I’m trying to setup a very basic 5G NPN using free5gc and node-h gNodeB:
mcc: 999, mnc: 99, tac: 000007
single slice (sst: 1, sd: FFFFFF)
amf id region: 2 and set: 1 (amfId: 020040)
The node-h finds the free5gc AMF ok, but with an auth warning about the certificate signed by unknown authority.
When I try and connect a UE, it attempts to register, but there is an attempt to reroute to another AMF using a NG Application Protocol (RerouteNASRequest) message to the node-h:
Reading various topics on the forum suggests that I have made a mistake in my amfcfg.yaml or my nssfcfg.yaml.
I’ve copied my amfcfg anf nssfcfg below. Can anyone tell me what I am doing wrong.
My amfcfg.yaml:
info:
version: 1.0.9
description: AMF initial local configuration
configuration:
amfName: AMF # the name of this AMF
ngapIpList: # the IP list of N2 interfaces on this AMF
- 192.168.12.126
# - 127.0.0.18 # changed DPB 26/8/2025
ngapPort: 38412 # the SCTP port listened by NGAP
# Service-based Interface (SBI) Configuration
sbi:
scheme: http # the protocol for sbi (http or https)
# registerIPv4: 192.168.12.126 # IP used to register to NRF
registerIPv4: 127.0.0.18 # IP used to register to NRF
bindingIPv4: 127.0.0.18 # IP used to bind the service
port: 8000 # port used to bind the service
tls: # the local path of TLS key
pem: cert/amf.pem # AMF TLS Certificate
key: cert/amf.key # AMF TLS Private key
# SBI Services offered by this AMF, as per TS 29.518
serviceNameList:
- namf-comm # Namf_Communication service
- namf-evts # Namf_EventExposure service
- namf-mt # Namf_MT service
- namf-loc # Namf_Location service
- namf-oam # OAM service
# Guami (Globally Unique AMF ID) list supported by this AMF
servedGuamiList:
# <GUAMI> = <MCC><MNC><AMF ID>
- plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
#amfId: cafe00 # AMF identifier (3 bytes hex string, range: 000000~FFFFFF)
amfId: 020040 # AMF identifier (3 bytes hex string, range: 000000~FFFFFF)
# the TAI (Tracking Area Identifier) list supported by this AMF
supportTaiList:
- plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
tac: 000007 # Tracking Area Code (3 bytes hex string, range: 000000~FFFFFF)
# the PLMNs (Public land mobile network) list supported by this AMF
plmnSupportList:
- plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
snssaiList: # the S-NSSAI (Single Network Slice Selection Assistance Information) list supported by this AMF
- sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
# - sst: 1 # Slice/Service Type (uinteger, range: 0~255)
# sd: 112233 # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
# the DNN (Data Network Name) list supported by this AMF
supportDnnList:
- internet
nrfUri: http://127.0.0.10:8000 # a valid URI of NRF
nrfCertPem: cert/nrf.pem # NRF Certificate
# NAS Security Configuration
# the priority of integrity algorithms
# the priority of ciphering algorithms
security:
integrityOrder:
- NIA2
# - NIA0
cipheringOrder:
- NEA0
- NEA2
# Network Name Information
networkName:
full: free5GC
short: free
# Optional NGAP Information Elements (IE)
ngapIE:
mobilityRestrictionList: # Mobility Restriction List IE, refer to TS 38.413
enable: true # append this IE in related message or not
maskedIMEISV: # Masked IMEISV IE, refer to TS 38.413
enable: true # append this IE in related message or not
redirectionVoiceFallback: # Redirection Voice Fallback IE, refer to TS 38.413
enable: false # append this IE in related message or not
# Optional NAS Information Elements (IE)
nasIE:
networkFeatureSupport5GS: # 5gs Network Feature Support IE, refer to TS 24.501
enable: true # append this IE in Registration accept or not
length: 1 # IE content length (uinteger, range: 1~3)
imsVoPS: 0 # IMS voice over PS session indicator (uinteger, range: 0~1)
emc: 0 # Emergency service support indicator for 3GPP access (uinteger, range: 0~3)
emf: 0 # Emergency service fallback indicator for 3GPP access (uinteger, range: 0~3)
iwkN26: 0 # Interworking without N26 interface indicator (uinteger, range: 0~1)
mpsi: 0 # MPS indicator (uinteger, range: 0~1)
emcN3: 0 # Emergency service support indicator for Non-3GPP access (uinteger, range: 0~1)
mcsi: 0 # MCS indicator (uinteger, range: 0~1)
t3502Value: 720 # timer value (seconds) at UE side
t3512Value: 3600 # timer value (seconds) at UE side
non3gppDeregTimerValue: 3240 # timer value (seconds) at UE side
# retransmission timer for paging message
t3513:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
# retransmission timer for NAS Deregistration Request message
t3522:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
# retransmission timer for NAS Registration Accept message
t3550:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
# retransmission timer for NAS Configuration Update Command message
t3555:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
# retransmission timer for NAS Authentication Request/Security Mode Command message
t3560:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
# retransmission timer for NAS Notification message
t3565:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
