Aether-in-a-Box with External 4G Radio

This document describes how to set up an Aether-in-a-Box (AiaB) with a Sercomm eNodeB and connect real devices (e.g., 4G phones). It assumes that you are already familiar with running AiaB with emulated eNodeB/UE. AiaB on Hardware Radios is suitable for laboratory experiments and proof-of-concept deployments. Its goals are to demonstrate how to configure a real eNodeB to work with Aether, and to provide an easy-to-install environment where Aether’s features can be explored with real devices. To create this setup you will need the following equipment:

  • Server for running AiaB (SD-CORE / UPF / ROC)

    • Ubuntu 18.04 or 20.04 clean install

    • Haswell CPU family or newer

    • At least 4 CPUs and 12GB RAM

    • Internet connection

    • Ability to run “sudo” without a password

    • No firewall running on the AiaB host

  • 4G small cell eNodeB

  • SIM card writer and blank SIM cards

IMPORTANT: AiaB is for simple deployment scenarios and so makes some simplifying assumptions:

  • AiaB assumes 4G SD-CORE is deployed. Running both 4G and 5G SD-CORE simultaneously in AiaB is currently not supported. However, running both 4G and 5G SD-CORE simultaneously is supported by Aether.

  • Performance and scalability are not goals. AiaB does not support I/O acceleration (e.g., with SR-IOV). However, performance and scalability are goals of the Aether project.

  • AiaB assumes that the server and the eNodeB are connected to the same LAN and share the same IP subnet; in other words they can reach each other in a single hop and there is no IP router between them. This simplifies communication between the eNodeB and the UPF, which is running inside a container and has a private IP address that is not necessarily routable on the local network. However, this is not a requirement for all Aether deployments.

  • AiaB also assumes that the AiaB server’s network is configured using systemd-networkd, which is the default for Ubuntu, and copies some files into /etc/systemd/network; the reason for this is to enable persistence of AiaB’s networking configuration across server reboots. This configuration method is specific to AiaB.


Create SIM cards by following the instructions for your SIM card writer. Of course you are free to use any values for IMSI, etc. that you choose, but these are the values that will work with the rest of the configuration in this document:

  • IMSI: each one is unique, matching pattern 315010********* (15 digits)

  • OPc: 69d5c2eb2e2e624750541d3bbc692ba5

  • Transport Key: 000102030405060708090a0b0c0d0e0f

If you choose different values for your SIM cards, you will need to modify subsequent configuration steps appropriately.

Insert the SIM cards in devices that you wish to be able to connect to the Aether network.

Server setup

The server will run Aether-in-a-Box. The eNodeB will connect to the server over the local network. Perform these steps to prepare the server for the AiaB install:

  • Connect the server to the local network

  • Perform a clean install of Ubuntu 18.04 or Ubuntu 20.04 on the server

  • Verify that systemd-networkd is being used to configure networking (e.g., run systemctl status systemd-networkd.service)

  • Set up password-less sudo for the user that will install Aether-in-a-Box

After the steps above have been completed, install Aether-in-a-Box as follows:

sudo apt install git make
git clone ""
cd aether-in-a-box

Next, modify the file sd-core-4g-values.yaml. Under subscribers, add an IMSI range for the SIM cards you created, with the Transport Key and OPc values you used earlier. For example, the following will add IMSIs between 315010999912301 and 315010999912303:

- ueId-start: "315010999912301"
  ueId-end: "315010999912303"
  plmnId: "315010"
  opc: "69d5c2eb2e2e624750541d3bbc692ba5"
  key: "000102030405060708090a0b0c0d0e0f"
  sequenceNumber: 135

Determine which is the interface that has L3 connectivity to the eNodeB – this will be DATA_IFACE in the configuration later. If the eNodeB will also be connected to the local network, then this is just the server’s primary interface. If the eNodeB will be connected via an isolated L2/L3 network segment, then DATA_IFACE refers to the server interface on that network. Remember this interface for later.

Option 1: Configure Aether with ROC

The Aether ROC provides a GUI and API for dynamically configuring Aether. If you don’t wish to use the ROC to configure AiaB, you can skip to the next section.


Aether Monitoring is available only when Aether is deployed using ROC.

Install AiaB as follows (specifying DATA_IFACE from above):

ENABLE_OAISIM=false DATA_IFACE=<iface> CHARTS=latest make roc-4g-models 4g-core

Next, use the ROC to add information about your SIM cards. The ROC GUI is available at http://<server-ip>:31194.

Choose Configuration > Site from the drop-down at top right and edit the AiaB site. Change the following values and click Update:

  • MCC: 315

  • MNC: 010

Choose Sim Cards from the drop-down at top right. Edit the existing entries to reflect the SIM cards you are adding to devices by replacing their IMSI values. Click Update after each edit. If you want to connect more than two devices, consult the ROC documentation.

