4 Configuring SEPP using CNC Console

This chapter describes how to configure different services in SEPP using Oracle Communications Cloud Native Configuration (CNC) Console.

4.1 CNC Console Interface

You can use the SEPP integrated with CNC Console after logging in to the CNC Console application. To successfully log in to the CNC Console, you need to make the following updates to the hosts file available at the C:\Windows\System32\drivers\etc location.
  1. In the Windows system, open the hosts file in the notepad as an Administrator and append the following set of lines at the end:
    <CNCC Node IP> cncc-iam-ingress-gateway.cncc.svc.cluster.local
<CNCC Node IP> cncc-core-ingress-gateway.cncc.svc.cluster.local
    For example:
    10.75.212.88 cncc-iam-ingress-gateway.cncc.svc.cluster.local
10.75.212.88 cncc-core-ingress-gateway.cncc.svc.cluster.local

    Note:

    The IP Address in the above lines may change when deployment cluster changes.
  2. Save and close the hosts file.

    Ensure that a CNC user and password are created before logging into the CNC Console. For more information on how to create a CNC Console user and password, see Oracle Communications Cloud Native Core Console Installation and Upgrade Guide.

Log in to CNC Console

The procedure to log in to the CNC Console is as follows:

1. Open any browser.

2. Enter the URL: http://<host name>:<port number>. The Login screen appears:

Figure 4-1 Login Screen

Login Screen

Note:

<host name> is cncc-iam-ingress-ip and <port number> is cncc-iam-ingress-port.

3. Enter the valid credentials.

4. Click Login. The Welcome screen of CNC Console interface appears.

Figure 4-2 Welcome Page of the CNC Console

Welcome Page of the CNC Console

Select the required NF instance from the Please Select Instance drop-down list. The left pane displays the selected network function and on clicking the network function the corresponding APIs and configurations appears underneath.

4.2 SEPP Configuration

This section describes how to configure different SEPP features and services using CNC Console.

On selecting SEPP from the drop-down list, the following screen appears:

Figure 4-3 SEPP Welcome Screen

SEPP Welcome Screen

4.2.1 Handshake Status

Handshake Status Rest API returns the handshake status corresponding to each Remote SEPP Name.

Perform the following procedure to view the Handshake Status:

  1. From the left navigation menu, navigate to SEPP and then click Handshake Status. The list of all the handshake status corresponding to each SEPP Name appears on the right pane.

The parameters are:

Table 4-1 Handshake Status Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Remote SEPP M String Name of Remote SEPP
State M Enum N32F Context State
3GPP SBI Target API Root Header Supported M Boolean Indicates whether 3GPP SBI Target API Root Header Supported or not by Remote SEPP.
Local PLMN ID(s) M Object List of Local PLMN ID(s) supported
Handshake Reinit Status M Enum Status of Reinitiated Handshake when changing local PLMN ID(s) or editing Remote SEPP configuration.
HandshakeTimestamp M Time format This parameter displays time of handshake and time is updated if handshake is reinitiated.

Note:

Possible handshake states are CAPABILITY_EXCHANGE_STATE and N32F_ESTABLISHED_STATE.
  • CAPABILITY_EXCHANGE_STATE - Handshake initiated with the remote SEPP.
  • N32F_ESTABLISHED_STATE - Handshake completed and TLS connection is established with remote SEPP.

4.2.2 Logging Config

Logging Config allows the user to configure the application based log level and package based log level.

The Logging Config can be configured into SEPP mode and IPX mode. To enable the SEPP mode, set the operationMode flag to true. To enable the IPX mode, set the operationMode flag to false. In IPX mode, the user cannot enable or disable the log level for nfmanagement and nfdscovery services.

Perform the following procedure to configure the log levels:

  1. From the left navigation menu, navigate to SEPP and then click Logging Config.
  2. On selecting Logging Config, the list of all application logs, package logs, and their levels configured in the system appear on the right pane.
  3. Click Edit icon to modify the log level. The page is enabled for modification.
  4. Click View to view the details of the log level List.

Table 4-2 Logging Config Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
ServiceType M Enum Name of the Common Service - N32 EGW, N32 IGW, PLMN EGW, PLMN IGW
Application Log Level M Enum Log level for the application
Package Log Level M String Log level of each corresponding packages. Example: For Package root, the loglevel can be ERROR.

The supported log levels are ERROR, WARN, INFO, DEBUG, and TRACE.

Table 4-3 Log levels

Log Level Description
ERROR Designates error events that might still allow the application to continue running.
WARN Designates potentially harmful situations.
INFO Designates informational messages that highlight the progress of the application at a coarse-grained level.
DEBUG Designates fine-grained informational events that are most useful to debug an application.
TRACE Designates finer-grained informational events than the DEBUG log level.

4.2.3 Remote SEPP

Remote SEPP returns all the configured Remote SEPP profiles.

Perform the following procedure to configure the Remote SEPP:
  1. From the left navigation menu, navigate to SEPP and then click Remote SEPP. The list of all the Remote SEPPs configured along with the parameters appear on the right pane.
  2. Click Edit icon to modify a specific parameter. The page is enabled for modification.

    Note:

    • SEPP Name and FQDN cannot be edited.
    • N32F FQDN, N32F IP Address, and N32F Port values must be added in the Remote SEPP to enable separate port configurations for n32c and n32f on the Egress routes feature.
    • Virtual Host value must be added in the Remote SEPP to enable load sharing among multiple Remote SEPP nodes feature.
    • Remote SEPP also means an intermediary supporting hop-by-hop TLS (Roaming Hub Deployment Model).
    The parameters are:

    Table 4-4 Remote SEPP Parameters

    Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
    Name M String Name of the Remote Sepp
    PLMN ID(s) M Object List of PLMN ID - MCC and MNC
    Domain O String Domain for routing.

    SEPP FQDN M String Fully Qualified Domain Name for SEPP
    Security Capability List O List <SecurityCapa bility> Type of security capability supported - TLS and PRINS.

    Default value: TLS
    Is Enabled O Boolean Remote SEPP is True (enabled) or False (disabled).

    Default value: True
    Port O Integer Port for SEPP NF
    API Prefix O String API Prefix

    Default Value: ""
    API Version O String API Version
    priority O Integer This parameter is currently not in use and is reserved for future release.
    Remote SEPP IP Address O String

    This is the Remote SEPP IP Address.

    The IP Address can be IPv6 or IPv4.

    If Remote SEPP IP is provided, it will be added in authority header while sending HTTP2 headers towards Remote SEPP.

    If Remote SEPP IP is not provided, FQDN is resolved to the corresponding IP endpoint using DNS. Hence, DNS configuration should be present for the FQDN. In this case, the authority header contains FQDN.

    Note: If IP is provided, the Server Name Indication (SNI) field in the TLS handshake message will not be populated with the SEPP FQDN. For SNI, only SEPP FQDN should be present and not the remote SEPP IP address.

    sanValidationRequired O Boolean San validation is enabled for incoming N32C handshake request or not.

    Default Value: True
    N32F FQDN C String

    This is a conditional parameter.

    This parameter describes the FQDN used for the forwarding plane. This is a mandatory parameter if user wants to use port segregation feature and configure different control plane and forward plane.

    N32F IP Address O String This parameter describes the IP Address used for the forwarding plane. This will be configured only if control plane and forwarding plane configuration are different. The IP Address can be IPv6 or IPv4.

    Note: If IP is provided, the Server Name Indication (SNI) field in the TLS handshake message will not be populated with the SEPP FQDN. For SNI, only SEPP FQDN should be present and not the remote SEPP IP address.
    N32F Port C String

    This is a conditional parameter.

    This parameter describes the port used for the forwarding plane. This is a mandatory parameter if user wants to use port segregation feature and configure different control plane and forward plane.
    Virtual Host O String This parameter describes the virtual FQDN used for the load sharing between the remote SEPPs.
    HealthAPIPath C String

    Conditional parameter. If present, HealthAPIMethod also needs to be present. default value is null.

    URI sent as part of proactive monitoring of remote peer.
    HealthAPIMethod C String

    Conditional parameter. If present, HealthAPIPath also needs to be present. default value is null.

    URI sent as part of proactive monitoring of remote peer.

    The healthApiMethod parameter supports only GET and OPTIONS.
  3. Click Delete icon to delete a specific Remote SEPP Profile.
  4. Click Add from the top right side to add a new Remote SEPP Profile.
  5. Click Save.

Note:

Name, SEPP FQDN, and PLMN ID(s) are mandatory parameters.

4.2.4 Remote SEPP Set

Remote SEPP Set (RSS) allows the user to configure the Remote SEPP Sets.

Perform the following procedure to configure the Remote SEPP Set:
  1. From the left navigation menu, navigate to SEPP and then click Remote SEPP Set. On selecting Remote SEPP Set, the list of all the Remote SEPP Sets configured in the system appears on the right pane.
  2. Click Edit icon to modify the parameters. The page is enabled for modification.
  3. Click Add to add a new Remote SEPP Set. PrimarySepp, SecondarySepp, and TertiarySepp can be added.

    Note:

    • One Remote SEPP Set will be created per PLMN and this set can have up to three producer SEPPs sharing same PLMN. The three producer SEPPs can be configured in this set based on their priority as either Primary, Secondary, or Tertiary.
    • The user must configure atleast one of the Primary, Secondary, or Tertiary parameters.

The parameters are:

Table 4-5 Remote SEPP Set Parameters

Parameter Name Description Details
Name This is a mandatory parameter.

Name of Remote SEPP Set. 		Data Type: String
Primary SEPP This is a conditional parameter.

The name of Primary SEPP configured in the Remote SEPP Set, which is treated as the primary route in the forward plane. 		Data Type: String
Secondary SEPP This is a conditional parameter.

The name of Secondary SEPP configured in the Remote SEPP Set, which is treated as the secondary route in the forward plane. 		Data Type: String
Tertiary SEPP This is a conditional parameter.

The name of Tertiary SEPP configured in the Remote SEPP Set, which is treated as the tertiary route in the forward plane. 		Data Type: String
CAT 1 Service API Validation This is a mandatory parameter.

Name of the allowed list supported by Remote SEPP Set. 		Data Type: String
CAT 2 Network ID Validation This is a mandatory parameter.

It contains Cat 2 network ID Validation Configuration parameter for this RSS. 		Data Type: String
Network ID in Header Validation Enabled

This is a mandatory parameter.

A boolean value to enable and disable the network ID in the header validation at RSS level.

True indicates that the validation is enabled.

False indicates that the validation is disabled.

 Data Type: Boolean
Network ID in Body Validation Enabled

This is a mandatory parameter.

A boolean value to enable and disable the network ID in body validation at RSS level.

True indicates that the validation is enabled.

False indicates that the validation is disabled.

 Data Type: Boolean
Network ID Validation List Name This is a mandatory parameter.

It contains the network id validation list name supported by the particular Remote SEPP Set. 		Data Type: String
Hosted SEPP This is a mandatory parameter.

It contains the Hosted SEPP Configuration parameters for this RSS. 		Data Type: Object
Allowed Producer Remote SEPP Sets This is a mandatory parameter.

It contains includes the list of Allowed Producer Remote SEPP Sets. 		Data Type: String
Ingress Rate Limiting This is a mandatory parameter.

It contains Ingress Rate Limiting Configuration parameters for this RSS. 		Data Type: Object
RSS Ingress Rate Limiting Enabled

This is an optional Parameter.

A boolean value to enable and disable the Ingress Rate Limiting feature at the RSS level.

True indicates that the feature is enabled.

False indicates that the feature is disabled.

 Data Type: Boolean
Bucket Capacity

This is a conditional parameter.

It is the integer number for setting the bucket capacity for token bucket algorithm.

Bucket size defines the capacity to handle traffic burst.

Data Type: Integer
Refill Rate This is a conditional parameter.

This parameter defines the number of tokens to be added to refill the bucket. 		Data Type: Integer
Refill Duration This is a conditional parameter.

This parameter indicates the duration to decide how frequently to refill the bucket. 		Data Type: Integer
Request Token This is a conditional parameter.

This parameter defines the pre loaded tokens to refill the bucket. 		Data Type: Integer
Error Configuration This is a mandatory parameter.

This parameter contains the error configurations for Ingress Rate Limiting feature limited to the particular RSS. 		Data Type: Object
Action This is a conditional parameter.

The action can be Reject or Forward. By default, Reject is selected and SBI request is rejected with the user configured error configuration when the number of SBI requests is above the configured limit. 		Data Type: String

Status code This is a conditional parameter.

Error status code to be used in the Error Response for discarding the SBI requests when the number of SBI requests is above the configured limit. 		Data Type: Integer

Default Value: 429
Title This is a conditional parameter.

Error Title to be used in the Error Response for discarding the SBI requests when the number of SBI requests is above the configured limit. 		Data Type: String

Default Value: Too many requests sent
Mediation This is a mandatory parameter.

It contains mediation configuration parameters for the particular RSS. 		Data Type: Object
Trigger Rule List Name This is a mandatory parameter.

This parameter contains the trigger list name supported by the particular Remote SEPP Set. 		Data Type: String
SoR This is a mandatory parameter.

It contains SoR Configuration parameters for this RSS. 		Data Type: Object
SoR Trigger Rule Enabled This is a mandatory parameter.

Enables or disables the SoR trigger rules. 		Data Type: Boolean
SoR Trigger Rule List Name This is a mandatory parameter.

SOR trigger rule list name supported by the particular Remote SEPP Set. 		Data Type: String
PLMN ID(s) This is a mandatory parameter.

PLMN ID(s) supported by Remote SEPPs in Set. PLMN ID includes MCC and MNC. 		Data Type: Integer
Allowed List Name This is a mandatory parameter.

Allowed list name supported by Remote SEPP Sets. 		Data Type: string
Trigger Rule List Name This is a mandatory parameter.

Trigger List Name supported by Remote SEPP Sets. 		Data Type: string
Message Validation on Body Enabled

This is a mandatory parameter.

A Boolean value to enable or disable the message validation on body at RSS level.

True indicates that the feature is enabled.

False indicates that the feature is disabled.

 Data Type: boolean
Message Validation On Query Parameters Enabled

This is a mandatory parameter.

A Boolean value to enable and disable the message validation on query parameters at RSS level.

True indicates that the message validation on query parameters is enabled.

False indicates that the message validation on query parameters is disabled.

 Data Type: boolean
Message Validation List This is a mandatory parameter.

Message validation list name supported by Remote SEPPs Set. 		Data Type: String
Allowed List Name This is a mandatory parameter.

Allowed List Name supported by Remote SEPPs Set. 		Data Type: String
Trigger Rule List Name This is a mandatory parameter.

Trigger List Name supported by Remote SEPPs Set. 		Data Type: String
Previous Location check Enabled

This is a conditional parameter.

A Boolean value to enable and disable the Cat 3 - Previous Location check feature at RSS Level.

True indicates that the feature is enabled.

False indicates that the feature is disabled.

 Data Type: Boolean
Previous Location Trigger List This is a conditional parameter.

Previous Location Trigger List Name supported by Remote SEPP Set. 		Data Type: String
Enabled

This is a mandatory parameter.

A boolean value to enable or disable the 'Originating Network ID Header Support' feature at Remote SEPP Set level.

True indicates that the feature is enabled.

False indicates that the feature is disabled.

 Data Type: Boolean
Supported Header Name

This is a mandatory parameter.

User needs to provide one of the two header's values from the drop-down to select the Remote SEPP Set supported header name. '3gpp-Sbi-Originating-Network-Id' is selected by default.

Note:

  • When 3gpp-Sbi-Originating-Network-Id or 3gpp-Sbi-Asserted-Plmn-Id header is missing in incoming request at C SEPP then this configured header at Remote SEPP Set level is added in the request.
  • This configuration is not used by producer SEPP.
 Data Type: String
PLMN ID [mcc-mnc] from below list

This is an optional Parameter.

