AETHER-3416: Added Getting Started with 4G AiaB to Aether docs
Change-Id: I579f8c819377cdb792f2cba72372c95637b05dac
diff --git a/developer/aiab.rst b/developer/aiab.rst
index 12defd3..6399566 100644
--- a/developer/aiab.rst
+++ b/developer/aiab.rst
@@ -121,6 +121,104 @@
CHARTS=release-2.0 make test
+Getting Started with 4G AiaB
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+4G SD-CORE deploys the following core components to provide mobile connectivity:
+
+* SPGW (Serving/PDN Gateway): Combined Serving Gateway and Packet Data Network (PDN) Gateway
+* UPF (User Plane Function): The interconnect between the mobile infrastructure and the Data Network (DN).
+* PCRF (Policy and Charging Rules Function): Data flow detection, policy enforcement, and flow-based charging.
+* MME (Mobility Management Entity): Manages UE access network and mobility, and establishing the bearer path for UE.
+* HSS (Home Subscriber Server): The main subscriber database.
+
+.. figure:: images/4g-call-flow.png
+ :align: center
+ :width: 80 %
+
+ *Communication between 4G SD-CORE Components*
+
+The eNB (evolved Node B) is the Radio Access Network (RAN) of the 4G architecture and allows
+the UEs to connect to the Mobile network.
+It passes UE's attach request to MME via S1AP interface to be identified and authenticated through HSS.
+MME sends the session request to SPGW to create the GTP tunnel and request the default bearer. SPGW sends back the UPF
+address to establish the connectivity (GTP tunnel) to the DN through the user plane.
+
+When the AiaB is up, by configuring the routing table you
+can route traffic to arbitrary destinations through the AiaB user plane::
+
+ ip route add <Destination-Network-Address> dev oip1
+
+Or you can explicitly specify the *oip1* interface within the command, such as::
+
+ curl --interface oip1 google.com
+ ping -I oip1 google.com
+
+AiaB deploys a router pod in the "default" namespace with four interfaces: *ran-gw* for the radio network,
+*access-gw* for access network, *core-gw* for core network, and *eth0* for the external network.
+When a UE starts sending traffics to the data network through the user plane (access network),
+the outgoing data packets traverse the following path across the pods::
+
+ (oip1) enb-0 (enb) ==GTP==> (ran-gw) router (access-gw) ==GTP==> (access) upf-0 (core)
+ ----> (core-gw) router (NAT,eth0)
+
+And the incoming packets follow as::
+
+ (NAT,eth0) router (core-gw) ----> (core) upf-0 (access) ==GTP==> (access-gw) router (ran-gw)
+ ==GTP==> (enb) enb-0 (oip1)
+
+**Notes:** In the above notations, network interfaces within each pod are shown in parenthesis.
+The IP packets sent/received between the UE and external host via the user plane are GTP-encapsulated
+and tunneled between the eNB and UPF.
+
+Ksniff
+~~~~~~
+Ksniff is a Kubernetes-integrated packet sniffer shipped as a kubectl plugin.
+Ksniff uses tcpdump and Wireshark (Wireshark 3.x) to capture traffic on a specific pod within the cluster.
+After installing Ksniff using Krew and Wireshark, by running the following command
+you can see the communications between the components. Ksniff uses kubectl to upload
+the tcpdump binary into the target container (e.g. mme, upf, ...), and redirects the output to Wireshark::
+
+ kubectl ksniff -n omec mme-0
+
+You can see the packets sent/received between the core components from the moment an
+UE initiates the attach procedure through eNB until
+the dedicated bearer (uplink and downlink) has been established (see figure below).
+After the bearer has been established, traffic sent from UE's interface (*oip1*) will go through the eNB and UPF.
+
+.. figure:: images/wireshark-4g.png
+ :width: 80 %
+ :align: center
+
+ *Wireshark output of ksniff on mme pod*
+
+Using Ksniff on the router pod you can see all the packets exchanged between the UE and external hosts
+(e.g. ping an external host from the UE interface)::
+
+ kubectl ksniff -n default router
+
+.. figure:: images/4g-ue-ping.png
+ :width: 80 %
+ :align: center
+
+ *Data Flow from UE to an external host through the User Plane (filtered on UE's IP address)*
+
+Looking at the packet's details, the first and second packets are from *enb* to *router*
+and then to *upf* in a GTP tunnel. And the third packet is sent from *router* to the external network via NAT.
+The rest are the reply packets from the external host to the UE.
+
+By default, Ksniff runs *tcpdump* on all interfaces (i.e. *-i any*). To retrieve more details
+of packets (e.g. ethernet header information) on a specific interface,
+you can explicitly specify the interface along with options (e.g. *-e*). e.g.::
+
+ kubectl sniff -n default router -i access-gw -f "-e"
+
+For more information, please visit the links below:
+
+* `Ksniff <https://github.com/eldadru/ksniff>`_
+* `3gpp Spec <https://www.etsi.org/deliver/etsi_ts/136100_136199/136101/14.05.00_60/ts_136101v140500p.pdf>`_
+* `4G LTE Concepts and Call Flow <https://www.udemy.com/course/4g-lte-evolved-packet-core-deep-dive-and-call-flows/>`_
+
+
Start the 5G SD-CORE
--------------------
diff --git a/developer/images/4g-call-flow.png b/developer/images/4g-call-flow.png
new file mode 100644
index 0000000..477f026
--- /dev/null
+++ b/developer/images/4g-call-flow.png
Binary files differ
diff --git a/developer/images/4g-ue-ping.png b/developer/images/4g-ue-ping.png
new file mode 100644
index 0000000..3631d91
--- /dev/null
+++ b/developer/images/4g-ue-ping.png
Binary files differ
diff --git a/developer/images/wireshark-4g.png b/developer/images/wireshark-4g.png
new file mode 100644
index 0000000..99f7aec
--- /dev/null
+++ b/developer/images/wireshark-4g.png
Binary files differ
diff --git a/dict.txt b/dict.txt
index 48b0c22..d509c80 100644
--- a/dict.txt
+++ b/dict.txt
@@ -19,6 +19,7 @@
Epyc
Flintstone
Fudd
+GTP
GbE
GiB
GitOps
@@ -34,6 +35,8 @@
Jira
Keycloak
KinD
+Krew
+Ksniff
Kubernetes
Kubespray
LTE
@@ -45,6 +48,7 @@
ONL
ONOS
OPc
+PDN
PFCP
PoC
PoE
@@ -109,6 +113,7 @@
datapath
dataplane
dbuf
+decapsulates
degister
deregister
deregistration
@@ -252,6 +257,7 @@
systemd
tAC
tcp
+tcpdump
telegraf
tfvars
topo
