Configurable Metadata Extraction in ASN

From this page, you can enable or disable the following metadata extraction options on the Aviz Service Node (ASN) for 5G-NSA:

User Information

1. IMSI (International Mobile Subscriber Identity): A unique identifier for a mobile subscriber.

2. IMEI (International Mobile Equipment Identity): A unique identifier for a mobile device.

3. MSISDN (Mobile Station International Subscriber Directory Number): The phone number associated with the subscriber.

User Location Information

1. CGI (Cell Global Identifier): A unique identifier for a cell in a mobile network.

2. SAI (Service Area Identifier): Identifies the service area within a network.

3. RAI (Routing Area Identifier): Specifies the routing area within a mobile network.

Tunnel Information

1. IPv4 Address Uplink (SGW): The IPv4 address for the uplink from the Serving Gateway (SGW).

2. IPv4 Address Downlink (eNodeB): The IPv4 address for the downlink to the eNodeB (Evolved Node B).

3. IPv6 Address Uplink (SGW): The IPv6 address for the uplink from the Serving Gateway (SGW).

Key Performance Indicator(KPIs)

1. Cplane Latency: The latency in the control plane, measuring the delay in signaling and control messages.

2. Per IMSI Metrics:

   • Uplane Bandwidth/Throughput: The bandwidth or throughput in the user plane, specific to each IMSI .

The following Metadata Attributes can be modified using this menu:

• 4G-LTE/5G-NSA

• 5G-SA

• U-Plane

• Radius

Configurable Metadata Extraction in ASN

From this page, you can enable or disable the following metadata extraction options on the Aviz Service Node (ASN) for 5G-SA:

User Information

1. IMSI (International Mobile Subscriber Identity): A unique identifier for a mobile subscriber.

2. IMEI (International Mobile Equipment Identity): A unique identifier for a mobile device.

3. MSISDN (Mobile Station International Subscriber Directory Number): The phone number associated with the subscriber.

User Location Information

1. CGI (Cell Global Identifier): Unique identifier for a cell in a mobile network.

2. TAI (Tracking Area Identifier): Identifier for tracking areas in a 5G network.

3. Cell Changed: Indicates whether the user's device has changed cells within the network.

Tunnel Information

1. IPV4 Address Uplink (UPF): IPv4 address for the uplink from the User Plane Function (UPF).

2. IPv4 Address Downlink (RAN): IPv4 address for the downlink to the Radio Access Network (RAN).

3. IPv6 Address Uplink (UPF): IPv6 address for the uplink from the User Plane Function (UPF).

Key Performance Indicator(KPIs)

1. Cplane Latency: The latency in the control plane, measuring the delay in signaling and control messages.

2. Per IMSI Metrics:

   • Uplane Bandwidth/Throughput: Bandwidth or throughput in the user plane for each IMSI.

The list below specifies the unique unified data type of metadata attributes exported from ASN, 5GC-control-session-data-mapping, EPC-control-session-data-mapping, and the user-session-data-mapping file.

• 5GC-control-session-data-mapping

• EPC-control-session-data-mapping

• SIP-session-data-mapping

• Radius-session-data-mapping

To configure and manage system attributes of ASN via the FlowVision GUI, navigate to:

Configuration > Systems.

The Systems Manager page displays the configurations for Kafka, SNMP, NTP, and Syslog servers, allowing users to add or remove associated IP addresses as needed.

The following image shows the System Parameters page:

Kafka Configurations

Configure and manage up to one Kafka server IP address for exporting metadata extracted by the Service Node.

SNMP Trap Configuration

Configure and manage up to three SNMP trap server IP addresses for receiving SNMP traps generated by the Service Node.

NTP Configuration

Configure and manage up to three NTP server IP addresses for time synchronization.

Syslog Configuration

Configure and manage up to three Syslog server IP addresses for receiving system logs from the Service Node.

SNMP Trap Threshold

Set thresholds for SNMP traps based on the following parameters:

• Disk Usage (%): Define a trigger when disk utilization exceeds a specified percentage.

• CPU Usage (%): Set a threshold for CPU utilization percentage.

• Temperature (℃): Configure the ASN appliance temperature limit before an SNMP trap is triggered.

To configure Boot Configuration using the FlowVision GUI, navigate to:

Configuration > Boot Configuration.