User needs to provide a single remote PLMN ID (mcc-mnc) from one of the supported PLMN IDs by this RSS.

Note: User can only configure this after the RSS have been created and have been assigned the PLMN IDs. While creating the RSS, user needs to provide this as empty value.

Data Type: String
Verbose Error Response Enabled This is an optional parameter.

A boolean value to enable or disable the security countermeasure features error responses verbosity at Remote SEPP Set level.

True indicates verbosity enabled.

False indicates verbosity disabled.

 Data Type: Boolean

Default Value: False
Cat 3 - Time Location Check - Unauthenticated Location Enabled This is a mandatory parameter.

A boolean value to enable or disable the Cat-3 Time Location Check Feature at the global level.

True indicates that the feature is enabled.

False indicates that the feature is disabled.

 Data Type: Boolean

Default Value: False

Note:

  • Remote SEPP Sets are created per PLMN. Every Remote SEPP Set consists of minimum 1 and maximum 3 Remote SEPP in primary, secondary, tertiary mode, and is used for N32F SBI message routing.
  • The user must configure atleast one of the primary, secondary, or tertiary parameters.

4.2.5 Service APIs

The Service API is used to add, view, and delete the complete set of REST APIs supported by SEPP.

  1. From the left navigation menu, navigate to SEPP and then click Service APIs. The list of all the REST APIs supported by SEPP appears on the right pane.
  2. Click Add from the top right side to add or delete the supported REST APIs.

    The parameters are:

    Table 4-6 Service APIs

    Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
    Resource URIs M String 5G Service Based Resource URI
    HTTP Method M Enum Resource URI Method ( GET,POST,PUT,PATCH,DELETE,OPTIONS, HEAD)
    Regular Expression M String Regular Expression for matching Resource URI

4.2.6 System Options

The System Options and Remote SEPP Set option allows the user to enable and configure the Hosted SEPP feature.

Perform the following procedure to do the Hosted SEPP configurations:

  1. From the left navigation menu, navigate to SEPP and then click System Options.
  2. Click Allowed P-RSS Validation Options under System Options, the System Options page appears on the right pane.
  3. Set Enable Allowed P-RSS Validation to True to enable the Hosted SEPP feature.
  4. From the left navigation menu, navigate to SEPP and then click Remote SEPP Set option for configuring Hosted SEPP feature.
  5. Click Edit icon to modify the specific parameter. User can add or delete Allowed Producer Remote SEPP Sets. This is the list of Remote SEPP Sets that are allowed for communication with Consumer Remote SEPP Set.

The parameters are:

Table 4-7 System Options Parameter

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Enable Allowed P-RSS Validation O Boolean

A Boolean value to enable and disable the Hosted SEPP Feature.

True indicates Enabled

False indicates Disabled. The feature is disabled (set to false) by default.

Table 4-8 Remote SEPP Set Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Allowed Producer Remote SEPP Sets O List of String List of Remote SEPP Sets which are allowed for communication with Consumer Remote SEPP Set

4.2.7 NIF

The NIF option is used to enable and configure the NIF feature and rejected message copy functionality.

Perform the following procedure to do the NIF feature configurations:

  1. From the left navigation menu, navigate to SEPP and then click NIF.
  2. Click NIF Option under NIF. The System Option page appears at the right pane.
  3. Click Edit icon to modify the Option. The Edit System Option page appears.
  4. Set the Enable NIF route selection to True.

Note:

The NRF Query Parameters screen will be disabled until NIF feature is enabled.

The NIF Option page parameters are:

Table 4-9 NIF Option Page Parameters

Parameter Name Data Type Description
Enable NIF route selection Boolean This is a mandatory parameter.

This is used to enable or disable the NIF feature. feature. True indicates that the feature is enabled and false indicates that the feature is disabled.

NRF Query Parameters Configurations:

Perform the following procedure to do the NRF Query Parameters Configurations:

  1. From the left navigation menu, navigate to SEPP and then click NIF.
  2. Click NRF Query Parameters under NIF. The NRF Query Params page appears at the right pane.
  3. Click Edit icon to modify the Option. The Edit NRF Query Params page appears.
  4. User can configure the following parameters:

Table 4-10 NRF Query Parameters

Parameter Name Data Type Parameter Description
Query Param String This is a mandatory parameter.

This parameter indicates the value of queryparameters as defined in 3GPP, which used to perform NF Discovery.
Query Param Value String This is a mandatory parameter. This parameter indicates the value of the query parameter set basis which NF is to be discovered.

Perform the following procedure to do the configurations for Rejected Message Copy for NIF feature:

  1. From the left navigation menu, navigate to SEPP and then click NIF.
  2. Click Message Copy Option under NIF, System Options page appears on the right pane.
  3. SetEnable Error Message Copy parameter to true to enable the Rejected Message Copy feature.
  4. Click Message Copy Params under NIF, the NIF Message Copy Params page appears on the right pane.
  5. Click Edit from the top right side to update the URI on which the copy of the rejected message is sent towards NIF.

Note:

The Message Copy Parameters screen will be disabled until NIF and Message Copy Options features are enabled.

Table 4-11 Message Copy Option Parameters

Parameter Name Data Type Description
Enable Error Message Copy Boolean This is a mandatory parameter.

This is used to enable or disable the rejected message copy feature. feature. True indicates that the feature is enabled and false indicates that the feature is disabled.

Table 4-12 Message Copy Parameters

Parameter Name Data Type Parameter Description
URI String This is a mandatory parameter.

This parameter indicates the value of URI that will be used to send the copy of rejected message towards nif

Default value: nnif-sbi-error

API version String This is a mandatory parameter. This parameter indicates the API version used to send the copy of rejected message towards nif.

Default value: v1

4.2.8 Topology Hiding

Topology Hiding enables or disables the topology hiding feature. The user can configure the topology header, body, and path configurations.

Topology Hiding option allows the user to set Topology Hiding feature as ENABLED or DISABLED and configure the topology options.

Perform the following procedure to enable or disable the Topology Hiding feature:
  1. From the left navigation menu, navigate to SEPP and then click Topology Hiding. Select the Option.
  2. Click Edit icon to modify the Option. The Edit Option page appears.
  3. Set the Topology Hiding to True or False.

    The parameters are:

    Table 4-13 Topology Hiding Parameters

    Parameter Name Datatype Description
    Topology Hiding Boolean This is an optional parameter.

    A Boolean value to enable and disable the Topology Hiding feature.

    True indicates Enabled

    False indicates Disabled. The feature is disabled (set to false) by default.

Topology Configuration Options

Topology framework provides the options at the CNC Console screen while processing the request/response json format messages.

Perform the following procedure to configure the message route and Enable Multi PsuedoValue:
  1. From the left navigation menu, navigate to SEPP and then select Topology Hiding. The Option appears underneath the topology hiding on the left menu.
  2. Click on Option, the Option screen appears.
  3. User can configure Action and Enable Multiple PsuedoValue.

    Table 4-14 Topology Hiding Parameters

    Parameter Name Datatype Description
    Enable Multiple Pseudo Value Boolean This is an optional parameter.

    This is a boolean field.

    If set to true, signifies that if more than one actual value exists in the request/response then every actual value occurence is replaced by unique pseudo value. The value is disabled (set to false) by default.
    Action Enum This is a mandatory parameter.

    Action has two possible values FORWARD and REJECT. By default we have FORWARD enabled.
    Status Code Integer This is a mandatory parameter.

    User can configure the required HTTP error code when exceptions arise due to the TH operation failures.
    Title String This is a mandatory parameter.

    User can configure the required Title when exceptions arise due to the TH operation failures.

    Note:

    Action has two possible values FORWARD and REJECT. By default we have FORWARD enabled.

    FORWARD: While any exception occurs processing the message for TH/TUH, the original message is forwarded as if no TH/TUH is enabled and operation should be success.

    REJECT: While any exception occurs processing the message for TH/TUH, the original message is dropped with the error body having status code and error description as configured in the CNCC screen.

    If in case REJECT is selected and statusCode and Error Description is not given or left empty, then status code is set as 500 and error description as "Internal error" by default.

    Note:

    Enable Multiple PseudoValue is set as false by default and user can set to true to enable the special processing. If the system has many occurrence of same actual value in the request/response then this property gives the flexibility that each same actual value must be replaced with the unique different pseudo value. This can only be possible if we define at least 7 different pseudo values in actual to pseudo mappings as we pick different values from this mappings only. Also if same actual value occurs more than 7 times then there is a possibility of repetition since we only have maximum of 7 distinct values.

    Enable Multiple PseudoValue property works on request and response separately. Request and response processing are two different operations and should be treated as the isolated operations.

Pseudo Values

The Pseudo Values option appears underneath the Topology Hiding. This Pseudo Values option allows the user to set the pseudo values against an actual value.

Perform the following procedure to set the pseudo values against an actual value:
  1. From the left navigation menu, navigate to SEPP and then select Topology Hiding. The Pseudo Values appears underneath the topology hiding on the left menu.
  2. Click on Pseudo Values, the list of all the actual values and corresponding pseudo values configured in the system along with their Value Type.
  3. Click Add to add the actual value and corresponding pseudo values.

    Note:

    Actual Value, Pseudo Value, and Value Type are mandatory parameters.

    Note:

    If the actual value contains mnc and mcc values as in 3gpp-sbi-target-apiRoot, then pseudo values must also contain mnc and mcc.
  4. Click Save.

The parameters are:

Table 4-15 Pseudo Value Configuration Parameters

Attribute Datatype Description
actualValue string This is a mandatory parameter.

Refers to the actual FQDN of network functions.
pseudoValues string This is a mandatory parameter.

Refers to the pseudo value corresponding to a configured actual value of network functions.
value type Enum This is a mandatory parameter.

Refers to the type of actual and pseudo values. Example: FQDN, NF SERVICE ID, NF SERVICE INSTANCE ID, OTHERS. OTHERS is for the values which do not fit in first three categories.

Header and Body Configurations

  1. From the left navigation menu, navigate to SEPP and then select Topology Hiding. The Header and Body IE options appears underneath the topology hiding on the left menu.
  2. Click Header, theHeader screen appears on the right pane.
  3. Click Add, the Create Header appears and user can add the header information.
  4. User can add the new header parameters.

    Note:

    Header Name, Regular Expression, Trigger Point ,and Operation are the header parameters.
  5. Click Body IE, the Topology Body screen appears on the right pane.
  6. Click Add, the Topology Body Configuration appears and user can add the body information.

    Note:

    Method, API Resource, Identifier ,Regular Expression, Trigger Point ,and Operation are the body parameters.
  7. Click Save.

Table 4-16 Header Configuration Parameters

Attribute Data type Description
Header Name String This is a mandatory parameter.

Name of the header
Regular Expression String This is a mandatory parameter.

Regular Expression for the header
Trigger Point Enum This is a mandatory parameter.

Request Ingress, Response Ingress, Request Egress, Response Egress
Operation Enum This is a mandatory parameter.

Topology Hiding or Topology Recovery

Table 4-17 Body IE Configuration Parameters

Attribute Data stype Description
API Resource String This is a mandatory parameter.

API Resource that comes from default table.
Identifier String This is a mandatory parameter.

Body IE Key Identifier.
Regular Expression String This is a mandatory parameter.

Regular Expression for the Body IE.
Trigger Point Enum This is a mandatory parameter.

Request Ingress, Response Ingress, Request Egress, Response Egress.
Operation Enum This is a mandatory parameter.

Topology Hiding /Topology Recovery.
Method Enum This is a mandatory parameter.

GET/PUT/POST/DELETE/PATCH

Path Configurations

  1. From the left navigation menu, navigate to SEPP and then select Topology Hiding. The Path IE appears underneath the topology hiding on the left menu.
  2. Click Path IE, thePath IE screen appears on the right pane.
  3. Click Add, the Topology Path Configuration appears and user can add the path information.
  4. User can add the new path parameters.

    Note:

    Method, API Resource, Regular Expression, Trigger Point,and Operation are the path parameters.
  5. Click Save.

Table 4-18 Path IE Configuration Parameters

Attribute Data stype Description
Method Enum This is a mandatory parameter.

GET/PUT/POST/DELETE/PATCH
API Resource String This is a mandatory parameter.

API Resource that comes from default table.
Regular Expression String This is a mandatory parameter.

Regular Expression for the Path IE.
Trigger Point Enum This is a mandatory parameter.

Request Ingress, Response Ingress, Request Egress, Response Egress.
Operation Enum This is a mandatory parameter.

Topology Hiding /Topology Recovery.

4.2.9 Security Countermeasure

The Security Countermeasure option is used to enable and configure the Cat-0 SBI Message Schema Validation feature, Cat 1 -Service API Validation feature, Cat 2 – Network ID Validation feature, and Cat 3 – Previous Location Check feature.

The Service API Allowed List REST API is used to do the configurations on the allowed list of REST APIs.

4.2.9.1 Nonverbose Error Response

SEPP's security counter measure features have been improved to provide either detailed (verbose) or simplified (nonverbose) error responses, depending on user configurations. The error configurations of the Cat-0, Cat-1, Cat-2, and Cat-3 features are enhanced.

To enable the feature, perform the following steps:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Non Verbose Error Measure Configuration under Security Countermeasure, the Option appears.
  3. The Security Counter Measure Nonverbose Configuration feature details are available on the Option screen.
  4. Click Edit icon to modify the Option. The Edit Option page appears.
  5. Set Verbose Error Response Enabled to True on the right pane.

Perform the following procedure to configure feature:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Non Verbose Error Measure Configurationunder Security Countermeasure, the Option appears underneath.
  3. Click Option, the option screen appears at the right pane. The Security Counter Measure Verbose Configuration feature details are available in the screen.
  4. Click Edit icon to modify the Option. The Edit Option page appears.
  5. Set Verbose Error Response Enabled to True on the right pane.
  6. Update the "Title" to required error title.
  7. Update the "Cause" to required error cause.
  8. Update the "Detail" to required error detail.

Table 4-19 Parameters

Parameter Name Datatype Mandatory(M)/Conditional(C)/Optional(O) Description
Verbose Error Response Enabled Boolean M

A boolean value to enable or disable the security counter measure features error response verbosity at global level

True indicates verbosity enabled.

False indicates verbosity disabled.

Default Value: False
title String O Non verbose error response title for security counter measure features. Its value is 'Rejected' by default.
cause String O Non verbose error response cause for security counter measure features. Its value is 'Unknown' by default.
detail String O Non verbose error response detail for security counter measure features. Its value is 'Server Error' by default.
4.2.9.2 Cat 1 -Service API Validation

The Security Countermeasure option is used to enable the Cat 0 - SBI Message Schema Validation feature, Cat 1 -Service API Validation feature, Cat 2 – Network ID Validation feature, and Cat 3 - Previous Location Check feature.

Perform the following procedure to do the Cat 1 -Service API Validation configurations:

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 1 -Service API Validation under Security Countermeasure, Option page appears on the right pane.
  3. Set Security Countermeasure parameter to True to enable the Cat 1 -Service API Validation feature.
  4. Click Service API Allowed List under Cat 1 -Service API Validation, the Service API Allowed List page appears on the right pane.
  5. Click Add from the top right side to add or update the allowed REST APIs and supported methods.

The parameters are:

Table 4-20 Cat 1 -Service API Validation

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Enable Cat 1 - Service API Validation O Boolean A Boolean value to enable and disable the Cat 1 - Service API Validation feature. true indicates enabled

false indicates disabled. The feature is disabled (set to false) by default.

