateway Error.requestToResponse.requestHeaderNames, it adds the 3gpp-Sbi-Correlation-Info header for error responses. If the value of this feature is false, and if 3gpp-Sbi-Correlation-Info header is available in the Copy HeaderOn Gateway Error.requestToResponse.requestHeaderNames, it does not add the 3gpp-Sbi-Correlation-Info header for error responses. |
Data Type: boolean Constraints: true, false Default Value: false Presence: O |
copyHeaderOnGatewayError.requestToResponse |
This object contains request header names which should be
configured here to verify the incoming header.
(if the incoming header
is present under
|
Data Type: object Constraints: Default Value: Presence:O |
copyHeaderOnGatewayError.requestToResponse.requestHeaderNames |
Indicates the supported header names to be sent when the feature is enabled. These header names are strings and they should be valid for the feature to work. |
Data Type: Array Constraints: 3gpp-Sbi-Correlation-Info Default Value: default-header Presence: M |
2.21.10 Server Header Details
The following URI can be used to update the configuration of server header in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/serverheaderdetails
- GET: Get the configuration of serverheaderdetails in Ingress Gateway.
- PUT: Update the configuration of serverheaderdetails in Ingress Gateway.
Content Type: application/json
{
"enabled": true,
"configuration": {
"nfType": "NRF",
"nfInstanceId": "6faf1bbc-6e4a-4454-a507-a14ef8e1bc5c"
},
"errorCodeSeriesId": "E1"
}Table 2-121 serverheaderdetails
| Attribute Name | Description | Details |
|---|---|---|
enabled |
Indicates if the server header feature is enabled or disabled. If this value is set to true, NRF adds the server header in the error responses. If this value is set to false, NRF does not add the server header in the error responses. |
Data Type: boolean Constraints: true, false Default Value: false Presence: O |
configuration |
Indicates the configuration type of the network
function, such as NF Type and NF Instance Id.
For more information about configuration parameters, see Table 2-122. |
Data Type: string Constraints: Array[Table 2-122] Default Value: NA Presence: M |
errorCodeSeriesId |
Indicates the error list IDs.
The
errorCodeSeriesId attribute in
{apiRoot}/nrf/nf-common-component/v1/igw/serverheaderdetails
is compared with the value of the Id attribute in
{apiRoot}/nrf/nf-common-component/v1/igw/errorcodeserieslist,
if this value matches, NRF adds the server header in the responses.
For more information about
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
Table 2-122 Server Header Details Configuration
| Attribute Name | Description | Details |
|---|---|---|
nfType |
Indicates the nfType of the Network Function.
For NRF use cases, the value is always NRF. |
Data Type: string Constraints: NA Default Value: NRF Presence: M |
nfInstanceId |
Indicates the nfInstanceId of NRF. |
Data Type: string Constraints: NA Default Value: NA Presence: M |
Note:
In case any one or both the values of nfType and nfInstanceId attributes are empty, NRF does not add the server header in the error responses.2.21.11 Congestion Level Configuration
The following URI can be used to identify the congestion level of the pods.
URI:
{apiRoot}/nrf/nf-common-component/v1/igw/congestionConfig
Method: GET and PUT
- GET: Gets the configured congestion in Ingress Gateway.
- PUT: Updates the configured congestion in Ingress Gateway.
Content Type: application/json
{
"levels": [
{
"name": "Normal",
"value": 1,
"resources": [
{
"name": "CPU",
"onset": 65,
"abatement": 58
}
]
},
{
"name": "Danger Of Congestion",
"value": 2,
"resources": [
{
"name": "CPU",
"onset": 75,
"abatement": 70
}
]
},
{
"name": "Congested",
"value": 3,
"resources": [
{
"name": "CPU",
"onset": 85,
"abatement": 80
}
]
}
],
"refreshInterval": 500
}Table 2-123 Congestion Level Configuration
| Attribute Name | Description | Details |
|---|---|---|
levels |
This attribute indicates an array of different levels of congestion. |
Data Type: array (Table 2-124) Constraints: See Table 2-124 for more details. Default Value: NA |
refreshInterval |
This attribute indicates the refresh interval for the scheduler to calculate congestion level in milliseconds. CPU levels are stable when tested with values more than 500 ms as a refresh interval. Any value less than this, CPU spikes are observed for a shorter period of time, and denied requests are processed based on the action defined for that congestion level. |
Data Type: integer Constraints: NA Default Value: 500 Unit: milliseconds |
Table 2-124 Levels
| Attribute Name | Description | Details |
|---|---|---|
name |
Indicates the name of the congestion level. Note: The value should be unique. |
Data Type: string Constraints: NA Default Value: NA |
value |
Indicates numerical values for each congestion level.