• A detailed boot configuration showing:

  • General

  • Features

  • Packet Core Interface

  • Kafka Producer Config

General

The following image illustrate the General configs such as hash table, ip & subscriber session limit, Coutn etc as shown below

LB Hash Type:

• Specifies the method used for load balancing packet flows across processing cores.

• 3 Tuples: Uses source IP, destination IP, and protocol/port for hashing.

• 5 Tuples: Uses source IP, destination IP, protocol, source port, and destination port for hashing.

IP Session Limits:

• Sets the maximum number of concurrent IP sessions per core.

Subscriber Session Limits:

• Definition: Defines the maximum number of subscriber sessions (unique users/devices) that can be handled simultaneously.

• The range is typically 100 to 3,000,000. Higher values require more memory and CPU resources.

Kafka Core Count:

• Definition: Number of CPU cores dedicated to Kafka producer threads for exporting data.

• Limitation: Must be less than or equal to the number of Packet Processing cores.

KPI Core Count:

• Definition: Number of CPU cores allocated for Key Performance Indicator (KPI) processing tasks.

• Limitation: Must be less than or equal to the number of Packet Processing cores.

Start Cores:

• Definition: Specifies the logical core ID from which packet processing should begin.

• Limitation: Must be a valid core ID present on the system. Incorrect values may prevent the application from starting.

Total Cores:

• Definition: Total number of logical CPU cores allocated for packet processing and related tasks.

• Limitation: Limited by the physical hardware; allocating more cores than available will result in errors.

Packet Processing Cores (Per Port)

• Definition: Number of CPU cores assigned to process packets for each port.

Total Port

• Definition: Number of asn ports configured for packet processing.

• Limited by hardware capabilities and configuration, typically between 1 and 8.

Control Port

• Definition: Designates the asn port used for control plane traffic.

• Must select a valid port from available options (e.g., port0, port1)

Features & Packet Core Interface

The following image illustrate the Features and Packet core interface configs such as Radius, metadata export,4G & 5G interface type etc.

Enable Radius

• Definition: Enables or disables support for the RADIUS protocol, used for authentication and accounting.

• Set to "true" or "false" based on deployment requirements.

Active Bearer Export

• Definition: Enables the export of active bearer information for monitoring or analytics.

Uplane Flow Stats (Control Metadata):

. Definition: Enables collection and export of user-plane flow statistics as part of control metadata.

Packet Core Interface:

• Definition: Selects the type of packet core interface for network connectivity.

• 4G Interfaces: S5-S8, S11

• 5G Interfaces: N11

Kafka Producer Config

The following image illustrate the Kafka Producer configs such as Queue buffer, compression type etc.

Queue Buffer Messages (max):

• Definition: Maximum number of messages buffered per Kafka queue before sending.

• Range is 1,000 to 1,000,000,000.

Queue Buffer kbytes (max):

• Definition: Maximum buffer size in kilobytes per Kafka queue.

• Range is 1 to 2,147,483,647 kB.

Queue Batch Size (max):

• Definition: Maximum number of messages sent in a single Kafka batch.

• Range is 1 to 2,147,483,647.

Linger (ms):

• Definition: Time in milliseconds to wait before sending a batch to Kafka, allowing more messages to accumulate.

• Range is 0 to 900,000 ms.

Compression Type:

• Definition: Compression algorithm used for Kafka messages.

• Must be one of: none, gzip, lz4, zstd, snappy. Unsupported types will cause errors.

Deep Packet Inspection (DPI) is a powerful technique that analyzes network traffic at the packet level, going beyond basic header inspection to examine the payload of the actual data being transmitted.

Aviz Service Nodes support in-service DPI upgrade for enhanced new DPI library integrations.

To configure and manage control session timeout and active communication bandwidth of ASN via the FlowVision GUI, navigate to:

Configuration > ASN > Threshold and Timeout

Threshold and Timeout Configuration Options:

1. control session timeout

2. Selecting the control session timeout, you can configure both value by H:M.

3. KPI Active communication: configure threshold bytes and interval time

Below image show control session timeout and active communication configuration

The configuration menu helps you perform the following:

• Configuring Ports

• Configuring Metadata Attributes

To configure ASN ports using the FlowVision GUI, navigate to:

Configuration > Ports.