Table 4-21 Service API Allowed List

Parameter Name Sub Parameter Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Service API Allowed List Name   M String Allowed list name per Remote SEPP Set
N32 Ingress   M Object Ingress Direction
Resource URI M String Resource URI
HTTP Method M Enum Resource URI Method ( GET,POST,PUT,PATCH,DELETE,OPTIONS, HEAD)
N32 Egress   M Object Egress Direction
Resource URI M String Resource URI
HTTP Method M Enum Resource URI Method ( GET,POST,PUT,PATCH,DELETE,OPTIONS, HEAD)
N32 Ingress Action   M Object Ingress Action
Title M String Title for the Error Configuration
Status Code M Integer Default Value 406
Action M Enum Whenever a failure happens, request will be rejected with the user configured action. Default value is Reject.
N32 Egress Action   M Object Egress Action
Title M String Title for the Error Configuration
Status Code M Integer Default Value 406
Action M Enum Whenever a failure happens, request will be rejected with the user configured action. Default value is Reject
4.2.9.3 Cat 2 – Network ID Validation

The Security Countermeasure option is used to enable the Cat 0 - SBI Message Schema Validation feature, Cat 1 -Service API Validation feature, Cat 2 – Network ID Validation feature, and Cat 3 - Previous Location Check feature.

Perform the following procedure to enable or disable the Cat 2 -Network ID Validation feature:

  1. From the left navigation menu, navigate to SEPP, and then click Security Countermeasure.
  2. Click Cat 2 -Network ID Validation under Security Countermeasure, the Option, Cat 2 -Network ID Validation List, Header, and Body IE appears underneath.
  3. Click Option, the Option page appears on the right pane. The Cat 2 – Network ID Validation feature enabling details are available on the screen.
  4. Click Edit icon to modify the Option. The Edit Option page appears.
  5. Set the Network ID in Header Validation Enabled to True or False.
  6. Set the Network ID in Body Validation Enabled to True or False.

The parameters are:

Table 4-22 Cat 2 -Network ID Validation

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Network ID in Header Validation Enabled M Boolean

A Boolean value to enable and disable the Network ID in Header Validation feature at global level.

True- Enabled

False- Disabled

Network ID in Body Validation Enabled M Boolean

A Boolean value to enable and disable the Network ID in Body Validation feature at global level.

True- Enabled

False- Disabled

Configuring Cat 2 -Network ID Validation Feature
  1. From the left navigation menu, navigate to SEPP, and then click Security Countermeasure.
  2. Click Cat 2 -Network ID Validation under Security Countermeasure, the Option, Cat 2 -Network ID Validation List , Header, and Body IE appears underneath.
  3. Click Cat 2 -Network ID Validation List , the Cat 2 -Network ID Validation List page appears on the right pane.
  4. Click Add to add a new Cat 2 -Network ID Validation List. The Add Cat 2 -Network ID Validation List page appears and user can add theNetwork ID Validation List information.
  5. Enter Network ID Validation List Name.
  6. Enter Ingress Rules with HTTP Method and Resource URI.
  7. Enter Egress Rules with HTTP Method and Resource URI.
  8. Enter Ingress Error Action and Egress Error Action.

Table 4-23 Network ID Validation List

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Network ID Validation List Name M String A string value to represent a Network ID Validation List Name

Table 4-24 Ingress and Egress Error Action Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Action M Enum Error Action in case of Network ID Validation Failure (REJECT, FORWARD)
Status Code M Integer Error Status Code to be returned in case of Network ID Validation Failure
Title M String Error Title in case of Network ID Validation Failure

Adding Ingress Rules and Egress Rules

  1. Click Network ID Validation List, the Network ID Validation List page appears on the right pane.
  2. Click Add to add a new Network ID Validation List. The Add Network ID Validation List page appears and user can add the Network ID Validation List information.
  3. To add Ingress Rules, click Add icon for the Ingress rules.
  4. A new page, Add Ingress Rules, opens to Add Ingress Rules with HTTP Method and Resource URI as configurable parameters. Select the desired HTTP Method and Resource URI from the drop down menu.
  5. To add Egress Rules, click Add icon for the Egress rules.
  6. A new page, Add Egress Rules, opens to Add Egress Rules with HTTP Method and Resource URI as configurable parameters. Select the desired HTTP Method and Resource URI from the drop-down menu.

Table 4-25 Ingress Rules and Egress Rules Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
HTTP Method M Enum

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Resource URI M String Resource URI for which PLMN ID Validation will take place.

Header Configuration

Perform the following procedure to View Header Configuration.

  1. From the left navigation menu, navigate to SEPP, and then select Security Countermeasure.
  2. Then select Cat 2 – Network ID Validation.
  3. The Header option appears underneath.
  4. Click Header, the Header screen appears at the right pane. The Header details are available on the screen.

The parameters are:

Table 4-26 Header Configuration

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Resource URI M String Resource URI for which PLMN ID Validation happens.
HTTP Method M Enum

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Header Name M String Header Name for which PLMN ID validation should happen
Regular Expression M String Regular Expression to fetch PLMN ID (MCC & MNC)
Associated SEPP Type M Enum CSEPP or PSEPP

Perform the following procedure to Add Header Configuration.

  1. From the left navigation menu, navigate to SEPP, and then select Security Countermeasure.
  2. Select Cat 2 – Network ID Validation.
  3. The Header screen appears underneath.
  4. Click Header, the Header screen appears at the right pane. The Header details are available on the screen.
  5. Click Add to add a new Header. The Add Header screen appears and user can add the Header information.

The parameters are:

Table 4-27 Add Header Configuration

Parameter Name Enabled Listing Screen Enabled Edit Screen Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Resource URI Yes Yes M String Resource URI for which PLMN ID Validation will happen
HTTP Method Yes Yes M Enum

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Header Name Yes Yes M String Header Name for which PLMN ID validation should happen
Regular Expression Yes Yes M String Regular Expression to Fetch PLMN ID (MCC & MNC)
Associated SEPP Type Yes Yes M Enum CSEPP or PSEPP

Body IE Configuration

Perform the following procedure to View Body IE Configuration.

  1. From the left navigation menu, navigate to SEPP, then select Security Countermeasure.
  2. Then select Cat 2 – Network ID Validation.
  3. The Body IE screen appears underneath.
  4. Click Body IE, the Body IE screen appears at the right pane. The Body IE details are available on the screen.

The parameters are:

Table 4-28 Body IE Configuration

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Resource URI M String Resource URI for which PLMN ID Validation will happen
HTTP Method M Enum

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Body IE Key M String Body IE Key for which PLMN ID validation should happen
Associated SEPP Type M Enum CSEPP or PSEPP
Regular Expression M String Regular Expression to Fetch PLMN ID (MCC and MNC)

Perform the following procedure to Add Body IE Configuration:

  1. From the left navigation menu, navigate to SEPP, and then select Security Countermeasure.
  2. Then select Cat 2 – Network ID Validation.
  3. The Body IE screen appears underneath.
  4. Click Body IE, the Body IE screen appears at the right pane. The Body IE details are available on the screen.
  5. Click Add to add a new Body IE. The Add Body IE screen appears and user can add the Body IE information.

The parameters are:

Table 4-29 Add Body IE Configuration Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Data Type Description
Resource URI M String Resource URI for which PLMN ID Validation will happen
HTTP Method M Enum

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Body IE Key M String Body IE Key for which PLMN ID validation should happen
Associated SEPP Type M Enum CSEPP or PSEPP
Regular Expression M String Regular Expression to fetch PLMN ID (MCC and MNC)
4.2.9.4 Cat 0 - SBI Message Schema Validation

The Security Countermeasure option is used to enable the Cat 0 - SBI Message Schema Validation feature, Cat 1 -Service API Validation feature, Cat 2 – Network ID Validation feature, and Cat 3 - Previous Location Check feature.

Perform the following procedure to do the Cat 0- SBI Message Schema Validation feature configurations:

Options screen

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 0 - SBI Message Schema Validation feature under Security Counter Measure, the Option appears underneath.
  3. Click Option, the option screen appears at the right pane. The Cat 0 - SBI Message Validation feature details are available in the screen.
  4. Click Edit icon to modify the Option. The Edit Option page appears
  5. Set the Message Validation on Body Enabled and Message Validation on Query Parameters Enabled to True.
  6. Set the Maximum Request Size (KB) as per the requirement, default value is set as 40 KB.
  7. Set the Maximum Number of Query parameters as per the requirement, default value is set as 100.

The parameters are:

Table 4-30 Cat 0 - SBI Message Schema Validation feature (Options Screen) Parameters

Parameter Name Datatype Mandatory(M)/Conditional(C)/Optional(O) Description
Message Validation On Body Enabled boolean O

A boolean value to enable or disable the message validation on body at global level.

true indicates enabled

false indicates disabled

Message Validation On Query Parameters Enabled boolean O

A boolean value to enable and disable the message validation on Query Parameters at global level.

true indicates enabled

false indicates disabled
Maximum Request Size (KB) integer O Provides maximum allowed request body size. Default value: 40 KB
Maximum Number of Query parameters integer O Provides maximum number of allowed query parameters.

Default Value: 100
Message Validation List Screen
  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 0 - SBI Message Schema Validation feature under Security Countermeasure, the Message Validation List appears underneath.
  3. Click Message Validation List , the Message Validation List screen appears at the right pane.
  4. Click Edit icon to modify the Option. The Edit Option page appears
  5. The user can edit or add the Message Validation List.
  6. Click Edit icon to modify the Option. The Edit Option page appears. The Message Validation List can be edited.
  7. Click Add to add a new Message Validation List. The Add Message Validation List page appears, and the user can add the new Message Validation List information.
  8. The user can add Message Validation List Name, Ingress Rules with HTTP Method and Resource URI, Egress Rules with HTTP Method and Resource URI (Not allowed in Roaming Hub mode), Ingress Error Action, and Egress Error Action.

The parameters are:

Table 4-31 Message Validation List Parameters

Parameter Name Datatype Mandatory(M)/Conditional(C)/Optional(O) Description
Message Validation List Name string M Represents a Message Validation List Name

Ingress Error Action and Egress Error Action Parameters:

Table 4-32 Ingress Error Action and Egress Error Action Parameters

Parameter Name Datatype Mandatory(M)/Conditional(C)/Optional(O) Description
Action Enum M Error action in the case of Message Validation failure.

Range: REJECT, FORWARD
Status Code String M Error status code to be returned in case of Message Validation failure.
Title String M Error Title in case of Message Validation failure.

Adding Ingress Rules and Egress Rules

  1. Click Message Validation List, the Message Validation List page appears on the right pane.
  2. Click Add to add a new Message Validation List. The Add Message Validation List page appears and user can add the Message Validation List information.
  3. To add Ingress Rules, click Add icon for the Ingress rules.
  4. A new page, Add Ingress Rules, opens to Add Ingress Rules with HTTP Method and Resource URI as configurable parameters. Select the desired HTTP Method and Resource URI from the drop down menu.
  5. To add Egress Rules, click Add icon for the Egress rules.
  6. A new page, Add Egress Rules, opens to Add Egress Rules with HTTP Method and Resource URI as configurable parameters. Select the desired HTTP Method and Resource URI from the drop down menu.

Table 4-33 Ingress Rules and Egress Rules Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
HTTP Method M Enum

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Resource URI M String Resource URI for which Message validation happens.

Message Schema Configuration Screen

Perform the following procedure to view and update Message Schema Configuration.

  1. From the left navigation menu, navigate to SEPP and then select Security Countermeasure.
  2. Select Cat 0 - SBI Message Validation.
  3. The Message Schema Configuration option appears underneath.
  4. Click Message Schema Configuration, the Message Schema Configuration screen appears at the right pane. The Message Schema Configuration details are available in the screen.
  5. Click Add to add a new Resource URI, HTTP Method, and corresponding JSON schema.
  6. Select a Resource URI from dropdown.
  7. Select a HTTP Method from dropdown.
  8. Enter Corresponding resolved Message Schema in JSON format.

Perform the following procedure to delete a existing Resource URI and HTTP Method and corresponding Message Schema:

  1. From the left navigation menu, navigate to SEPP and then select Security Countermeasure.
  2. Select Cat 0 - SBI Message Validation.
  3. The Message Schema Configuration option appears underneath.
  4. Click Message Schema Configuration, the Message Schema Configuration screen appears at the right pane. The Message Schema Configuration details are available in the screen.
  5. Select HTTP Method, and Resource URI to be deleted and click Delete to delete a Resource URI, HTTP Method, and corresponding JSON schema.
  6. The message "Do you want to delete the record" appears. Click OK.

Table 4-34 Message Schema Configuration Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Resource URI M String Resource URI
HTTP Method M Enum Resource URI Method ( GET,POST,PUT,PATCH,DELETE,OPTIONS, HEAD)
Message Schema(JSON) M Object Message Schema
4.2.9.5 Cat 3 - Previous Location Check

The Security Countermeasure option is used to enable the Cat 0 - SBI Message Schema Validation feature, Cat 1 -Service API Validation feature, Cat 2 – Network ID Validation feature, and Cat 3 - Previous Location Check feature.

Perform the following procedure to do the Cat 3 - Previous Location Check feature configurations (The Option and Trigger List appears underneath) :

Option Screen Configuration

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 3 - Previous Location Check feature under Security Countermeasure, the Option appears underneath.
  3. Click Option, the option screen appears at the right pane. The Cat 3 - Previous Location Check feature details are available in the screen.
  4. Click Edit icon to modify the Option. The Edit Option page appears
  5. Set the Previous Location Check Enabled to True.
  6. Set the Cache Refresh Timer (milliseconds) as per the requirement. The default value is set as 5000.

The parameters are:

Table 4-35 Cat 3 - Previous Location Check feature (Option Screen) Parameters

Parameter Name Datatype Mandatory(M)/Conditional(C)/Optional(O) Description
Previous Location Check Enabled boolean M

A boolean value to enable or disable the Cat 3 - Previous Location Check feature at global level.

true indicates enabled

false indicates disabled

Default Value: false
Cache Refresh Timer (milliseconds) integer M

An integer value to set the cache refresh timer. After this timer expiry, PN32F fetch the UE authentication status from UDR for the UE ID received in Ingress Request.

Default value: 5000
Trigger List Screen Configuration

Trigger List screen allows the user to configure a set of rules for which Cat-3 Previous Location Check happens.

Perform the following procedure to view a Previous Location Trigger List:

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 3 - Previous Location Check feature under Security Countermeasure, the Trigger List appears underneath.
  3. Click Trigger List, the Cat 3 - Previous Location Trigger List screen appears at the right pane. The Cat 3 - Previous Location Check feature details are available on the screen.
  4. Click Add to add a new Previous Location Trigger List. The Create Cat 3- Previous Location Trigger List page appears and user can add the Previous Location Trigger List information.
  5. Enter Name, N32 Ingress Rules with HTTP Method, Resource URI, Error Action, and Exception Action.

Trigger List parameters are:

Table 4-36 Trigger List parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Name

String

 M Represents a Previous Location Trigger List Name.

Default Value: Blank

Error Action Parameters:

Table 4-37 Error Action Parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Action

Enum

 M Error action, in case of Previous Location Check Validation failure.

Range: REJECT, FORWARD.

Default Value: REJECT
Status Code

Integer

 M Error Status Code to be returned, in case of Previous Location Check Validation failure. Status codes 401 and 407 are not supported at present.

Default Value: 406
Title

String

 M Error title, in case of Previous Location Check Validation failure.

Default Value: CAT 3 Previous Location Check Failed

Exception Action Parameters:

Table 4-38 Exception Action Parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Action

Enum

 M Exception action, in case of Previous Location Check Exception failure

Range: REJECT, FORWARD.

Default Value: REJECT
Status Code

Integer

 M Exception Status Code to be returned, in case of Previous Location Check Exception failure. Status codes 401and 407 are not supported at present.

Default Value: 406
Title

String

 M Exception title, in case of Previous Location Check Exception failure.

Default Value: CAT 3 Previous Location Check Failed due to exception

Add N32 Ingress Rules screen

  1. To add N32 Ingress Rules, click Add.
  2. Add N32 Ingress page opens to add Ingress Rules with HTTP Method and Resource URI as configurable parameters.
  3. Select the desired HTTP Method and Resource URI from the drop-down menu.