The value ranges from 1-10. The values should be defined from 1 to 10 in increasing order. The default level of the system is 0. This is the state of the system when the CPU is less than the onset of L1 defined in the configuration. |
Data Type: integer Constraints: 1 -10 Default Value: 0 |
resources |
Indicates the list of resources. |
Data Type: array (Table 2-125) Constraints: See Table 2-125 for more details. Default Value: NA |
Table 2-125 Resources
| Attribute Name | Description | Details |
|---|---|---|
name |
Indicates the resource names. The possible value is CPU. |
Data Type: string Constraints: NA Default Value: CPU |
onset |
Indicates the onset threshold. Note: Onset should be more than the abatement of the level. Denoted by percentage. |
Data Type: integer Constraints: NA Default Value: NA |
abatement |
Indicates the abatement threshold. Denoted by percentage. Note:
|
Data Type: integer Constraints: NA Default Value: NA |
2.21.12 Pod Protection By Rate Limiting
The following URI can be used to identify the pods that should be protected by rate limiting feature.
URI:
{apiRoot}/nrf/nf-common-component/v1/igw/podProtectionByRateLimiting
Method: GET and PUT
- GET: Gets the pod protection by rate limiting in Ingress Gateway.
- PUT: Updates the pod protection by rate limiting in Ingress Gateway.
Content Type: application/json
{
"enabled": true,
"fillRate": 2500,
"defaultPriority": 24,
"errorCodeProfile": "ERR_POD_PROTECTION_RATE_LIMIT",
"priorityHeaderName": "3gpp-Sbi-Message-Priority",
"deniedRequestActions": [
{
"id": 1,
"congestionLevel": 0,
"action": "CONTINUE"
},
{
"id": 2,
"congestionLevel": 1,
"action": "CONTINUE"
},
{
"id": 3,
"congestionLevel": 2,
"action": "CONTINUE"
},
{
"id": 4,
"congestionLevel": 3,
"action": "REJECT",
"errorCodeProfile": "ERR_POD_PROTECTION_RATE_LIMIT"
}
],
"routes": [
{
"id": 1,
"path": "/nnrf-nfm/v1/nf-instances/**",
"methods": [
"GET",
"PUT",
"POST",
"PATCH",
"DELETE"
],
"percentage": 3
},
{
"id": 2,
"path": "/nnrf-nfm/v1/subscriptions/**",
"methods": [
"POST",
"PATCH",
"DELETE"
],
"percentage": 3
},
{
"id": 3,
"path": "/nnrf-disc/v1/nf-instances/**",
"methods": [
"GET"
],
"percentage": 90
},
{
"id": 4,
"path": "/nrfset-data/v1/**",
"methods": [
"GET",
"PUT",
"POST",
"PATCH"
],
"percentage": 2
},
{
"id": 5,
"path": "/oauth2/token",
"methods": [
"POST"
],
"percentage": 2
}
]
}Table 2-126 Pod Protection by Rate Limiting
| Attribute Name | Description | Details |
|---|---|---|
enabled |
This attribute indicates if the Ingress Gateway Pod Protection Using Rate Limiting feature is enabled or disabled. If the value is set as true, the Ingress Gateway Pod Protection Using Rate Limiting feature is enabled. If the value is set as false, the Ingress Gateway Pod Protection Using Rate Limiting feature is disabled. |
Data Type: boolean Constraints: true, false Default Value: false |
fillRate |
This attribute indicates the number of requests to be processed by an Ingress Gateway pod in one second (1000 ms). |
Data Type: integer Constraints: NA Default Value: 2500 |
defaultPriority |
This attribute indicates the default priority in the absence of a priority header in the request. Note: This is for future release and not to be used in this release 25.1.200. |
Data Type: integer Constraints: NA Default Value: 24 |
errorCodeProfile |
This attribute indicates error profile to be sent for the rejected requests. It should be a valid errorProfile. |
Data Type: string Constraints: It should be a valid errorProfile
configured in the errorcodeProfile API and Helm attribute
( Default Value: ERR_POD_PROTECTION_RATE_LIMIT |
priorityHeaderName |
Determines the priority of the request using the configured header. Indicates the name of the header. Note: This is for future release and not to be used in this release 25.1.200. |
Data Type: string Constraints: NA Default Value: 3gpp-sbi-message-priority |
deniedRequestActions |
This attribute indicates the request actions to be performed for the requests which exceeds the fill rate. |
Data Type: array (Table 2-128) Constraints: NA Default Value: See Table 2-128 for more details. |
routes |
This attribute indicates the route for rate limiting. |
Data Type: array (Table 2-127) Constraints: NA Default Value: See Table 2-127 for more details. |
Table 2-127 Routes
| Attribute Name | Description | Details |
|---|---|---|
id |
Indicates the route Id that processes the request. The number of route Ids can be more than 1. Note: Each route should have a unique route Id. |
Data Type: integer Constraints: NA Default Value: NA |
path |
Indicates the path to be matched to apply fill rate on the route. |
Data Type: string Constraints: NA Default Value: NA |
methods |
Indicates the Http method of the route for which the rate limiting is defined. All valid Http methods are allowed, for example:
|
Data Type: array Constraints:
Default Value: NA |
percentage |
This attribute indicates the percentage of requests for a route. If The minimum value is 0.1. Note: The total percentage across all routes should not exceed 100. |
Data Type: integer Constraints: NA Default Value: NA |
Table 2-128 Denied Request Actions
| Attribute Name | Description | Details |
|---|---|---|
id |
Indicates the unique Id of the request. |
Data Type: integer Constraints: NA Default Value: |
congestionLevel |
Indicates the congestion level of the pods.