# retransmission timer for NAS Identity Request message
t3570:
enable: true # true or false
expireTime: 6s # default is 6 seconds
maxRetryTimes: 4 # the max number of retransmission
locality: area1 # Name of the location where a set of AMF, SMF, PCF and UPFs are located
# set the sctp server setting <optinal>, once this field is set, please also add maxInputStream, maxOsStream, maxAttempts, maxInitTimeOut
sctp:
numOstreams: 3 # the maximum out streams of each sctp connection
maxInstreams: 5 # the maximum in streams of each sctp connection
maxAttempts: 2 # the maximum attempts of each sctp connection
maxInitTimeout: 2 # the maximum init timeout of each sctp connection
defaultUECtxReq: false # the default value of UE Context Request to decide when triggering Initial Context Setup procedure
logger: # log output setting
enable: true # true or false
level: debug # how detailed to output, value: trace, debug, info, warn, error, fatal, panic
reportCaller: false # enable the caller report or not, value: true or false
My nssfcfg.yam
info:
version: 1.0.2
description: NSSF initial local configuration
configuration:
nssfName: NSSF # the name of this NSSF
sbi: # Service-based interface information
scheme: http # the protocol for sbi (http or https)
registerIPv4: 127.0.0.31 # IP used to register to NRF
bindingIPv4: 127.0.0.31 # IP used to bind the service
port: 8000 # Port used to bind the service
tls: # the local path of TLS key
pem: cert/nssf.pem # NSSF TLS Certificate
key: cert/nssf.key # NSSF TLS Private key
serviceNameList: # the SBI services provided by this SMF, refer to TS 29.531
- nnssf-nsselection # Nnssf_NSSelection service
- nnssf-nssaiavailability # Nnssf_NSSAIAvailability service
nrfUri: http://127.0.0.10:8000 # a valid URI of NRF
nrfCertPem: cert/nrf.pem # NRF Certificate
supportedPlmnList: # the PLMNs (Public land mobile network) list supported by this NSSF
- mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
supportedNssaiInPlmnList: # Supported S-NSSAI List for each PLMN
- plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
supportedSnssaiList: # Supported S-NSSAIs of the PLMN
- sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
- snssai: # S-NSSAI of this NSI
sst: 1 # Slice/Service Type (uinteger, range: 0~255)
nsiInformationList: # Information list of this NSI
# the NRF to be used to select the NFs/services within the selected NSI, and an optonal ID
- nrfId: http://127.0.0.10:8000/nnrf-nfm/v1/nf-instances
nsiId: 10
- snssai: # S-NSSAI of this NSI
sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
amfSetList: # List of AMF Sets that my be assigned by this NSSF
- amfSetId: 1 # the AMF Set identifier
amfList: # Instance ID of the AMFs in this set
- ffa2e8d7-3275-49c7-8631-6af1df1d9d26
# URI of the NRF used to determine the list of candidate AMF(s) from the AMF Set
nrfAmfSet: http://127.0.0.10:8000/nnrf-nfm/v1/nf-instances
# the Nssai availability data information per TA supported by the AMF
supportedNssaiAvailabilityData:
- tai: # Tracking Area Identifier
plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
tac: 000007 # Tracking Area Code (uinteger, range: 0~16777215)
supportedSnssaiList: # Supported S-NSSAIs of the tracking area
- sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
amfList: # List of AMFs that may be assigned by this NSSF
- nfId: 469de254-2fe5-4ca0-8381-af3f500af77c # ID of this AMF
# The NSSAI availability data information per TA supported by the AMF
supportedNssaiAvailabilityData:
- tai: # Tracking Area Identifier
plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
tac: 000007 # Tracking Area Code (uinteger, range: 0~16777215)
supportedSnssaiList: # Supported S-NSSAIs of the tracking area
- sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
taList: # List of supported tracking area and their related information of this NSSF instance
- tai: # Tracking Area Identity
plmnId: # Public Land Mobile Network ID, <PLMN ID> = <MCC><MNC>
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
tac: 000007 # Tracking Area Code (uinteger, range: 0~16777215)
accessType: 3GPP_ACCESS # Access type of the tracking area
supportedSnssaiList: # List of supported S-NSSAIs of the tracking area
- sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
# List of mappings of S-NSSAI in the serving network and the value of the home network
mappingListFromPlmn:
- operatorName: internet # Home PLMN name
homePlmnId: # Home PLMN identifier
mcc: 999 # Mobile Country Code (3 digits string, digit: 0~9)
mnc: 99 # Mobile Network Code (2 or 3 digits string, digit: 0~9)
mappingOfSnssai: # List of S-NSSAIs mapping
- servingSnssai: # S-NSSAI in the serving network
sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
homeSnssai: # S-NSSAI in the home network
sst: 1 # Slice/Service Type (uinteger, range: 0~255)
sd: FFFFFF # Slice Differentiator (3 bytes hex string, range: 000000~FFFFFF)
logger: # log output setting
enable: true # true or false
level: debug # how detailed to output, value: trace, debug, info, warn, error, fatal, panic
reportCaller: false # enable the caller report or not, value: true or false