The parameters are:

Table 4-39 HTTP Method and Resource URI

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
HTTP Method Enum M

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Resource URI String M Resource URI for which Previous Location Check validation happens.
Header configuration

Header Configuration screen allows the user to configure Headers for which Previous Location Check Validation happens:

Perform the following procedure to configure Serving Network ID Header Configuration.

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 3 - Previous Location Check feature under Security Countermeasure, the Trigger List appears underneath.
  3. Click Header, the Serving Network ID and UE ID appears underneath.
  4. Click Serving Network ID, the Serving Network ID Header details are available in the screen.
  5. Click Add to add a new header. The Add Serving Network ID Header page appears and user can add the Header information.

The parameters are:

Table 4-40 Header Parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Resource URI String M Resource URI for which Previous Location Check validation happens.
HTTP Method ENUM M

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD.
Header Name String M Header Name for which Previous Location Check validation happens.
Regular Expression String M Regular expression to fetch Serving Network ID (MCC and MNC).

UE ID Header

Perform the following procedure to configure the UE ID Header Configuration:

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 3 - Previous Location Check feature under Security Countermeasure, the Trigger List appears underneath.
  3. Click Header, the Serving Network ID and UE ID appears underneath.
  4. Click Serving Network ID, the Serving Network ID Header details are available in the screen.
  5. Click Add to add a new Body IE. The Add Serving Network ID Header page appears and user can add the Header information.
  6. Click UE ID, the UE ID Header details are available in the screen.
  7. Click Add to add a new Header. The Add UE ID page appears and user can add the UE ID information.

The parameters are:

Table 4-41 UE ID Header Parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Resource URI String M Resource URI for which Previous Location Check validation happen.
HTTP Method ENUM M

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD.
Header Name String M Header Name for which Previous Location Check validation should happen.
Regular Expression String M Regular Expression to fetch UE ID.

Body IE Configuration

Perform the following procedure to configure the Serving Network ID Body IE Configuration:

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 3 - Previous Location Check feature under Security Countermeasure, the Body IE appears underneath.
  3. Click Body IE, the Serving Network ID and UE ID appears underneath.
  4. Click Serving Network ID, the Serving Network ID Body IE details are available in the screen.
  5. Click Add to add a new Body IE. The Add Serving Network ID Body IE page appears and user can add the Body IE information.

The parameters are:

Table 4-42 Serving Network ID Body IE Parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Resource URI String M Resource URI for which Previous Location Check validation will happen
HTTP Method ENUM M

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD
Body IE Key String M Body IE Key Name for which Previous Location Check validation should happen
Regular Expression String M Regular Expression to Fetch Serving Network ID (MCC & MNC)

Perform the following procedure to configure the UE ID Body IE Configuration:

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 3 - Previous Location Check feature under Security Countermeasure, the Body IE appears underneath.
  3. Click Body IE, the Serving Network ID and UE ID appears underneath.
  4. Click UE ID, the UE ID Body IE details are available in the screen.
  5. Click Add to add a new UE ID. The Add UE ID Body IE page appears and user can add the UE ID information.

The parameters are:

Table 4-43 UE ID Body IE Configuration Parameters

Parameter Name Data Type Mandatory(M)/Conditional(C)/Optional(O) Description
Resource URI String M Resource URI for which Previous Location Check validation happens.
HTTP Method ENUM M

Enums with the following allowed values:

POST, PUT, GET, PATCH, DELETE, OPTION, HEAD.
Body IE Key String M Body IE key name for which Previous Location Check validation should happen.
Regular Expression String M Regular Expression to fetch UE ID.
4.2.9.6 Cat-3 Time Location Check for Roaming Subscribers

Perform the following procedure to configure the Cat-3 Time check for Roaming Subscribers feature:

Option Screen Configuration:

  1. From the left navigation menu, navigate to SEPP and then click Security Counter Measure.
  2. Click Cat-3 Time Location Check under Security Counter Measure. Unauthenticated Location page appears underneath.
  3. Click Unauthenticated Location. The Option appears underneath.
  4. Click Option. The option screen appears on the right pane. The Cat-3 Time check for Roaming Subscribers feature details are available on the screen.
  5. Click Edit icon to modify the Option. The Edit Option page appears.
  6. Set the Cat 3 Time Check Unauthenticated Location Enabled to True.
  7. Set the Average Flight Velocity (km/hr) to calculate the distance as per the requirement (must be set in kilometers per hour (km/hr)).
  8. Set the Blocklist Refresh Timer Value and Blocklist Refresh Time Unit as per the requirement.
  9. Set the Cache Refresh Timer (milliseconds).

The following are the Cat-3 Time Location Check for Roaming Subscribers parameters:

Table 4-44 Cat-3 Time Location Check for Roaming Subscribers Parameters

Parameter Name Data Type Description
Cat 3 - Time Location Check - Unauthenticated Location Enabled Boolean

This is a mandatory parameter.

A boolean value to enable or disable the Cat-3 Time Location Check feature at the global level.

True indicates that the feature is enabled.

False ndicates that the feature is disabled.
Average Flight Velocity (km/hr) Integer This is a mandatory parameter.

The average flight velocity of the user while travelling from one location to the other.

Note: The default value is set as 12000 km/hr.
Blocklist Refresh Timer Value Integer This is a mandatory parameter.

In case a user is blocklisted because of malicious activity, the blocklist will be refreshed according to the value given for 'Blocklist Refresh Timer Value'.
Blocklist Refresh Time Unit Enum This is a mandatory parameter.

'Blocklist Refresh Time Unit' specifies the unit for the value given in 'Blocklist Refresh Timer Value'.

Error Action Parameters:

Table 4-45 Error Action Parameters

Parameter Name Data Type Description
Action

Enum

 This is a mandatory parameter.

Determines the action to be taken, either reject or forward if an error is encountered.

Range: REJECT, FORWARD.

Default Value: REJECT
Status Code

Integer

 This is a mandatory parameter.

Indicates if an error has occurred with the specified error code.

Default Value: 406
Title

String

 This is a mandatory parameter.

Indicates if an error has occurred with the specified title for the error.

Exception Action Parameters:

Table 4-46 Exception Action Parameters

Parameter Name Data Type Description
Action

Enum

 This is a mandatory parameter.

Determines the action to be taken, either reject or forward if an error is encountered.

Range: REJECT, FORWARD.

Default Value: REJECT
Status Code

Integer

 This is a mandatory parameter.

Indicates if an error has occurred with the specified error code.

Default Value: 406
Title

String

 This is a mandatory parameter.

Indicates if an error has occurred with the specified title for the error.

Country Screen Configuration:
  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat-3 Time Location Check under Security Counter Measure. Unauthenticated Location page appears underneath.
  3. Click Unauthenticated Location. The Country Configurations appears underneath.
  4. Click Country Configurations. The Add Country Configurations screen appears on the right pane.
  5. Set the Country Name, MCC, Latitude, and Longitude.
  6. Click Save.

The parameters are:

Table 4-47 Country Screen Parameters

Parameter Name Data Type Description
Country Name String This is a mandatory parameter.

The input takes the name of the country the user wishes to add.
MCC string This is a mandatory parameter.

The input takes the MCC of the country the user wishes to add.
Latitude String This is a mandatory parameter.

The input takes the latitude of the country the user wishes to add.
Longitude String This is a mandatory parameter.

The input takes the longitude of the country the user wishes to add.
Exception MCC List Screen Configuration:
  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat-3 Time Location Check under Security Counter Measure.The Unauthenticated Location page appears underneath.
  3. Click Unauthenticated Location. The Exception MCC list configurations appears underneath.
  4. Click Exception MCC list configurations. The Add Exception MCC list configurations screen appears on the right pane.
  5. Click Edit icon to modify the Exception MCC list configurations.
  6. Set the MCC and Exception MCC.
  7. Click Save.

The parameters are:

Table 4-48 Exception MCC List Parameters

Parameter Name Data Type Description
MCC Integer This is a mandatory parameter.

The input takes the MCC of the country against which the exception MCCs are to be configured.
Exception MCC Integer This is a mandatory parameter.

The input takes the MCC of the countries against which the time-check feature should not be applied. Multiple exception mcc values can be configured against the same value for MCC.
4.2.9.7 Cat 1 - Service API Query Param Validation List Screen

The Security Countermeasure option is used to enable the Cat 0 - SBI Message Schema Validation feature, Cat 1 -Service API Validation feature, Cat 2 – Network ID Validation feature, Cat 3 - Previous Location Check feature, and Cat 3 - Time Location Check feature.

Perform the following procedure to do the Cat-1 Service API Query Parameters Validation configurations:

  1. From the left navigation menu, navigate to SEPP and then click Security Countermeasure.
  2. Click Cat 1 -Service API Validation under Security Countermeasure. The following fields will appear:
    • Option
    • Service API Allowed List
    • Cat-1 Query Parameter Validation List
  3. Click Option, the Options page appears on the right pane.
  4. Set Enable Cat 1-Query Parameter Validation parameter to True to enable the feature.

    Note:

    Enable Cat 1 - Service API Validation parameter must be set to True to enable this feature.
  5. Click Cat-1 Query Parameter Validation List under Cat 1 -Service API Validation, the Create Cat-1 Query Parameter Validation List page appears on the right pane.
  6. Click Add to add or update in sthe allowed REST APIs and supported methods.
  7. Click Save.

The Options page parameters are:

Table 4-49 Options Page Parameters

Parameter Name Data Type Description
Enable Cat 1 - Service API Validation Boolean This is a mandatory parameter.

This is used to enable or disable the Cat 1 - Service API Validation feature. True indicates that the feature is enabled and false indicates that the featur is disabled. The feature is disabled (set to false) by default.
Enable Cat 1-Query Parameter Validation Boolean This is a mandatory parameter.

This is used to enable or disable the Cat-1 Service API query parameters validation feature. True indicates that the feature is enabled and false indicates that the feature is disabled. By default, the feature is disabled.

The Create Cat-1 Query Parameter Validation List parameters are:

Table 4-50 Create Cat-1 Query Parameter Validation List

Parameter Name Data Type Parameter Description
Service API Query Param Validation List Name Enum This is a mandatory parameter.

This parameter indicates the name of the Service API Query Param Validation List.

Note: Only those list names are visible in the dropdown which have already been configured on the 'Cat-1 Service API Allowed List' screen as it provides mapping between Cat-1 Service API Validation feature and Cat-1 Query Parameter Validation feature.

Service API - Method Enum This is a mandatory parameter. This parameter indicates the method for the resource URI that the user wants to add. Only GET method is allowed to be configured.
Service API - Resource URI Enum This is a mandatory parameter. This parameter takes only NRF Discovery URI as input to which the query parameter validation needs to be done.
Query Parameters - Query Parameter Name String This is a mandatory parameter.

This parameter takes the name of the query parameter for which the validation needs to be done.

Default value is requester-nf-type.
Query Parameters - Query Parameter Value String This is a mandatory parameter.

This parameter takes the value of the query parameter for which the validation needs to be done which will be requester-nf-type in this case.
Query Parameters - Paired Query Parameter Name String This is a mandatory parameter.

This parameter takes the name of the paired query parameter for which the validation needs to be done.

Default value: target-nf-type.
Query Parameters - Paired Query Parameter Value String This is a mandatory parameter.

This parameter takes the value of the paired query parameter for which the validation needs to be done which will be 'target-nf-type' in this case.

4.2.10 Mediation

The mediation option allows the user to set Mediation feature as ENABLED or DISABLED and configure the mediation options.

Perform the following procedure to enable or disable the mediation feature:
  1. From the left navigation menu, navigate to SEPP and then click Mediation. The options appears underneath.
  2. Click Options, the options screen appears at the right pane. The Mediation Feature and Error Configuration details are available in the screen.
  3. Click Edit icon to modify the Options. The Edit Options page appears.
  4. Set the Mediation Feature to True or False and configure the Error Configuration parameters Action, Status Code, and Title.

    The parameters are:

    Mediation Options

    Table 4-51 Mediation Options

    Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
    Enable Mediation O Boolean A Boolean value to enable and disable the Mediation feature.

    true indicates Enabled

    false indicates Disabled. The feature is disabled (set to false) by default.
    Error Configuration M Object Error Configuration details

Mediation Trigger Rule List Configuration

Mediation Trigger Rule Configuration screen allows the user to configure a set of trigger rules which act as a filtering criteria for SEPP to send a particular request for mediation.

Perform the following procedure to configure the trigger rules:

  1. From the left navigation menu, navigate to SEPP and then select Mediation. The Trigger Rule List appears underneath.
  2. Click Trigger Rule List, the list of all the existing rules and corresponding configurations appears.
  3. Click Add to add the Trigger Rule List. The Add Trigger Rules page appears and user can add the Trigger Rule information.

    Note:

    HTTP Method, Resource URI, Trigger Point, and Group Id are the Trigger Rule parameters.
  4. Click Edit to modify the rule list. The Edit Trigger Rules page appears and user can update the Trigger Rule information.

Error Configuration Parameters

Table 4-52 Error Configuration Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Title M String Error Title in case of getting error from mediation service
Action M Enum Error Action to be performed in case of getting error from mediation service (Reject, Continue).
StatusCode M Integer Error Status Code to be returned in case of getting error from mediation service.

Mediation Trigger Rules List Parameters

Table 4-53 Mediation Trigger Rules List Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Name M String Name of Trigger Rule List
Trigger Rules M Object List of Trigger Rules
Trigger Rule List Type M Enum Type of TRL (Local /Remote)
Match All Enabled M Boolean Match All Enabled (true/false)
Match All GroupId M String Match All Group Id
Match All Trigger Points M Enum Match All Trigger Points

Trigger Rule Parameters

Table 4-54 Trigger Rule Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
HTTP Method: M Enum Resource URI Method ( GET,POST,PUT,PATCH,DELETE,OPTIONS)
Resource URIs: M String Resource URI
Trigger Points: M Enum List of Trigger Point ( "N32_Egress_Request", "N32_Ingress_Response", "N32_Ingress_Request", "N32_Egress_Response")
Group Id: M String Group ID for which mediation configuration is to be done. This is passed to the Mediation Service for grouping similar rules.

Mediation Rules Configuration

Rules configuration screen allows the user to compile, create, update, delete, clone and apply the mediation rules using CNCC.

Perform the following procedure to configure the mediation rules:

  1. From the left navigation menu, navigate to SEPP and then select Mediation. The Rules Configuration screen appears underneath.
  2. Click Rules Configuration, the list of all the existing rules with corresponding status appears.

    Figure 4-4 Mediation Rules Configuration Screen

    Mediation Rules Configuration Screen
  3. Click Add to add a new rule. The Add Mediation Rule page appears and user can add the mediation rule information.

    Figure 4-5 Add Mediation Rule Screen

    Add Mediation Rule Screen

    Note:

    Rule Name, Format, Status, Mediation Mode, Code, and State are the mediation rule parameters.
    .
  4. Click Edit button of an existing rule to modify that rule. The Edit Mediation Rule page appears and user can edit the rule information.

    Figure 4-6 Edit Mediation Rule Screen

    Edit Mediation Rule Screen
  5. Click Delete button of an existing rule to delete that rule, confirmation dialog box appears and user can click OK to delete the rule or Cancel to cancel the deletion.
  6. Click View button of an existing rule to view the rule’s details.
Rules Configuration Parameters

Table 4-55 Rules Configuration Parameters

Parameter Name Mandatory(M)/Optional(O)/Conditional(C) Datatype Description
Rule Name M String Mediation rule name
Status M Enum Mediation rule status: APPLIED or DRAFT
State M Enum

Compile, Clone, Save, Draft, Apply

The user can select one of these states.
Mediation Mode M Enum

MEIDATION_ACTIVE: its only applicable to mediation microservice active mode

MEDIATION_TEST: its only applicable to mediation microservice test mode

The user is required to configure the mediation rules using MEDIATION_ACTIVE mediation mode. MEDIATION_TEST mode is only for internal purpose.
Code M String

Mediation rule code content.

