non-3GPP session

Hi,
I’m developing an UE NWU client to establish a non-3GPP session with N3IWF in python (github dot com/fasferraz/NWu-Non3GPP-5GC) and using free5GC to test it.
During my development I found some issues in free5GC. For some of them I could adapt my code, but for others I needed to change some files.
I will explain the bugs I think I have found, and the ones I correct, in case anyone is doing the same.

1. Free5gc does not send the PDU Session Establishment Accept to the UE through signaling SA child. Only creates the userplane SA child. That means that we must figure out what will be the session IP. Using free5gc defaults, that address is 60.60.0.1. First I added an option to my code to set the session IP in order to create the tunnel for user plane sesion correctly, but then I did some changes in the n3iwf/ngap/handler/handler.go and correct it.
2. The GRE implementation does not comply with 3GPP requirements (it uses 4 bytes instead of 8 bytes with RQI). Solution: I adapted my code to it…
3. The NAS messages should be prefixed with 2 bytes with NAS lengh information, but in free5GC NAS messages are carried directly in the TCP connection. Solution: I adapted my code.
4. AN parameter “requested NSSAI” is not correctly formatted. Solution I adapt my code.
5. EAP-AKA’ authentication not complete (in AMF), and several erroneous checks (in AUSF when comparing RES with XRES, wrong padding in RES processing, KSEAF calculated based on empty KAUSF key). Solution: I changed the ausf/producer/functions.go and ue_authentication.go and also amf/gmm/handler.go
6. EAP-AKA’ packets do not have the subtype byte (e.g. AKA-Challenge, etc…) and the following 2 reserved bytes (3 bytes in total). Solution: I adapted my code.
7. Integrity and Ciphering functions in AMF are using Bearer ID for 3GPP access, instead of non-3GPP access as stated in 33.501. Solution: I adapted my code.

Changes:
AMF:
github dot com/fasferraz/amf/commit/16cfa93455cf01f3e7ba4015b659d5857666eb09
AUSF:
github dot com/fasferraz/ausf/commit/dd70ddd6b72ca2f606fb4b2dae18dd1b1ef33db4
github dot com/fasferraz/ausf/commit/923de46ee7fbfd7718786a89a8bde536288fb1c9

N3IWF:
github dot com/fasferraz/n3iwf/commit/7226b0e1dc43fdd617a7f5f334443268ae9dbc88

I never programmed in Go, so these changes were just based on looking at the code and guessing what to do… because i wanted to move forward with my app (since this is the only 5G core that supports N3IWF that I’m aware of). I bet there are better ways to correct them.

Hi @fasferraz ,
I’m in charge of N3IWF in the free5GC team and had seen your GitHub issue #210 recently.

1. Yes, you’re right that “PDU Session Establishment Accept” should be sent to UE. I will refer to your code and fix the problem.

2. The QFI and RQI in the GRE header are not be used in the current n3iwf whose QoS feature hasn’t be implemented. Because we haven’t found an appropriate IPsec priority mechanism in XFRM of Linux kernel so far. But we notice that the key field comprised of QFI and RQI is inherent, the later version will add this field and fill it with zero temporarily.

3. Yes, the IEI of NSSAI isn’t necessary to be contained because the CN can detect NSSAI by AN-parameter type “0x03 (requested NSSAI)” . (24.502 9.3.2.2.2.1-3: AN-parameter field is coded as value part) BTW, similar problems in GUAMI, selected PLMN, Establishment Cause will be fixed together.

The bugs related to the other NFs, the free5GC team will discuss and fix these bugs in the future version.