05_lab_5g_nsa_docker
Part 5: 5G NSA — Conceptual Lab Exercise
Learning Objective: Understand how a 5G NSA deployment would differ from the SA lab in Part 4, and why it cannot be replicated with UERANSIM.
Warning
This is a conceptual exercise, not a hands-on lab. UERANSIM only supports 5G SA mode (gNB + 5G UE). It cannot simulate 4G eNBs, EN-DC, or dual connectivity. To test actual NSA, you would need srsRAN 4G or commercial RAN simulators.
Why No Hands-On NSA Lab?
The Technical Gap
| Feature | UERANSIM Support | NSA Requirement |
|---|---|---|
| gNB (5G NR base station) | ✅ | ✅ |
| 5G UE (SA mode) | ✅ | ❌ (needs dual-mode UE) |
| eNB (4G LTE base station) | ❌ | ✅ (master node) |
| EN-DC dual connectivity | ❌ | ✅ |
| X2/Xn interface | ❌ | ✅ |
| S1-MME signaling | ❌ | ✅ |
What Would Be Needed for a Real NSA Lab
graph TB
subgraph "What UERANSIM CAN do"
gNB[✅ gNB
5G NR]
UE_SA[✅ UE
5G SA only]
end
subgraph "What NSA REQUIRES (not supported)"
eNB[❌ eNB
4G LTE Master]
UE_NSA[❌ UE
Dual-mode LTE+NR]
X2[❌ X2 Interface
eNB↔gNB coordination]
end
subgraph "Open5GS Core"
MME[MME
4G control plane]
AMF[AMF
5G control plane]
SGW[SGW
4G user plane]
UPF[UPF
5G user plane]
end
eNB -->|S1-MME| MME
eNB -->|S1-U| SGW
gNB -->|X2| eNB
gNB -.->|S1-U| SGW
UE_NSA -->|LTE| eNB
UE_NSA -.->|NR| gNB
style eNB fill:#ffcccc
style UE_NSA fill:#ffcccc
style X2 fill:#ffcccc
style gNB fill:#ccffcc
style UE_SA fill:#ccffccConceptual Exercise: NSA Architecture Differences
Exercise 1: Compare Core Components
Using what you learned in Part 2 (NSA Architecture) and Part 4 (SA Lab), fill in this table:
| Component | 5G SA (Part 4 Lab) | 5G NSA (Conceptual) |
|---|---|---|
| Control Plane Entry | AMF (NGAP port 38412) | ? |
| User Plane Entry | UPF (GTP-U) | ? |
| Auth Server | AUSF → UDM | ? |
| Session Management | SMF (via SBI) | ? |
| Service Discovery | NRF | ? |
| Required RAN Components | gNB only | ? |
Click for answers
| Component | 5G SA (Part 4 Lab) | 5G NSA (Conceptual) |
|---|---|---|
| Control Plane Entry | AMF (NGAP port 38412) | MME (S1AP port 36412) |
| User Plane Entry | UPF (GTP-U) | SGW-U (GTP-U from both eNB and gNB) |
| Auth Server | AUSF → UDM | HSS (Diameter S6a) |
| Session Management | SMF (via SBI) | MME → SGW-C → PGW-C (GTP-C) |
| Service Discovery | NRF | None (point-to-point config) |
| Required RAN Components | gNB only | eNB (master) + gNB (secondary) |
Exercise 2: NSA Docker-Compose Design
If you could build an NSA lab (using srsRAN instead of UERANSIM), what would the docker-compose.yml look like? Design the service list:
Your answer should include:
- Which Open5GS NFs are needed? (Hint: no 5G core NFs like AMF/NRF)
- What RAN components?
- How many Docker networks?
- Which ports would the eNB use to connect to MME?
Click for answer
# NSA docker-compose (conceptual — requires srsRAN, not UERANSIM)
services:
mongodb: # Subscriber database
webui: # Web management
hss: # Home Subscriber Server (Diameter)
pcrf: # Policy & Charging Rules (Diameter)
mme: # Mobility Management Entity (S1AP, GTP-C)
sgwc: # Serving Gateway - Control (GTP-C, PFCP)
sgwu: # Serving Gateway - User (GTP-U)
smf: # Session Mgmt / PGW-C (GTP-C, PFCP)
upf: # User Plane / PGW-U (GTP-U)
# NOTE: No AMF, AUSF, UDM, UDR, NRF, SCP, NSSF, BSF needed!
srsran_enb: # srsRAN eNB (LTE master node)
# srsran_gnb: # Optional: srsRAN gNB for EN-DC
srsran_ue: # srsRAN UE
# Networks:
# cp_net: 172.22.0.0/24 (MME, HSS, PCRF, SGW-C, SMF)
# up_net: 172.23.0.0/24 (SGW-U, UPF)
# ran_net: 172.24.0.0/24 (eNB, gNB, UE)
# Key difference: eNB connects to MME on port 36412 (S1AP/SCTP)
# not port 38412 (NGAP) like in 5G SA
Exercise 3: Security Comparison
Answer these questions comparing NSA vs SA security:
- IMSI Privacy: In NSA mode, is the subscriber identifier encrypted? Why or why not?
- Inter-NF Communication: NSA uses Diameter between MME and HSS. SA uses SBI HTTP/2. Which is easier to secure with mTLS?
- Network Slicing: Can an NSA network support network slicing? What's missing?
- Authentication: NSA uses 4G AKA. SA uses 5G-AKA. What's the key privacy improvement in 5G-AKA?
Click for answers
- No — NSA uses 4G AKA which sends IMSI in cleartext. SUCI (encrypted SUPI) is a 5G SA feature only.
- SBI HTTP/2 — it's standard TLS/mTLS. Diameter requires Diameter-specific TLS (DTLS) which is less commonly deployed.
- No — Network slicing requires NSSF, AMF, and SMF working together via SBA. NSA uses MME which has no slice-awareness.
- SUCI — 5G-AKA encrypts the SUPI using the home network's public key (ECIES) before sending it over the air, preventing IMSI catching.
Alternative: srsRAN for Real NSA Testing
If you want to build a genuine NSA lab in the future:
srsRAN 4G (Open-Source LTE eNB + UE)
# Clone srsRAN 4G
git clone https://github.com/srsran/srsRAN_4G.git
# Build from source (requires UHD drivers or ZMQ for simulation)
cd srsRAN_4G && mkdir build && cd build
cmake .. -DENABLE_ZMQ=ON # ZMQ for software-only simulation
make -j$(nproc)
# Key binaries:
# srsenb - eNB simulator
# srsue - UE simulator
# srsmbms - MBMS gateway
Tip
srsRAN with ZMQ (Zero Message Queue) allows full LTE simulation without radio hardware — similar to how UERANSIM simulates 5G NR.
Resources
| Resource | URL |
|---|---|
| srsRAN 4G GitHub | https://github.com/srsran/srsRAN_4G |
| srsRAN Docker (community) | https://github.com/srsran/srsRAN_Project/tree/main/docker |
| Open5GS + srsRAN tutorial | https://open5gs.org/open5gs/docs/tutorial/02-srsran-4g/ |
Summary
- ✅ Understood why UERANSIM cannot simulate NSA/EN-DC
- ✅ Compared NSA vs SA core architecture requirements
- ✅ Designed a conceptual NSA docker-compose
- ✅ Analyzed security differences between NSA and SA
- ✅ Identified srsRAN 4G as the correct tool for NSA testing