The user has to prepend the following data block along with the needed rules in the code section and save to create the rule in DRAFT status. If the user wants to apply the rule on mediation microservice then user can edit the rule and save it again with Apply state. 

package com.oracle.cgbu.ocmediation.nfmediation;
 
    import com.oracle.cgbu.ocmediation.nfruleengine.NFDroolsRuleEngine;
    import com.oracle.cgbu.ocmediation.factdetails.Request;
    import com.oracle.cgbu.ocmediation.factdetails.Response;
    import java.util.Map;
    import java.util.HashMap;
 
    dialect "mvel"
Format M Enum Rule format. Only DRL is supported currently.
New Rule Name C String New rule name is to be given only when state is clone.

Note:

  • The rule name for a rule in the DRAFT status must be unique. Otherwise, the new rule overwrites the old one.
  • The new rule is always created and saved with DRAFT status in the database. User needs to save the rule with APPLY state to apply the rule to mediation microservice.

4.2.11 Ingress Rate Limiting

Ingress Rate Limiting screen allows the user to configure the global parameters for ingress rate limiting feature. Perform the following procedure to enable and configure the ingress rate liming feature:

Ingress Rate Limiting: Remote SEPP Set

  1. From the left navigation menu, navigate to SEPP and then click Ingress Rate Limiting. The Remote SEPP Set option appears underneath.
  2. Click Remote SEPP Set under Ingress Rate Limiting, the Options appears underneath.
  3. Click Options under Remote SEPP Set, the Options page appears on the right pane.
  4. Click Edit icon to modify the Option. The Edit Option page appears. The Ingress Rate Limiting feature configurations are available in the screen.
  5. Set Originating Network ID Header as “3gpp-Sbi-Asserted-Plmn-Id” or “3gpp-Sbi-Originating-Network-Id” or both.
  6. Set Remote SEPP Set Ingress Rate Limiting Enabled as true or false.
  7. Enter Bucket Capacity, Refill Rate, Refill Duration, and Request Tokens.
  8. Under Error Configuration, Enter Action as Reject.
  9. Enter Status Code and Title.

Table 4-56 Ingress Rate Limiting: Remote SEPP Set Parameters

Parameter Name Datatype Mandatory(M)/ Conditional(C)/ Optional(O) Description
Originating Network ID Header Enum M

This parameter can have the following allowed values:

3gpp-Sbi-Asserted-Plmn-Id,

3gpp-Sbi-Originating-Network-Id
Remote SEPP Set Ingress Rate Limiting Enabled Boolean O

A Boolean value to enable and disable the Ingress Rate Limiting feature at global level.

true indicates Enabled

false indicates Disabled. The feature is disabled (set to false) by default.
Bucket Capacity Integer M

Integer Number for setting the Bucket Capacity as an input for Token Bucket Algorithm.

Bucket size defined the capacity to handle traffic burst.

Refill Rate Integer M Refill Rate to define the number of tokens to be added to refill the bucket
Refill Duration Integer M Duration to decide how frequently to refill bucket
Request Token Integer M Request Token to define the Pre loaded tokens to refill the bucket
Action String M By Default Reject is selected as SBI Request will be rejected with the user configured Error Configuration when the number of SBI requests is above the configured limit.
Status Code Integer M Error Status Code to be used in the Error Response for discarding the SBI requests when the number of SBI requests is above the configured limit.
Title String M Error Title to be used in the Error Response for discarding the SBI requests when the number of SBI requests is above the configured limit.

4.2.12 Egress Rate Limiting

Egress Rate Limiting screen allows the user to configure the global parameters for egress rate limiting feature. Perform the following procedure to enable and configure the egress rate liming feature:

Egress Rate Limiting

Perform the following procedure to enable the Egress Rate Limiting:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Rate Limiting.
  2. Select Engress Rate Limiting which is defined under Rate Limiting screen.
  3. The Option and EgressRateLimitingList appears underneath.
  4. Click Option, the option screen appears at the right pane. The Egress Rate Limiting Feature details are available in the screen.
  5. Set Egress Rate Limiting Enabled to True on the right pane.
Egress rate limiting Option Parameters

Table 4-57 Egress rate limiting Option Parameters

Attribute Data Type Description
EgressRateLimitingEnabled boolean This is a mandatory parameter.

Enables or disables the Egress Rate limiting.

true indicates Enabled.

false indicates Disabled.

Default Value: False

Perform the following procedure to view a Egress Rate Limiting List:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Rate Limiting.
  2. Select Egress Rate Limiting which is defined under Rate Limiting screen.
  3. The Option and EgressRateLimitingList appears underneath.
  4. Click EgressRateLimitingList, the EgressRateLimitingList screen appears at the right pane.

Perform the following procedure to add an Egress Rate Limiting List:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Rate Limiting.
  2. Select Egress Rate Limiting which is defined under Rate Limiting screen.
  3. The Option and EgressRateLimitingList appears underneath.
  4. Click EgressRateLimitingList, the EgressRateLimitingList screen appears at the right pane. The Egress Rate Limiting feature details are available on the screen.
  5. Click Add to add a new Egress Rate Limiting List. The Create Egress Rate Limiting List page appears. User can add the Egress Rate Limiting List information.
  6. Enter Egress Rate Limiting List Name.
  7. Under Egress Rate Limiting Configurations section, enter the list configurations; enter Enabled, Discard Message Priority, Bucket Capacity, Refill Rate, Refill duration, and Request Tokens.
  8. Under Error Configuration section, enter the error configuration details; enter Action, Enter Status Code, and Title.
  9. Under Remote Sepp Set or PLMN ID(s) section, select the Remote SEPP Set name or add PLMN IDs for the Egress Rate Limiting List.

Table 4-58 Parameter List

Parameter Name Data Type Description
Name String This is a mandatory parameter.

Indicates the Egress Rate Limiting List Name
Enabled boolean

This is a mandatory parameter.

A boolean value to enable or disable the feature at egress rate limiting list level.

This will be disabled by default.
Discard Message Priority integer

This is a mandatory parameter.

Integer value to indicate the message priority used to decide if a message shall be dropped or not when rate limiting is enforced.

  • Messages with higher or equal priority than Discard Message Priority are dropped.

It the value is not provided in REST API , 0 will be used as default value of integer.
Bucket Capacity integer

This is a mandatory parameter.

Integer number for setting the Bucket Capacity as an input for Token Bucket Algorithm.

Bucket size defined the capacity to handle traffic burst.

Refill Rate integer

This is a mandatory parameter.

Refill Rate to define the number of tokens to be added to refill the bucket

  • Its value can't be greater than configured Bucket Capacity value
Refill Duration integer

This is a mandatory parameter.

Duration to decide how frequently to refill bucket.
Request Tokens integer

This is a mandatory parameter.

Request Tokens defines the batch size of token requested from the corresponding bucket.

Its recommended that the value should be configured as:
  • bucket capacity divided by number of plmn-ingress gateway pods (SEPP mode).
  • bucket capacity divided by number of n32-ingress gateway pods (Roaming Hub mode).
Action Enum

This is a mandatory parameter.

Error Action to be used in the Error Response while discarding the requests for Egress Rate Limiting

Action supported is 'REJECT'
Status Code integer

This is a mandatory parameter.

Error Status Code to be used in the Error Response for discarding the requests due to Egress Rate Limiting

Configured Status Code is sent back in the HTTP/2 response message
Title String

This is a mandatory parameter.

Error Title to be used in the Error Response for discarding the requests for Egress Rate Limiting.

Configured Title is sent back in the HTTP/2 response message.
Remote Sepp Set Enum

This is a conditional parameter.

Remote SEPP Set name in the place of PLMN ID(s), in this case the feature is applied to the PLMN IDs of the given Remote SEPP Set.

Either RSS or PLMN IDs can be selected.
PLMN ID(s) Enum

This is a conditional parameter.

PLMN IDs which need to be part of Egress Rate Limiting List on which feature needs to be applied.

Either PLMN IDs or RSS can be selected.

It's value must be in mcc-mnc format.

Perform the following procedure to edit an Egress Rate Limiting List:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Rate Limiting.
  2. Select Egress Rate Limiting which is defined under Rate Limiting screen.
  3. The Option and EgressRateLimitingList appears underneath.
  4. Click EgressRateLimitingList the option screen appears at the right pane. The Egress Rate Limiting Feature details are available in the screen.
  5. Click Edit option. The Edit Egress Rate Limiting List page appears and user can edit the Egress Rate Limiting List information.
  6. You can edit the Egress Rate Limiting List Configurations and click Save.

Perform the following procedure to delete an Egress Rate Limiting List:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Rate Limiting.
  2. Select Egress Rate Limiting which is defined under Rate Limiting screen.
  3. The Option and EgressRateLimitingList appears underneath.
  4. Click EgressRateLimitingList the option screen appears at the right pane. The Egress Rate Limiting Feature details are available in the screen.
  5. Click Delete option in front of an existing Egress Rate Limiting List that you want to delete.
  6. "Do you want to delete the record" message appears. Click OK.

4.2.13 SOR

The SOR option allows the user to set SOR feature as enabled or disabled and configure the SOR options. Perform the following procedure to enable and configure the SOR feature:

SOR Options
  1. From the left navigation menu, navigate to SEPP and then click SOR. The Options and Trigger Rule List appear underneath.
  2. Click Options under SOR, the Options page appears on the right pane.
  3. Click Edit icon to modify the Option. The Edit Option page appears.
  4. Set SOR Enabled parameter to True to enable the SOR feature.
  5. Set Redirection enabled to true or false to enable or disable the redirection and user can configure the http code.
  6. Set Alternative Routing enabled to true or false to enable or disable the redirection and user can configure the http code.
  7. Set Retry to NF on SOR Server Error Enabled to true or false to enable or disable the retry to SOR.
  8. Configure SOR Server(s) by configuring Priority, Http Scheme, and other parameters..
  9. Configure the Redirection, Alternative Routing Options, SOR Server Error, and Custom Error.

Options Parameters

Table 4-59 Options Parameters

Attribute Data type Mandatory(M)/ Conditional(C)/ Optional(O) Description
SOR Enabled Boolean O To enable or disable the SOR feature.

true indicates enabled and false indicates disabled.

The feature is disabled (set to false) by default.
Alternate Routing Enabled Boolean O To enable or disable the alternative SOR option. true indicates enabled and false indicates disabled.

The value is disabled (set to false) by default.
Retry to NF on SOR Server Error Enabled Boolean O To enable or disable the retry, in case of an error from SOR producer NF occurs.

true indicates enabled and false indicates disabled.
Redirection: Enabled Boolean O

If this parameter is enabled, then SOR responds to SEPP and SEPP sends request to producer.

If this parameter is disabled, then SOR sends request to producer directly. true indicates enabled and false indicates disabled.

Redirection: codes String M This parameter is used to configure all the 3xx HTTP response code that contain valid location header parameter in response, for which user wants to get the redirection applied.
servers: priority Enum M SOR server priority must be Primary, Secondary, and Tertiary. The first entry will always be saved as PRIMARY in database.
servers: httpScheme Enum M The scheme can be http or https.
servers: sorFqdn String M Indicates the FQDN of SOR Server
servers: sorPort String M Indicates the Port of SOR Server
servers: apiPrefix String M Indicates the API Prefix for SOR Server
servers: serverHeader String M Server header that is expected to be received from SOR Server. Typically, SOR-<SOR FQDN>
Alt Routing options: Timeout integer M Indicates the timer to set for retries towards SOR.
Alt Routing options: MaxRetry integer M Indicates the number of times to retry towards the primary SOR end point.
SoR Server Errors: errorCodes string M This is the list of expected response codes (multiple 5xx response codes seperated by (,) can be configured. Example: 501,504,510) from SOR that will need SEPP to contact the Producer directly in case of retry to producer is enabled.
SoR Server Errors: exceptions string M The exceptions that are expected to be returned from SoR in case of timeout.
Custom Error: status code string M Error code that will be relayed to consumer in case of SOR Timeout.
Custome Error: Title string M Error Message that will be relayed to consumer in case of SOR Timeout.
SOR Trigger Rule List
  1. From the left navigation menu, navigate to SEPP and then click SOR. The Options and Trigger Rule List appear underneath.
  2. Click Trigger Rule List under SOR, the Trigger Rule List page appears on the right pane.
  3. Click Add to add the Trigger Rule List.
  4. Select a combination of HTTP Method and Resource URI from the drop down list and Save.

Trigger Rule List Parameters

Table 4-60 Trigger Rule List Parameters

Attribute Data type Mandatory(M)/ Conditional(C)/ Optional(O) Description
Trigger Rule List String M Name of the SOR Trigger List
URI List: resourceURI String M List of Resource URI
URI List: httpMethod String M Request URI httpMethod. The Range is: POST, PUT, GET, PATCH, DELETE, OPTIONS, and HEAD.

4.2.14 Originating Network ID Header Support

Originating Network ID Header Support allows the user to set the Support for Originating Network Id Header Validation, Insertion, and Transposition feature as Enabled or Disabled and configure the Originating Network ID Header options.

Perform the following procedure to enable, disable, and configure the Support for Originating Network Id Header Validation, Insertion, and Transposition feature:
  1. From the left navigation menu, navigate to SEPP and then click Originating Network ID Header Support. The option appears underneath.
  2. Click Option, the option screen appears at the right pane with the parameters to enable the feature.
  3. Click Edit icon to modify the Option. The Edit Option page appears.
  4. Set Enabled to True or False.
  5. Select SEPP's Local PLMN ID[mcc-mnc] from the drop-down menu.
  6. Select Supported Header Name from the drop down menu.
  7. Click Save.

The following table lists the parameters:

Table 4-61 Parameters

Parameter Name Description Details
Enabled

This is a mandatory parameter.

A boolean value to enable or disable the support for Originating Network Id Header Validation, Insertion, and Transposition feature at the global level.

True indicates the feature is enabled.

False indicates the feature is disabled.

 Datatype: Boolean
SEPP's Local PLMN ID [mcc-mnc] This is an optional parameter.

This value indicates SEPP's supported Local PLMN ID which is used for missing header (3gpp-Sbi-Originating-Network-Id or 3gpp-Sbi-Asserted-Plmn-Id) population at C SEPP. The user can provide this value by selecting one of the values from the drop-down. SEPP selects one of the supported local PLMN IDs when this parameter is not configured. 		Datatype: String
Supported Header Name

This is a mandatory parameter.

This value indicates the supported header name. The user can select either "3gpp-Sbi-Originating-Network-Id" or "3gpp-Sbi-Asserted-Plmn-Id" from the drop-down.

P SEPP uses this header to either add the missing request header (3gpp-Sbi-Originating-Network-Id or 3gpp-Sbi-Asserted-Plmn-Id) or header (already present in the request) transposition.

 Datatype: String

4.2.15 Configurations

This section explains how to configure cnDBTier, Egress Gateway, and Ingress Gateway APIs.

4.2.15.1 Gateway

This section explains how to configure the Common Gateway (Ingress Gateway and Egress Gateway) APIs.

4.2.15.1.1 IGW (Ingress Gateway)

This section contains the PLMN Ingress Gateway and N32 Ingress Gateway APIs.

4.2.15.1.1.1 PLMN Ingress Gateway

This section contains the PLMN Ingress Gateway APIs.

Error Code Series List

This configuration is used to map errorCodeSeries id and the corresponding errorCodeSeries configuration. By default this configuration is null.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click Error Code Series List option under PLMN Ingress Gateway. The Error Code Series page is displayed.
  4. Click Add to add the error code series.

    The Create Error Code Series page is displayed.