This value depends on the
levels.value attribute in the
{apiRoot}/nrf/nf-common-component/v1/igw/congestionConfig
API or the default value 0.
|
Data Type: integer Constraints: 1-10 Default Value: NA |
action |
This attribute rejects or processes a denied request based on the value of congestionLevel attribute in the deniedRequestActions object. The possible values are REJECT and CONTINUE. |
Data Type: string Constraints: REJECT, CONTINUE Default Value: NA |
errorCodeProfile |
This attribute indicates error profile to be sent for the rejected requests. |
Data Type: string Constraints: NA Default Value: NA |
2.22 Alternate Route Configuration
This section explains REST API configurations required at Alternate Route for various features.
2.22.1 Upstream DNS Configuration
The following URI can be used to check if the Alternate Route can communicate to upstream DNS server for dynamic DNS updates for the types A/AAAA/NAPTR.
URI: {apiRoot}/nrf/nf-common-component/v1/altRoute/upstreamdnsconfig
- GET: Get the configuration of upstream DNS in Alternate Route Service.
- PUT: Update the configuration of upstream DNS in Alternate Route Service.
Content Type: application/json
{
"enabled": false,
"watchSecretTimeout": 2000,
"fixedTsigKeyMonitorDelay": 5000,
"tsigKeyNamespace": "ingress-rahmn",
"tsigKeySecretName": "tsig-secret",
"host": "10.75.175.222",
"port": "53",
"zone": "example.search",
"upstreamDNSTimeout": 10000
}
Table 2-129 upstreamdnsconfig
| Attribute Name | Description | Details |
|---|---|---|
enabled |
Indicates if the Alternate Route can communicate to upstream DNS server for dynamic DNS updates for the types A/AAAA/NAPTR. Indicates if NRF communicates with a local DNS server to resolve a domain name. If the value is true, NRF supports the upstream DNS server configuration. If the value is false, NRF does not support the upstream DNS server configuration. |
Data Type: Boolean Constraints: true, false Default Value: false Presence: O |
watchSecretTimeout |
Indicates the watch event timeout (in second). The value
should be always 2000 or 3000 ms less than the
fixedTsigKeyMonitorDelay.
Unit: Milliseconds |
Data Type: Integer Constraints: NA Default Value: NA Presence: O |
fixedTsigKeyMonitorDelay |
Indicates the monitoring interval for secret to be added
or updated.
Unit: Milliseconds |
Data Type: Integer Constraints: NA Default Value: Presence: O |
tsigKeyNamespace |
Indicates the namespace where the secret is created. |
Data Type: String Constraints: NA Default Value: NA Presence: M |
host |
Indicates the host IP address of a upstream DNS server. |
Data Type: String Constraints: NA Default Value: NA Presence: M |
port |
Indicates the port of a upstream DNS server. |
Data Type: String Constraints: NA Default Value: NA Presence: M |
zone |
Indicates the zone of a upstream DNS server. |
Data Type: String Constraints: NA Default Value: NA Presence: M |
upstreamDNSTimeout |
Indicates the timeout set for a upstream
DNS server.
Unit: Milliseconds |
Data Type: Integer Constraints: NA Default Value: 10000 Presence: O |