ajay | b3f4098 | 2021-12-08 14:26:11 -0800 | [diff] [blame] | 1 | .. |
| 2 | SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org> |
| 3 | SPDX-License-Identifier: Apache-2.0 |
| 4 | |
ajay | 8794529 | 2021-12-08 00:52:00 -0800 | [diff] [blame] | 5 | .. _application-filtering: |
| 6 | |
| 7 | Application Filtering Overview |
| 8 | ============================== |
| 9 | |
ajay | cbd1706 | 2022-03-06 11:12:58 -0800 | [diff] [blame] | 10 | .. image:: ../_static/images/SDCore_Access_Control.png |
| 11 | :width: 700px |
| 12 | :align: center |
| 13 | |
ajay | 8794529 | 2021-12-08 00:52:00 -0800 | [diff] [blame] | 14 | Below config snapshot shows how to configure application filtering in the network slice. |
| 15 | Each application filter in the network slice can have action either ``permit`` or ``deny`` |
| 16 | |
| 17 | .. code-block:: |
| 18 | |
| 19 | config: |
| 20 | simapp: |
| 21 | cfgFiles: |
| 22 | simapp.yaml: |
| 23 | configuration: |
| 24 | provision-network-slice: true |
| 25 | sub-provision-endpt: |
| 26 | addr: config4g |
| 27 | port: 5000 |
| 28 | subscribers: |
| 29 | - ueId-start: 208014567891201 |
| 30 | ueId-end: 208014567891211 |
| 31 | plmnId: 20801 |
| 32 | opc: "d4416644f6154936193433dd20a0ace0" |
| 33 | op: "" |
| 34 | key: "465b5ce8b199b49faa5f0a2ee238a6bc" |
| 35 | sequenceNumber: 96 |
| 36 | device-groups: |
| 37 | - name: "4g-oaisim-user" |
| 38 | imsis: |
| 39 | - "208014567891201" |
| 40 | - "208014567891202" |
| 41 | ip-domain-name: "pool1" |
| 42 | ip-domain-expanded: |
| 43 | dnn: internet |
| 44 | dns-primary: "8.8.8.8" |
| 45 | mtu: 1460 |
| 46 | ue-ip-pool: "172.250.0.0/16" |
| 47 | ue-dnn-qos: |
| 48 | dnn-mbr-downlink: 20000000 |
| 49 | dnn-mbr-uplink: 4000000 |
| 50 | bitrate-unit: bps |
| 51 | traffic-class: #default bearer QCI/ARP |
| 52 | name: "platinum" |
| 53 | qci: 9 |
| 54 | arp: 1 |
| 55 | pdb: 300 |
| 56 | pelr: 6 |
| 57 | site-info: "aiab" |
| 58 | |
| 59 | network-slices: |
| 60 | - name: "default" |
| 61 | slice-id: |
| 62 | sd: "010203" |
| 63 | sst: 1 |
| 64 | site-device-group: |
| 65 | - "4g-oaisim-user" |
| 66 | application-filtering-rules: |
| 67 | - rule-name: "deny-private1" |
| 68 | priority: 250 |
| 69 | action: permit |
| 70 | endpoint: "10.0.0.0/8" |
| 71 | protocol: 6 |
| 72 | dest-port-start: 20005 |
| 73 | dest-port-end : 20005 |
| 74 | traffic-class: |
| 75 | name: “platinum” |
| 76 | qci: 9 |
| 77 | arp: 1 |
| 78 | pdb: 300 |
| 79 | pelr: 6 |
| 80 | - rule-name: “deny-private-2” |
| 81 | priority: 251 |
| 82 | action : permit |
| 83 | endpoint: "172.16.0.0/16" |
| 84 | protocol: 6 |
| 85 | dest-port-start: 20005 |
| 86 | dest-port-end : 20005 |
| 87 | traffic-class: |
| 88 | name: “platinum” |
| 89 | qci: 9 |
| 90 | arp: 1 |
| 91 | pdb: 300 |
| 92 | pelr: 6 |
| 93 | site-info: |
| 94 | gNodeBs: |
| 95 | - name: "aiab-gnb1" |
| 96 | tac: 1 |
| 97 | plmn: |
| 98 | mcc: "208" |
| 99 | mnc: "01" |
| 100 | site-name: "aiab" |
| 101 | upf: |
| 102 | upf-name: "upf" |
| 103 | upf-port: 8805 |