  5. Configure the fields in the Create Error Code Series page.
  6. Click Add in the Error Code Series section.

    The Add Error Code Series page is displayed.

  7. Configure the fields in the Add Error Code Series page.
  8. Click Save on the Add Error Code Series page to save the details. Click Cancel to discard your progress and go back to Create Error Code Series page.
  9. Click Save on the Create Error Code Series page to save the details. Click Cancel to discard your progress and go back to Error Code Series page.

Note:

  • Use the Edit icon or Delete available in the next column of the specific entry to update or delete the error code series information.
  • Use Refresh icon to refresh the error code series information.

Table 4-62 Error Code Series List

Field Name Description Details
ID Indicates the error code identifier. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Exception List

Lists the configurable exception or error for an error scenario in Ingress Gateway.

The only supported values are:

ConnectionTimeout, RequestTimeout, UnknownHostException, ConnectException, RejectedExecutionException, InternalError and NotFoundException, ClosedChannelException, BlackListIpException

 DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Code Series

Lists the error codes for a specific service.

Note: "ErrorCodeSeries" is configured only if a set of error responses with specific error codes is expected in server header. If it is not configured then all the error responses will have server header.

DataType: string

Constraints: NA

Default Value: NA

Presence: M

Table 4-63 Error Code Series Configuration

Field Name Description Details
Error Set Possible values for "errorSet" attribute: 5xx, 4xx, 3xx, 2xx, 1xx DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Codes

Possible values include all error codes in the respective HttpSeries value assigned for "errorSet".

Note: Use single value of "-1" if all error codes in that HttpSeries are to be considered.

DataType: string

Constraints: NA

Default Value: NA

Presence: M

Server Header Details

This API can be used for adding Server Header in the error responses sent from Ingress Gateway. By default, this feature is disabled. To enable the feature, invoke the following REST API and update the enable switch.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click Server Header Details option under PLMN Ingress Gateway. The Server Header Details page is displayed.
  4. Click Edit to update the Server Header Details. The Edit Server Header Details page is displayed.
  5. Configure the fields in the Edit Server Header Details page.
  6. Click Save on the Edit Server Header Details page to save the details. Click Cancel to discard your progress and go back to Server Header Details page.

    Table 4-64 Server Header Details

    Field Name Description Details
    Enabled Use the switch to enable or disable Server Header DataType: boolean (true, false)

    Constraints: NA

    Default Value: NA

    Error Code Series Id

    Specify the error list ID.

    		DataType: string

    Constraints: NA

    Default Value: NA

    Presence: M

    Configuration Configure the following fields in Configuration section DataType: NA

    Constraints: NA

    Default Value: NA
    NF Type Specify the type of network function. In this case, it is SEPP. DataType: string

    Constraints: NA

    Default Value: NA
    NF Instance Id Enter the SEPP instance ID. It represents the UUID of the SEPP deployment that is used to generate the Server Header. DataType: integer

    Constraints: NA

    Default Value: NA

    Note:

    Ensure that an errorCodeSeries exists corresponding to the errorCodeSeriesId.
4.2.15.1.1.2 N32 Ingress Gateway

This section contains the N32 Ingress Gateway APIs.

Error Code Profiles

This configuration is used to update the errorcodeprofiles that is used in Overload Control feature for populating details in error responses when a request is discarded.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to IGW option to configure the Egress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click Error Code Profiles option under N32 Ingress Gateway. The Error Code Profiles page is displayed with default values for few fields.
  4. Click Add to add the profiles.

    The Create Error Code Profiles page is displayed.

  5. Configure the fields in the Create Error Code Profiles page.
  6. Click Save on the Create Error Code Profiles page to save the details. Click Cancel to discard your progress and go back to Error Code Profiles page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the route error profile information.
  • Use Refresh icon to refresh the route error profile information.

Table 4-65 Error Code Profile Configuration

Field Name Description Details
Name Indicate the error name. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Code Error Code field in an errorScenario determines the HttpStatusCode that needs to be populated in ProblemDetails (HttpStatus field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. DataType: integer

Constraints: NA

Default Value: NA

Presence: M

Error Cause Error Cause field in an errorScenario determines the error cause that needs to be populated in ProblemDetails (Cause field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Error Title Error Title field in an errorScenario determines the title that needs to be populated in ProblemDetails (Title field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Redirect URL Redirect URL field in an errorScenario determines the redirection URL, this value is populated in LOCATION header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the redirectUrl field for the particular errorScenario is configured appropriately. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Retry After Retry After field in an errorScenario determines the value in seconds or particular date after which the service should be retried, this value is populated in Retry-After header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the retry-after field for the particular errorScenario is configured appropriately in seconds. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Error Description Error Description field in an errorScenario determines the description that needs to be populated in ProblemDetails (Detail field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Error Code Series List

This configuration is used to map errorCodeSeries id and the corresponding errorCodeSeries configuration. By default this configuration is null.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click Error Code Series List option under N32 Ingress Gateway. The Error Code Series List page is displayed.
  4. Click Add to add the error code series.

    The Create Error Code Series page is displayed.

  5. Configure the fields in the Create Error Code Series page.
  6. Click Add in the Error Code Series section.

    The Add Error Code Series page is displayed.

  7. Configure the fields in the Add Error Code Series page.
  8. Click Save on the Add Error Code Series page to save the details. Click Cancel to discard your progress and go back to Create Error Code Series page.
  9. Click Save on the Create Error Code Series page to save the details. Click Cancel to discard your progress and go back to Error Code Series page.

Note:

  • Use the Edit icon or Delete available in the next column of the specific entry to update or delete the error code series information.
  • Use Refresh icon to refresh the error code series information.

Table 4-66 Error Code Series List

Field Name Description Details
ID Indicates the error code identifier. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Exception List

Lists the configurable exception or error for an error scenario in Ingress Gateway.

The only supported values are:

ConnectionTimeout, RequestTimeout, UnknownHostException, ConnectException, RejectedExecutionException, InternalError and NotFoundException, ClosedChannelException, BlackListIpException

 DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Code Series

Lists the error codes for a specific service.

Note: "ErrorCodeSeries" is configured only if a set of error responses with specific error codes is expected in server header. If it is not configured then all the error responses will have server header.

DataType: string

Constraints: NA

Default Value: NA

Presence: M

Table 4-67 Error Code Series Configuration

Field Name Description Details
Error Set Possible values for "errorSet" attribute: 5xx, 4xx, 3xx, 2xx, 1xx DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Codes

Possible values include all error codes in the respective HttpSeries value assigned for "errorSet".

Note: Use single value of "-1" if all error codes in that HttpSeries are to be considered.

DataType: string

Constraints: NA

Default Value: NA

Presence: M

OverloadControlDiscardPolicies

This configuration is used to update service names and corresponding policy names for the service which is mapped to ocDiscardPolicies based on "policyName" and also to enable or disable the Overload Control feature and the sampling period in overload control. By default, the Overload Control feature is disabled and the sampling period is 6000.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click the Overload Control Discard Policy option under N32 Ingress Gateway to configure peers. The Overload Control Discard Policy page is displayed.
  4. Click Add to add the configuration.The Create Overload Control Discard Policy page is displayed.
  5. Configure the fields in the Create Overload Control Discard Policy page.
  6. Click Add in the Policies section.The Add Policies page is displayed.
  7. Configure the fields under the Add Policies page.
  8. Click Save on the Add Policies page to save the details. Click Cancel to discard your progress and go back to Create Overload Control Discard Policy page.
  9. Click Save on the Create Overload Control Discard Policy page to save the details. Click Cancel to discard your progress and go back to Overload Control Discard Policy page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the policy information.
  • Use Refresh icon to refresh the policy information.

Table 4-68 Discard Policy Configuration

Attribute Name Description Details
Name

Name of the discarded policy.

Note: name must be the value configured in policyName under ocpolicymapping.

DataType: string

Constraints: NA

Default Value: NA

Presence: M

Scheme Discarded policy scheme based on percentage. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Table 4-69 Policies

Attribute Name Description Details
Value Value of priority above which requests are considered as potential candidates for drop. Percentage of requests to drop in the current sampling period over the calculated rate in the previous sampling period. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Action Defines the action to be taken on selected requests rejection based on error code. DataType: string

The value can be: RejectWithErrorCode

Constraints: NA

Default Value: NA

Presence: M

Level Defines the overload level. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Code Profile Define the error code profiles. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Discard Policy Mapping

This URI can be used to update service names and corresponding policy name for the service which is mapped to "ocDiscardPolicies" based on "policyName" and also to enable/disable the Overload Control feature and the sampling period in overload control. By default, the Overload Control feature is disabled and the sampling period is the 60s. To enable the feature, REST API needs to be invoked and update the enabled flag to true.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click the Discard Policy Mapping option under N32 Ingress Gateway to manage discard policies. TheDiscard Policy Mapping page is displayed.
  4. Click Edit. This opens the Edit Discard Policy Mapping page.
  5. Click Add to add the mappings.The Add Mappings page is displayed.
  6. Configure the fields under the Add Mappings page.
  7. Click Save on the Add Mappings page to save the details.
  8. Click Save on the Edit Discard Policy Mapping page to save the details

Note:

  • Use the Edit icon available in the next column of the specific entry to update the policy information.
  • Use Refresh icon to refresh the policy information.

Table 4-70 Discard Policy Mapping Configurations

Attribute Name Description Details
Enable Overload Control Specifies whether to enable or disable overload control. DataType: Boolean

Constraints: NA

Default Value: False

Sampling Period (in milliseconds) Specifies the time frame for each cycle of overload control per service. Its default value is 200 ms. DataType: int

Constraints: NA

Default Value: NA

Table 4-71 Mappings Configurations

Attribute Name Description Details
Service Name Specifies the name of the microservice that is further used to determine a mapping between service and discard policy name per service. DataType: string

Presence: M

Policy Name Specifies the name of the discard policy that is used to determine a mapping between service and discard policy name per service. The drop-down list shows the policies configured using the Discard Policy page. DataType: string

The value can be: RejectWithErrorCode

Presence: M

Server Header Details

This API can be used for adding Server Header in the error responses sent from Ingress Gateway. By default, this feature is disabled. To enable the feature, invoke the following REST API and update the enable switch.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select IGW and navigate to IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appears underneath.
  3. Click Server Header Details option under N32 Ingress Gateway. The Server Header Details page is displayed.
  4. Click Edit to update the Server Header Details. The Edit Server Header Details page is displayed.
  5. Configure the fields in the Edit Server Header Details page.
  6. Click Save on the Edit Server Header Details page to save the details. Click Cancel to discard your progress and go back to Server Header Details page.

    Table 4-72 Server Header Details

    Field Name Description Details
    Enabled Use the switch to enable or disable Server Header DataType: boolean (true, false)

    Constraints: NA

    Default Value: NA

    Error Code Series Id

    Specify the error list ID.

    		DataType: string

    Constraints: NA

    Default Value: NA

    Presence: M

    Configuration Configure the following fields in Configuration section DataType: NA

    Constraints: NA

    Default Value: NA
    NF Type Specify the type of network function. In this case, it is SEPP. DataType: string

    Constraints: NA

    Default Value: NA
    NF Instance Id Enter the SEPP instance ID. It represents the UUID of the SEPP deployment that is used to generate the Server Header. DataType: integer

    Constraints: NA

    Default Value: NA

    Note:

    Ensure that an errorCodeSeries exists corresponding to the errorCodeSeriesId.
    .
4.2.15.1.1.2.1 Health Check Configuration

Health Check Configuration is used to enable Ingress gateway to understand incoming health API and respond with a configured response code to denote it is healthy.

Perform the following procedure to configure the Proactive Status Updates on the SEPP feature:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appear underneath. Select Gateway and navigate to the IGW option to configure the Ingress Gateway APIs. The PLMN Ingress Gateway and N32 Ingress Gateway appear underneath.
  3. Click Health Check Configuration under N32 Ingress Gateway. The Health Check Configuration page is displayed.
  4. Click the Edit icon to modify the Health Check Configuration. The Health Check ConfigurationOptions page appears.
  5. Set Enabled to True or False.
  6. Enter Request URI, Response Code, and Request Method.

Table 4-73 Health Check Configuration Parameters

Parameter Name Data Type Mandatory(M)/Optional(O)/Conditional(C) Description
enabled Boolean M enable feature on IGW.
Request URI String M

URI to match with incoming health check URI. If matches with method, the configured response code sent

If no match is found, the health check request is forwarded to the backend service.
Request Method String M

method to match with the incoming health check Method. If matches with URI, the configured response code sent

Only GET and OPTIONS are supported.
Response Code Numerical M

Response code to send when URI and Method are a match.

Range of values: 200,201,202,203,204,205,206,207,208,226.
4.2.15.1.2 EGW (Egress Gateway)

This section contains the PLMN Egress Gateway and N32 Egress Gateway APIs.

4.2.15.1.2.1 PLMN Egress Gateway

This section contains the PLMN Egress Gateway APIs.

Configurable Error Codes

This URI is used to configure an appropriate error response (error code, error cause, error title, and error description) for exceptions occurring at N32 Egress Gateway. The feature is disabled by default.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the Configurable Error Codes option under PLMN Egress Gateway to configure Error Code Profiles. The Error Code Profiles page is displayed.
  4. Click Add to add the configurable error codes. The Edit Configurable Error Codes page is displayed.
  5. Configure the fields in the Edit Configurable Error Codes page.
  6. Click Save on the Edit Configurable Error Codes page to save the configurable error codes. Click Cancel to discard your progress and go back to the Edit Error Code Profiles page.

Table 4-74 Configurable Error Codes Configuration

Field Name Description Details
Enabled Enables or disables configurable error codes functionality DataType: boolean

Constraints: NA

Default Value: false
Exception Type Specific exception for which error profile name is configured DataType: string

Constraints: NA

Default Value: NA
Error Profile Name Specific Name for a particular exception occurs DataType: string

Constraints: NA

Default Value: NA

Error Code Profile

This configuration is used to update the errorcodeprofiles that is used in Overload Control for populating details in error responses when a request is discarded.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configuration.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. .
  4. Click Error Code Profiles option under PLMN Egress Gateway. The Error Code Profiles page is displayed with default values for few fields.
  5. Click Add to add the profiles.

    The Create Error Code Profiles page is displayed.

  6. Configure the fields in the Create Error Code Profiles page.
  7. Click Save on the Create Error Code Profiles page to save the details. Click Cancel to discard your progress and go back to Error Code Profiles page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the route error profile information.
  • Use Refresh icon to refresh the route error profile information.

Table 4-75 Error Code Profile Configuration

Field Name Description Details
Name Indicate the error name. DataType: string

Constraints: NA

Default Value: NA

Presence: M

Error Code Error Code field in an errorScenario determines the HttpStatusCode that needs to be populated in ProblemDetails (HttpStatus field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. DataType: integer

Constraints: NA

Default Value: NA

Presence: M

Error Cause Error Cause field in an errorScenario determines the error cause that needs to be populated in ProblemDetails (Cause field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Error Title Error Title field in an errorScenario determines the title that needs to be populated in ProblemDetails (Title field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Redirect URL Redirect URL field in an errorScenario determines the redirection URL, this value is populated in LOCATION header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the redirectUrl field for the particular errorScenario is configured appropriately. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Retry After Retry After field in an errorScenario determines the value in seconds or particular date after which the service should be retried, this value is populated in Retry-After header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the retry-after field for the particular errorScenario is configured appropriately in seconds. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Error Description Error Description field in an errorScenario determines the description that needs to be populated in ProblemDetails (Detail field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. DataType: integer

Constraints: NA

Default Value: NA

Presence: O

Peer Configuration

This configuration is used to add or update the list of peers wherein each peer consists of ID, host, port or virtualHost, and apiPrefix. The ID of each peer is mapped to Peer Identifier in Peer Set Configuration. The default value is null.

