If there is the need to connect remote here a proposal how to manage this. This setup could be used to access the NETCONF/YANG interface of the device and allow VES Registration at non-realtime-ric.
Prerequisite "Remote Site"
- Provide wifi/wlan with internet access for "tunnel computer"
- Allow cable or network connection from "Tunnel computer" to "Remote RAN/Netconf device"
- Make sure that setup is according to local security rules
- Below you can find for this standalone configuration an installation guide. If you want to use it in another environment than this, e.g. with an existing dhcpv6 please contact us before installing
Overview
Remote Netconf Device
- IPV4 or IPV6
- Point-to-point connection to "tunnel client"
- "tunnel client" IP is used as termination IP for VES Message
SSH tunnel Client
- Linux machine (e.g. Raspberry Pi 3B with 1 gig ram)
- Configuration with IPV6 and IPV4 DHCP
- SSH Client, with setup to connect to "SSH tunnel server" via "OWL SSH" Gateway
Installation Guide
- Download raspbian-lite image (https://www.raspberrypi.org/downloads/raspbian/)
- extract zip file
- flash img file to microsd card
- linux: dd bs=1M if=file/to/flash.img of=/dev/devicetoflash
- windows: use win32diskimager
- after finished flashing, remount microsd on your computer to add some files
- create an empty file on boot partition named "ssh"
- create a file on boot partition named "wpa_supplicant" with the following content
country=US ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1 network={ ssid="NETWORK-NAME" psk="NETWORK-PASSWORD" }
- unmount microsd card and put it into raspberry pi and start
- now you have to find out the ip address the pi gets in your wifi
- for me with nmap -sn 192.168.202.0/24
- then you can login with ssh pi@ip-address
- if you do not have a local dns in your network you can also try ssh pi@raspberrypi.local
$ sudo apt-get update $ sudo apt-get upgrade $ sudo apt-get install radvd $ ssh-keygen $ sudo nano /etc/sysctl.conf net.ipv6.conf.all.forwarding=1 $ sudo reboot $ sudo nano /etc/dhcpcd.conf static ip6_address=2001:db8::1/64 $ sudo nano /etc/radvd.conf interface eth0 { AdvSendAdvert on; AdvLinkMTU 1280; MaxRtrAdvInterval 120; prefix 2001:db8::/64 { }; AdvSourceLLAddress on; }; $ sudo systemctl enable radvd.service $ sudo reboot
- now we create a script called tunnel.sh
#!/bin/bash #please do not change VESPORT=30235 WINLAB_GATEWAY_IP="10.31.3.71" VES_COLLECTOR_IP="10.31.3.20" #variables: here you can change # netconf port NCPORT=2230 # user for winlab access WINLAB_USER="micha" # ip of the remote RAN device REMOTEIP="[2001:db8::4e50:afd7:a5c6:3d88]" ssh -L$VESPORT:localhost:$VESPORT -R$NCPORT:$REMOTEIP:$NCPORT $WINLAB_USER@console.sb10.orbit-lab.org -t \ ssh -L$VESPORT:localhost:$VESPORT -R$NCPORT:localhost:$NCPORT -X native@10.30.1.1 -t \ ssh -L$VESPORT:$VES_COLLECTOR_IP:$VESPORT -R$NCPORT:localhost:$NCPORT -X ubuntu@$WINLAB_GATEWAY_IP
- and make it afterwards executable with "chmod +x tunnel.sh"
- provide the generated ssh public key to a valid winlab user
cat .ssh/id_rsa.pub