This page displays:

• Managed Nodes and their connected ports.

• A detailed Ports Table showing:

  • Admin Status.

  • Link Status (UP = Green, DOWN = Red).

  • Speed & Mode.

• Port Modes in ASN:

Cplane (Control Plane): Handles control-plane traffic, such as S11, N4, and N11.

Uplane (User Plane): Manages user-plane traffic, including S1-U and N3.

The following image illustrate the ports page with device, ports, and port status details:

Editing Port Properties

To edit the properties of a port,

1. Click the Edit button against the required port in the ports table. The Port Properties window displays.

2. Update the above properties as required.

1. The following properties can be updated -

• Description: Sets a custom link description

• Admin Status: Configures the port’s administrative state (Up/Down).

• GRE Strip: Enables or disables GRE stripping on incoming packets (applicable only to C-plane ports).

1. Click Save to apply the changes.

To view and configure ASN global parameters from the FlowVision GUI, navigate to:

Configuration > Global.

The following image illustrates the ASN Global page:

Configure Global Parameters

Select a Node to configure the below parameters:

• Kafka Export Interval (seconds): Sets the interval for exporting data to Kafka, configurable between 5 to 300 seconds.

• 5G Cplane Processing (N4/N11): Choose between N4 or N11 for processing 5G control plane traffic.

• HTTP2 Port: Define multiple HTTP2 ports, separated by commas (,).

To configure and manage packet deduplication of ASN via the FlowVision GUI, navigate to:

Configuration > ASN > Deduplication

Deduplication Configuration Options:

1. Packet Deduplication: Toggle this option to enable/disable deduplication.

2. Selecting the Packet Source, you can choose one of the following packet sources:

   1. Full Packet: Deduplication is applied to the entire packet.

   2. Routed Packet: In real time, the packets can be routed across multiple devices/hops. Hence there are chances the duplicate packets can be received to monitoring fabric with different Src MAC/TTL/Checksum fields.

3. Anchor : Determines the starting position for packet comparison during deduplication. Available options:

   1. Packet Start – Begins deduplication from the start of the packet.

   2. L3 Start – Uses the Layer 3 (network layer) header as the reference point.

4. Offset: Define the byte offset from the anchor point where deduplication begins till the provided bytes (14 to 128 bytes)

5. Window Size: The time interval within which duplicate packets will be identified. Available options: 2,4,6 & 8ms.

6. Deduplication Interface: Select the network interface where deduplication should be applied.

Below image show packet deduplication for full packet

Below image show the Packet Deduplication for Routed Packet

When the Routed Packet option is selected, users can exclude the following fields from packet deduplication:

• Ignore IPv4 TTL: Ignores changes in the TTL (Time-To-Live) field for IPv4 packets.

• Ignore L2 Header: Excludes Layer 2 (Ethernet) header fields from deduplication.

• Ignore IPv4 Checksum: Ignores differences in IPv4 checksums when comparing packets.

To configure Kafka Security settings in the FlowVision GUI, navigate to:

Configuration > Kafka Security

This page allows you to modify Kafka security protocols and their configurations.

SASL Support:

Configure SASL authentication by providing:

• Username

• Password

• Click Save to apply the changes.

TLS Support:

To enable TLS security, upload the required files:

• CA File

• Certificate File

• Key File

Below image illustate TLS configuration page

No Security Mode:

If you don't want to configure SASL or TLS security, select "None" here to disable Kafka security.

If a user changes the configuration but clicks Cancel instead of Submit, the system reverts to the previous settings automatically.

Accessing Packet Capture

1. Navigate to Configuration > ASN > Packet Capture.

2. Select the device for which you want to capture packets.

3. Configure the capture settings as needed.

Packet Capture Options

• Capture Duration (ms): Specifies the duration in milliseconds for which packet capture will run. The value can range from 1 to 10,000 ms..

• Capture File Size Limit (MB): Defines the maximum file size for the captured packets before it stops capturing. The value can range from 1 to 1,000 MB.

• Capture Interface Config: Allows selecting the interfaces (ports) from which packets will be captured, supporting both received (RX) and transmitted (TX) traffic.

Starting Packet Capture

1. Configure the desired settings.

2. Click the Start Packet Capture button to begin capturing network traffic.

Below image show the Packet Deduplication for Full Packet