Perform the following configurations to configure the peers:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the Peer Configuration option under PLMN Egress Gateway to configure peers. The Peer Configuration page is displayed.
  4. Click Add to add the peer configuration. The Create Peer Configuration page is displayed.
  5. Configure the fields in the Create Peer Configuration page.
  6. Click Save on the Create Peer Configuration page to save the peer configuration. Click Cancel to discard your progress and go back to Peer Configuration page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the Peer Configuration information.
  • Use Refresh icon to refresh the list of peers configured.

Table 4-76 Peer Configuration

Field Name Description Details
ID Enter an unique peer identifier value. DataType: string

Constraints: NA

Default Value: NA

Host

Host details of a local peer.

It can be IPv4, IPv6 and FQDN details.

 DataType: string

Constraints: NA

Default Value: NA

Port Port details of a local host peer. DataType: string

Constraints: NA

Default Value: NA

Virtual Host Host details of a remote peer. This FQDN is sent to Alternate Route Service for DNS SRV resolution. DataType: string

Constraints: NA

Default Value: NA

API Prefix API prefix details of a peer. Note: The recommended value is / . DataType: string

Constraints: NA

Default Value: NA

healthApiPath Include the SEPP API details. DataType: string

Constraints: NA

Default Value: /{seppApiRoot}/{apiVersion}/status

Peer Set Configuration

This configuration is used to add or update the list of peer sets wherein each peer set consists of ID and list of HTTP/HTTPS instances. Each instance consists of priority and peer identifier that is mapped to id in peerconfiguration resource. The ID of each peer set is mapped to Peer Set Identifier in Routes Configuration resource. The default value is null.

Perform the following configurations to configure the peer set:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the Peer Set Configuration option under PLMN Egress Gateway to configure peers.
  4. The Peer Set Configuration page is displayed.
  5. Click Add to add the peer set configuration.
  6. Configure the fields in the Create Peer Set Configuration page.
  7. Click Add to add HTTP Configuration. The Add HTTP Configuration page is displayed.
  8. In the Add HTTP Configuration page, configure the fields.
  9. Click Save to save the details. Click Cancel to discard your progress, close the dialog box, and go back to Create Peer Set Configuration page.
  10. Click Add to add HTTPS Configuration. The Add HTTPS Configuration page is displayed.
  11. In the Add HTTPS Configuration page, configure the fields.
  12. Click Save to save the details. Click Cancel to discard your progress, close the dialog box, and go back to Create Peer Set Configuration page.
  13. Click Save on the Create Peer Set Configuration page to save the details. Click Cancel to discard your progress and go back to Peer Set Configuration page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the peer set configuration information.
  • Use Refresh icon to refresh the list of peers configured.

Table 4-77 Peer Set Configuration

Field Name Description Details
ID Enter the unique identifier for Peer Set. DataType: string

Constraints: Unique value in peer set configuration.

Default Value: NA

HTTP Configuration Configuration for HTTP based Peers. This value will be selected, if 3GPPAPIRootScheme value is http. DataType: array ()

Constraints: NA

Default Value: NA

HTTPS Configuration Configuration for HTTPs based Peers. This value will be selected, if 3GPPAPIRootScheme value is https. DataType: array ()

Constraints: NA

Default Value: NA

Table 4-78 Peer Identifier Configuration

Field Name Description Details
Priority Priority of peer to be used in a peer set. DataType: integer

Constraints: Priority must be unique.

Default Value: NA

Peer Identifier Peer identifier is the value of peer configured during PeerConfiguration. DataType: string

Constraints: NA

Default Value: NA

Routes Configuration

This configuration is used to fetch and update the list of routes configuration.

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the Routes Configuration option under PLMN Egress Gateway to configure peers. The Routes Configuration page is displayed.
  4. Click Add to add the peer configuration.The Create Routes Configuration page is displayed.
  5. Configure the fields in the Create Routes Configuration page.
  6. Configure the fields in the metadata section.
  7. Click Add in the right side column to add predicates. The Add predicates page is displayed.
  8. Configure the fields in the Add predicates page .
  9. Click Save to save predicates configuration. Click Cancel to discard your progress, close the window, and go back to Create Routes Configuration page.
  10. Configure the fields in the Filters section as mentioned in the table.
  11. Click Add in the right side column to add filters.The Add Filters window is displayed.
  12. Configure the fields in the Add Filters window.
  13. Click Add at the bottom of the window to save filters configuration. Click Remove to remove filter configuration.
  14. Click Save in Add Filters window to save the details. Click Cancel to discard your progress, close the window, and go back to Create Routes Configuration page.
  15. Click Save on the Create Routes Configuration page to save the details. Click Cancel to discard your progress and go back to Routes Configuration page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the routes configuration.
  • Use Refresh icon to refresh the routes configuration.

Table 4-79 Routes Configuration

Field Name Description Details
ID Indicates the unique route configuration identifier DataType: string

Constraints: Unique value of route

Default Value: NA

URI Provide any dummy URL, or leave the existing URL with the existing value. DataType: string

Constraints: NA

Default Value: NA

Order

Provide the order of the execution of this route.

Note: The value of the order attribute must be unique for each routing configuration.

DataType: integer

Constraints: NA

Default Value: NA

httpRuriOnly This flag indicates the scheme of the outgoing request from OCSEPP.

If the value is set to true, the scheme of RURI is changed to http.

If the value is set to false, no change occurs to the scheme.

Note: In case of non-ASM configuration and 3GPPAPIRootScheme in Roaming Options is set to https, set the value as false.

DataType: boolean (true,false)

Constraints: NA

Default Value: NA

httpsTargetOnly

For SEPP, the value of this flag must always be set to true.

Note: This is a read-only attribute.

DataType: boolean (true, false)

Constraints: NA

Default Value: NA

sbiRoutingEnabled Enables or disables SBI routing

true: SbiRouting functionality is enabled

false: SbiRouting functionality is disabled

 DataType: boolean (true, false)

Constraints: NA

Default Value: false

Predicates

Header predicate details for matching target PLMN mapped to this SBIRoute rule.

Note: The predicates can be combined in a single configuration as shown in the Body, or only the required configuration can be retained for processing the message.

Sample value:-

"predicates": [{ "args": { "header": "OC-MCCMNC", "regexp": "310014" }, "name": "Header" }]

Note: "header": "OC-MCCMNC" must not be changed. Only "regexp": "310014" can be modified.

regexp consists of MCC and MNC values. In this example, value of MCC and MNC is 310 and 014. Multiple values can be provided for regexp as shown below:

"predicates": [{ "args": { "header": "OC-MCCMNC", "regexp": "310014" }, "name": "Header" }, { "args": { "header": "OC-MCCMNC", "regexp": "315012" }, "name": "Header" }]

 DataType: Predicate structure. See description for more details.

Constraints: NA

Default Value: NA

Table 4-80 Filters Configuration

Field Name Description Details
Name Provide filtername as "SBIRoutingFilter" DataType: boolean (true, false)

Constraints: NA

Default Value: NA

PeerSetIdentifier This flag maps to id of peerSetConfiguration. DataType: String

Constraints: NA

Default Value: NA

CustomPeerSelectorEnabled This flag allows the user to send request to a particular instance directly when enabled according to "ocalternaterouteattempt" header DataType: boolean (true, false)

Constraints: NA

Default Value: NA

SBI Error Action Sets

This configuration is used to list or update the error action set configuration at Egress Gateway. Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configuration.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click SBI Error Action Sets option under PLMN Egress Gateway to configure action sets. The SBI Error Action Sets page is displayed.
  4. Click Add to add an error action set configuration. The Create SBI Error Action Sets page is displayed.
  5. Configure the fields in the Create SBI Error Action Sets page.
  6. Configure the fields under the Black List section.
  7. Click Save on the Create SBI Error Action Sets page to save the details. Click Cancel to discard your progress and go back to SBI Error Action Sets page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the action sets information.
  • Use Refresh icon to refresh the list of action sets.

Table 4-81 SBI Error Action Sets

Field Name Description Details
ID Indicate the unique Id for SBI routing error action set. DataType: string

Constraints:

Default Value: NA

Action Action that needs to be taken when specific criteria set is matched. DataType: string

Constraints: reroute, retry

Default Value: reroute

Attempts Maximum number of retries to either same or different peer in case of error or failures from backend. DataType: string

Constraints: NA

Default Value: 3

Table 4-82 Blacklist

Field Name Description Details
Enabled This flag enables the peer blacklist feature using the server headers received in the response. DataType: boolean

Constraints: true, false

Default Value: false

Duration The duration for which the peer is blacklisted and no traffic is routed to that peer for this period. DataType: integer

Constraints: NA

Default Value: 60000

SBI Error Criteria Sets

This URI is used to list or update SBI error criteria sets configuration at Egress Gateway. By default, this configuration is disabled.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the SBI Error Criteria Sets option under PLMN Egress Gateway to configure peers. The SBI Error Criteria Sets page is displayed.
  4. Click Add to add an error action set configuration. The Create SBI Error Criteria Sets page is displayed.
  5. Configure the fields in the Create SBI Error Criteria Sets page.
  6. Click Save in Add Statuses window to save statuses configuration. Click Cancel to discard your progress, close the window, and go back to Create SBI Error Criteria Sets page.
  7. Click Add in Cause section to configure cause details. Configure the fields under Cause section.
  8. Headers Matching Script: Enter headers matching script.
  9. Click Save on the Create SBI Error Criteria Sets page to save the details. Click Cancel to discard your progress and go back to Create SBI Error Criteria Sets page.

    Note:

    • Use Edit icon available in the next column of the specific entry to update the SBI Error Criteria Sets information.
    • Use Refresh icon to refresh the configuration.
  10. Click Add in Cause section to configure cause details. Configure the fields under Cause section.
  11. Enter headers matching script.
  12. Click Save on the Create SBI Error Criteria Sets page to save the details. Click Cancel to discard your progress and go back to Create SBI Error Criteria Sets page.

Note:

  • Use Edit icon available in the next column of the specific entry to update the SBI Error Criteria Sets information.
  • Use Refresh icon to refresh the configuration.

Table 4-83 SbiErrorCriteriaSets

Field Name Description Details
ID Enter an unique ID for SBI routing error action set DataType: Integer

Constraints: NA

Default Value: NA

Method Indicate the action that needs to be taken when specific criteria set is matched. DataType: String

Constraints: NA

Default Value: NA

Exceptions Enter the maximum number of retries to either same or different peer in case of error or failures from backend. DataType: Integer

Constraints: NA

Default Value: NA

Response Configure the following fields under Statuses section. Click Add to add HTTP status details DataType: String

Constraints: NA

Default Value: NA

Status Series Enter the HTTP status series for which reroute or retry is triggered, when the error response is received from downstream. DataType: Integer

Constraints: NA

Default Value: NA

Status Specify HTTP statuses that belongs to above mentioned status series for which reroute or retry is triggered. To enable retry or reroute for all the HTTP status belonging to a status series, configure this as -1. DataType: Integer

Constraints: NA

Default Value: NA

Table 4-84 Cause Configuration

Field Name Description Details
ignoreCauseIfMissing Enable the switch to ignore cause if it is missing. DataType: boolean (true, false)

Constraints: NA

Default Value: NA

Path Path of the cause. DataType: String

Constraints: NA

Default Value: NA

Reason Reason of the cause. DataType: string

Constraints: NA

Default Value: NA

Retry Profile

This URI is used to configure the conditions for retry to particular peer If a request to a particular peer fails. The PLMN Egress Gateway then checks this retryProfile and then retry the request till the retry count exhausts or we receive success response. For the first request, Retry Profile configurations will be considered. These configurations can also be done at N32 Egress Gateway and can be used if we did not receive any retry profile and default retry is enabled at EGW.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the Retry Profile option under PLMN Egress Gateway to configure retry profile. The Retry Profile page is displayed.
  4. Click Add to add the retry profile configuration. The Edit Retry Profile page is displayed.
  5. Configure the fields in the Create Retry Profile page.
  6. Click Save on the Create Retry Profile screen to save the details. Click Cancel to discard your progress and go back to Edit Retry Profile screen.

Table 4-85 Retry Profile Configurations

Field Name Description Details
retryCount

The number of retries which happens at EGW when a request fails.

(This count is excluding the first request. Example: retryCount is 3 then a total of 4 attempts will be made)

DataType: INTEGER

Constraints: NA

Default Value: 3
requestTimeout This is the configuration for request timeout for the call that happened from EGW to producer NF.

DataType: INTEGER

Constraints: NA

Default Value: 3,000
statuses

This configuration is the list of HTTP error codes to match when we get the response from producer NF.

It can be defined as either 4xx or a specific error code like 404. We should not define both like ["4xx", "400"] . If defined then which condition is first met will be served.

If any unexpected error occurs while reading retryProfile shared by the backend service then the normal call flow would continue and retry conditions will not be considered.

DataType: LIST

Constraints: NA

Default Value: 4xx, 5xx
exceptions

This configuration is the list of exceptions to match when we get the response from producer NF.

Following is the set of possible exceptions:
  • java.net.UnknownHostException
  • javax.net.ssl.SSLHandshakeException
  • java.nio.channels.ClosedChannelException
  • java.net.ConnectException
  • java.net.SocketTimeoutException
  • java.util.concurrent.TimeoutException
  • java.util.concurrent.RejectedExecutionException

DataType:

LIST

Constraints: NA

Default Value: java.net.ConnectException

Note:

If SBI routing is enabled for the route then this default route retry will not work even if we receive the retry profile as part of the request header for that route.
4.2.15.1.2.1.1 N32 Egress Gateway

This section contains the N32 Egress Gateway APIs.

SBI Error Criteria Sets

This URI is used to list or update SBI error criteria sets configuration at Egress Gateway. By default, this configuration is disabled.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the SBI Error Criteria Sets option under N32 Egress Gateway to configure peers. The SBI Error Criteria Sets page is displayed.
  4. Click Add to add an error action set configuration. The Create SBI Error Criteria Sets page is displayed.
  5. Configure the fields in the Create SBI Error Criteria Sets page.
  6. Click Save in Add Statuses window to save statuses configuration. Click Cancel to discard your progress, close the window, and go back to Create SBI Error Criteria Sets page.
  7. Click Add in Cause section to configure cause details. Configure the fields under Cause section.
  8. Headers Matching Script: Enter headers matching script.
  9. Click Save on the Create SBI Error Criteria Sets page to save the details. Click Cancel to discard your progress and go back to Create SBI Error Criteria Sets page.

    Note:

    • Use Edit icon available in the next column of the specific entry to update the SBI Error Criteria Sets information.
    • Use Refresh icon to refresh the configuration.
  10. Click Add in Cause section to configure cause details. Configure the fields under Cause section.
  11. Enter headers matching script.
  12. Click Save on the Create SBI Error Criteria Sets page to save the details. Click Cancel to discard your progress and go back to Create SBI Error Criteria Sets page.

Note:

  • Use Edit icon available in the next column of the specific entry to update the SBI Error Criteria Sets information.
  • Use Refresh icon to refresh the configuration.

Table 4-86 SbiErrorCriteriaSets

Field Name Description Details
ID Enter an unique ID for SBI routing error action set DataType: Integer

Constraints: NA

Default Value: NA

Method Indicate the action that needs to be taken when specific criteria set is matched. DataType: String

Constraints: NA

Default Value: NA

Exceptions Enter the maximum number of retries to either same or different peer in case of error or failures from backend. DataType: Integer

Constraints: NA

Default Value: NA

Response Configure the following fields under Statuses section. Click Add to add HTTP status details DataType: String

Constraints: NA

Default Value: NA

Status Series Enter the HTTP status series for which reroute or retry is triggered, when the error response is received from downstream. DataType: Integer

Constraints: NA

Default Value: NA

Status Specify HTTP statuses that belongs to above mentioned status series for which reroute or retry is triggered. To enable retry or reroute for all the HTTP status belonging to a status series, configure this as -1. DataType: Integer

Constraints: NA

Default Value: NA

Table 4-87 Cause Configuration

Field Name Description Details
ignoreCauseIfMissing Enable the switch to ignore cause if it is missing. DataType: boolean (true, false)

Constraints: NA

Default Value: NA

Path Path of the cause. DataType: String

Constraints: NA

Default Value: NA

Reason Reason of the cause. DataType: string

Constraints: NA

Default Value: NA

SBI Error Action Sets

This configuration is used to list or update the error action set configuration at Egress Gateway. Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click SBI Error Action Sets option under N32 Egress Gateway to configure action sets. The SBI Error Action Sets page is displayed.
  4. Click Add to add an error action set configuration. The Create SBI Error Action Sets page is displayed.
  5. Configure the fields in the Create SBI Error Action Sets page.
  6. Configure the fields under the Black List section.
  7. Click Save on the Create SBI Error Action Sets page to save the details. Click Cancel to discard your progress and go back to SBI Error Action Sets page.

Note:

  • Use the Edit icon available in the next column of the specific entry to update the action sets information.
  • Use Refresh icon to refresh the list of action sets.

Table 4-88 SBI Error Action Sets

Field Name Description Details
ID Indicate the unique Id for SBI routing error action set. DataType: string

Constraints:

Default Value: NA

Action Action that needs to be taken when specific criteria set is matched. DataType: string

Constraints: reroute, retry

Default Value: reroute

Attempts Maximum number of retries to either same or different peer in case of error or failures from backend. DataType: string

Constraints: NA

Default Value: 3

Table 4-89 Blacklist

Field Name Description Details
Enabled This flag enables the peer blacklist feature using the server headers received in the response. DataType: boolean

Constraints: true, false

Default Value: false

Duration The duration for which the peer is blacklisted and no traffic is routed to that peer for this period. DataType: integer

Constraints: NA

Default Value: 60000

Configurable Error Codes

This URI is used to configure an appropriate error response (error code, error cause, error title, and error description) for exceptions occurring at N32 Egress Gateway. The feature is disabled by default.

Perform the following configurations:

  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations.
  2. The Gateway and cnDBTier appears underneath. Select Gateway and navigate to EGW option to configure the Egress Gateway APIs. The PLMN Egress Gateway and N32 Egress Gateway appears underneath.
  3. Click the Configurable Error Codes option under PLMN Egress Gateway to configure Error Code Profiles. The Error Code Profiles page is displayed.
  4. Click Add to add the configurable error codes. The Edit Configurable Error Codes page is displayed.
  5. Configure the fields in the Edit Configurable Error Codes page.
  6. Click Save on the Edit Configurable Error Codes page to save the configurable error codes. Click Cancel to discard your progress and go back to the Edit Error Code Profiles page.

Table 4-90 Configurable Error Codes Configuration

Field Name Description Details
Enabled Enables or disables configurable error codes functionality DataType: boolean

Constraints: NA

Default Value: false
Exception Type Specific exception for which error profile name is configured DataType: string

Constraints: NA

Default Value: NA
Error Profile Name Specific Name for a particular exception occurs DataType: string

Constraints: NA

Default Value: NA
4.2.15.2 cnDBTier
Perform the following procedure to view the cnDBTier version, status of cnDBTier clusters, and georeplication status on the CNC Console. The cnDBTier APIs are read only APIs that can be viewed in CNC Console.
  1. In the CNC Console GUI, from the left navigation menu, navigate to SEPP and then click Configurations. The Gateway and cnDBTier appears underneath.
  2. click cnDBTier tab. The cnDBTier page is displayed.
  3. Click the Backup List to view the list of completed backups along with backup ID, backup size, and backup creation timestamp.

    The Backup List page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-91 Backup List

    Fields Description
    Site Name This attribute displays the name of the current site to which SEPP is connected.
    Backup Details This attribute displays the following information like backup id, backup size, and backup creation timestamp.
    Backup Id This attribute displays the ID of the stored backup.
    Backup Size (bytes) This attribute displays the size of the stored backup.
    Creation TimeStamp This attribute displays the time recorded when the backup was stored.
  4. Click cnDBTier Health to view the health status of the microservices such as replication, backup manager, monitor services, NDB services.
    The cnDBTier Health page is displayed.
    1. Click the Backup Manager Health Status to view the health status of the backup manager.
      The Backup Manager Health Status page is displayed.

      Note:

      The following are read-only APIs.

      Table 4-92 Backup Manager Health Status

      Attribute Description
      Service Name This attribute displays the service name of the backup manager microservice.
      Service Status This attribute displays the service status of the backup manager microservice.

      Possible values are UP and DOWN.
      DB Connection Status This attribute displays the database connection status of the backup manager microservice.

      Possible values are UP and DOWN.
      Overall Backup Manager Service Health This attribute displays the overall health status of the backup manager microservice.

      Possible values are UP and DOWN.
      Backup Executor Health Status This attribute displays the following information like node id and DB connection status of the backup executor.
      Node Id This attribute displays the id of the node.
      DB Connection Status This attribute displays the backup executor database connection status with the nodes.

      Possible values are UP and DOWN.
    2. Click the Monitor Health Status to view the health status of the services.
      The Monitor Health Status page is displayed.

      Note:

      The following are read-only APIs.

      Table 4-93 Monitor Health Status details

      Attribute Description
      Service Name This attribute displays the service name of the monitor microservice.
      DB Connection Status This attribute displays the database connection status of the monitor microservice.

      Possible values are UP and DOWN.
      Metric Scrape Status This attribute displays the status of the metric scrape, that is if the metrics are fetched or not. If the metrics are fetched then the service is up and vice versa.

      Possible values are UP and DOWN.
      Overall Monitor Service Health This attribute displays the overall health status of the monitor microservice.

      Possible values are UP and DOWN.
    3. Click the NDB Health Status to view the health status of the network database.
      The NDB Health Status page is displayed.

      Note:

      The following are read-only APIs.

      Table 4-94 NDB Health Status details

      Attribute Description
      Local Site Name This attribute displays the name of the current site (Site 1, Site 2 ).
      NDB Health Status Details This attribute displays the health status of the network database such as the name of the NDB service, status of the service, health status of PVC.
      Service Name This attribute displays the service name.
      Service Status This attribute displays the status of the service.

      Possible values are UP and DOWN.
      PVC Health Status This attribute displays the health status of the PVC.

      Possible values are UP, DOWN, and NA.

      Note: This attribute is set to NA when some of the database pods are not connected to the PVC.

    4. Click the Replication Health Status to view the health status of the replication sites.
      The Replication Health Status page is displayed.

      Note:

      The following are read-only APIs.

      Table 4-95 Replication Health Status details

      Attribute Description
      Local Site Name This attribute displays the name of the current site (Site 1, Site 2).
      Health Status Details This attribute displays the health status details of the local site like replication service name, replication service status, database connection status of the replication service, and the overall health status of the replication micorservices. The number of rows in this table varies depending on the type of deployment (for example, two-site, three-site deployments).
      Service Name This attribute displays the name of the available replication service.
      Service Status This attribute displays the status of the available replication service.

      Possible values are UP and DOWN.
      DB Connection Status This attribute displays the database connection status of the replication microservice.

      Possible values are UP and DOWN.
      Overall Replication Service Health This attribute displays the overall health status of the replication microservice.

      Possible values are UP and DOWN.
  5. Click cnDBTier Version to view the version.

    The cnDBTier Version page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-96 cnDBTier Version Attributes

    Attribute Description
    cnDBTier Version This attribute displays the cnDBTier version.
    NDB Version This attribute displays the network database (NDB) version.
  6. Click the Database Statistics Report to view the available databases.
    The Database Statistics Report page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-97 Database Statistics Report

    Fields Description
    Database Count This attribute displays the number of available database.
    Database Tables Count This attribute displays the available database names and their table count.
    Database Name This attribute displays the database name.
    Table Count This attribute displays the table count for each database.
    Database Table Rows Count This attribute displays the rows present in each table.
    Database Name This attribute displays the database name.
    1. Click the view icon icon available next to the database name to view the View Database Table Rows Count screen.
      The View Database Table Rows Count page is displayed.

      Table 4-98 View Database Table Rows Count

      Fields Description
      Database Name This attribute displays the database name.
      Tables This attribute displays the table names and the corresponding rows in each table.
      Table Name This attribute displays the table name.
      Row Count This attribute displays the table rows present in each table.
  7. Click Georeplication Recovery to view the Georeplication Recovery Status of cnDBTier cluster. The Georeplication Recovery page is displayed. The Update Cluster As Failed, Start Georeplication Recovery, and Georeplication Recovery Status appears underneath the Georeplication Recovery Status on the left menu.
    • Click the Update Cluster As Failed to mark the cluster as FAILED.

      The Update Cluster As Failed page is displayed.

      Table 4-99 Update Cluster As Failed

      Fields Description
      Cluster Names This field displays a list of cnDBTier clusters that can be marked as failed.
      Failed Cluster Names This field displays a cnDBTier cluster that is marked as failed.

      Click Update Cluster. The selected cluster name is updated in the Failed Cluster Names field.

  8. Click the Start Georeplication Recovery to start the georeplication recovery process for a failed site.

    The Start Georeplication Recovery page is displayed.

    Table 4-100 Start Georeplication Recovery

    Attribute Description
    Failed Cluster Name This field displays a list of all the clusters that have been marked as failed.
    Backup Cluster Name (Optional) This field displays a list of all the healthy clusters. If no cluster is selected, the system uses the first available healthy cluster for the backup.
  9. Click Start Georeplication Recovery to initiate georeplication recovery.
  10. Click the Georeplication Recovery Status to view the status of georeplication recovery for cnDBTier clusters.

    The Georeplication Recovery Status page is displayed.

    Table 4-101 Georeplication Recovery Status

    Attribute Description
    Local Cluster Name This field displays the name of the local cluster.
    Georeplication Recover Status Details This field displays the details of the georeplication recovery status of cnDBTier clusters.
    Cluster Name This field displays the clusters by name.
    Georeplication Recovery Status This field displays the current georeplication recovery status of the corresponding cluster.
    The following are the statuses of Georeplication Recovery:

    Table 4-102 Georeplication Recovery Status

    Georeplication Recovery Status Description
    ACTIVE The cluster is in a healthy state, and replication is up and running with its respective mate cluster.
    REINSTALLED The cluster enters this state during fatal error recovery when the end user reinstalls the cluster.
    STARTDRRESTORE When Georeplication recovery is started, the cluster will transition into this state.
    INITIATEBACKUP When Georeplication recovery is started, the cluster will identify a healthy cluster for backup initiation and transition into this state.
    CHECKBACKUP When the backup is initiated, the georeplication recovery cluster will monitor the progress of the backup until its completion. If the backup fails, the cluster will restart the backup.
    COPY_BACKUP Upon completion of the backup, the georeplication recovery cluster will request the transfer of the backup from the healthy cluster to the georeplication recovery cluster.
    CHECK_BACKUP_COPY When backup copy is started georeplication recovery cluster will monitor for the backup transfer progress till it's completion and if it's fails the cluster will re-initiates the backup transfer.
    BACKUPCOPIED When the backup copy is started, the georeplication recovery cluster will monitor the progress of the backup transfer until its completion. If the transfer fails, the cluster will restart the backup transfer.
    BACKUPEXTRACTED This state indicates that the backup has been successfully extracted at the georeplication recovery cluster, allowing the restoration of the backup to start.
    FAILED This state is used by end user to mark specific cluster as failed and hence georeplication recovery is essential to recover the cluster.This state can also indicates that georeplication recovery started and the database is restored using the healthy cluster backup.
    UNKNOWN This state is used by the end user to mark a specific cluster as failed, necessitating georeplication recovery for cluster recovery. Additionally, this state can indicate that georeplication recovery has started and the database has been restored using the backup from the healthy cluster.
    RECONNECTSQLNODES This state is used to instruct SQL nodes to be offline during backup restoration to prevent any records from entering the binlog of the georeplication recovery cluster.
    BACKUPRESTORE This state indicates that the backup, successfully copied from the healthy cluster, is currently being used to restore the georeplication recovery cluster.
    RESTORED When the backup is successfully restored in the georeplication recovery cluster, the cluster will enter this state to start the reestablishment of replication channels.
    BINLOGINITIALIZED This state indicates the start of binlogs for the restoration of replication channels, necessary to start the restore process
    RECONFIGURE When the binlog is restarted, the georeplication recovery cluster will reestablish the replication channels with respect to all its mate clusters.
  11. Click Georeplication Status to view the local site and remote site name to which SEPP is connected.
    The Georeplication Status page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-103 Georeplication Status

    Attribute Description
    Local Site Name

    This attribute displays the local site name to which SEPP is connected.

    Note: The number of local site names may vary depending on the type of georeplication used in SEPP.

    Remote Site Name

    This attribute displays the remote site name.

    Note: The number of remote site names may vary depending on the type of georeplication used in SEPP.

    Replication Status

    This attribute displays the replication status with corresponding sites.

    Note: The number of replication statuses may vary depending on the type of georeplication used in SEPP.

    Seconds Behind Remote Site This attribute displays the number of seconds that the last record read by the local site is behind the latest record written by the remote site for all the replication groups.

    Note: The number of replication statuses may vary depending on the type of georeplication used in SEPP.

    1. Click the view icon icon in the Actions menu to view the View Georeplication Status screen.
      The Georeplication Status page is displayed.

      Table 4-104 Georeplication Status

      Attribute Description
      Replication Group Delay This attribute displays the delay in seconds for the remote site for individual replication groups.
      Replication Channel Group Id This attribute displays the ID of the replication channel group.
    2. Click the view icon icon to view the Replication Group Delay attributes.
      The Replication Group Delay page is displayed.

      Table 4-105 View Replication Group Delay

      Attribute Description
      Channel Details This attribute displays the channel details such as Remote Replication IP and Role.
      Remote Replication IP This attribute displays the IP of the remote replication channel.
      Role This attribute displays the role of the replication channel IP.
  12. Click the HeartBeat Status to view the connectivity between local site and remote site to which SEPP is connected.
    The HeartBeat Status page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-106 HeartBeat Status Details

    Fields Description
    Site Name This attribute displays the name of the current site to which SEPP is connected.
    HeartBeat Details This attribute displays the following information such as the remote site name, heart beat status, heart beat lag, and replication channel group id.
    Remote Site Name This attribute displays the remote site name.
    Heartbeat Status This attribute displays the connectivity status with corresponding sites.
    Heartbeat Lag This attribute displays the lag or latency in seconds it took to synchronize between sites.
    Replication channel Group Id This attribute displays the ID of the replication channel group.
  13. Click Local Cluster Status to view the local cluster status for the current site.
    The Local Cluster Status page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-107 Local Cluster Status

    Attribute Description
    Site Name This attribute displays the name of the current site to which SEPP is connected.
    Cluster Status This attribute displays the local cluster status for the current site.
  14. Click the On Demand Backup to create a new backup and view the status of initiated on-demand backups.
    The On Demand Backup page is displayed.

    Note:

    The following are read-only APIs.

    Table 4-108 On Demand Backup Details

    Fields Description
    Site Name This attribute displays the name of the current site to which SEPP is connected.
    DR Status This attribute displays the disaster recovery status .
    Backup Id This attribute displays the ID of the stored backup.
    Backup Status This attribute displays the status of backup.
    Remote Transfer Status The attribute displays the status of remote transfer.
    Initiate Backup The attribute displays whether the backup is initiated or not.

    Note: You can read and write this API.

  15. Click Edit. The Edit On Demand Backup page appears.

    Note:

    The Edit mode is available only for Initiate Backup.
  16. Use the Toggle button to initiate the backup and click Save. A confirmation message "Saved successfully" appears.
  17. Click Cancel to navigate back to the On Demand Backup page.
  18. Click Refresh to reload the On Demand Backup page.