Finally, click the Basket icon at top right and click the Commit button.

Now jump to the Verifying the AiaB installation section.

Option 2: Configure Aether without ROC

It is possible to configure Aether without the ROC, using static YAML files and the SimApp service. If you have already installed the ROC, you should skip this section.

Edit sd-core-4g-values.yaml. Change mcc and mnc as follows:

  mcc: "315"
  mnc: "010"

Also add the IMSIs of your devices under imsis, for example:

- name:  "4g-oaisim-user"
    - "315010999912301"
    - "315010999912302"
    - "315010999912303"

Install AiaB as follows (specifying DATA_IFACE from above):

ENABLE_OAISIM=false DATA_IFACE=<iface> CHARTS=latest make 4g-core

Verifying the AiaB installation

Installing AiaB will take about 20 minutes with a fast Internet connection. If you see any errors / timeouts, try running the make command again. The build will finish with a message: “Your MME IP address is… ” This is just the IP address assigned to the DATA_IFACE. Remember this for the eNodeB setup.

When the install is complete, check that the 4G SD-CORE is running as follows:

$ kubectl -n omec get pod
NAME                     READY   STATUS    RESTARTS   AGE
cassandra-0              1/1     Running   0          7m27s
config4g-0               1/1     Running   0          7m27s
hss-0                    1/1     Running   0          7m27s
mme-0                    4/4     Running   0          7m27s
pcrf-0                   1/1     Running   0          7m27s
simapp-65dc44b9d-stx6q   1/1     Running   0          7m27s
spgwc-0                  2/2     Running   0          7m27s
upf-0                    5/5     Running   0          7m27s

You should see all pods in Running status.

If you have installed the ROC, check that all its pods are running as follows:

$ kubectl -n aether-roc get pod
NAME                                           READY   STATUS    RESTARTS   AGE
aether-roc-api-78cc548bb9-7vjs2                1/1     Running   0          4m16s
aether-roc-gui-v2-6d674fd446-tttb5             1/1     Running   0          4m16s
aether-roc-umbrella-grafana-74f8489c8f-s9p45   2/2     Running   0          4m16s
aether-roc-websocket-855d64549b-44fnc          1/1     Running   0          4m16s
onos-cli-5d448ff6c4-stq5t                      1/1     Running   0          4m16s
onos-config-7f4df96b88-vtp5s                   6/6     Running   0          4m16s
onos-consensus-store-0                         1/1     Running   0          4m15s
onos-topo-585c7c8976-6jq7b                     3/3     Running   0          4m16s
sdcore-adapter-v2-5646d455b9-2d6zl             1/1     Running   0          4m15s

You should see all pods in Running status.

The UPF pod connects to the DATA_IFACE specified above using macvlan networks called core and access. Next, check that these have been successfully created, e.g. using ifconfig:

$ ifconfig core
core: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet  netmask  broadcast
    ether 16:9d:c1:0f:19:3a  txqueuelen 1000  (Ethernet)
    RX packets 513797  bytes 48400525 (48.4 MB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 102996  bytes 26530538 (26.5 MB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

$ ifconfig access
access: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet  netmask  broadcast
    ether 7a:9f:38:c0:18:15  txqueuelen 1000  (Ethernet)
    RX packets 558162  bytes 64064410 (64.0 MB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 99553  bytes 16646682 (16.6 MB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

:: _understanding_aiab_networking

Understanding AiaB networking

Why does AiaB create the core and access interfaces? These are necessary to enable the UPF to exchange packets with the eNodeB (access) and Internet (core); they correspond to the last two network interfaces below inside the UPF’s bessd container:

$ kubectl -n omec exec -ti upf-0 bessd -- ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
    valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
3: eth0@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
    link/ether 8a:e2:64:10:4e:be brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet scope global eth0
    valid_lft forever preferred_lft forever
    inet6 fe80::88e2:64ff:fe10:4ebe/64 scope link
    valid_lft forever preferred_lft forever
4: access@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 82:b4:ea:00:50:3e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet brd scope global access
    valid_lft forever preferred_lft forever
    inet6 fe80::80b4:eaff:fe00:503e/64 scope link
    valid_lft forever preferred_lft forever
5: core@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 4e:ac:69:31:a3:88 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet brd scope global core
    valid_lft forever preferred_lft forever
    inet6 fe80::4cac:69ff:fe31:a388/64 scope link
    valid_lft forever preferred_lft forever

In other words, there are interfaces named access and core both inside and outside the UPF. All four are MACVLAN interfaces bridged with DATA_IFACE. There are two subnets on this bridge: the two access interfaces are on and the two core interfaces are on It is helpful to think of two links, called access and core, connecting the AiaB host and UPF. AiaB sets up IP routes on the AiaB host and inside the UPF to forward packets into and out of the UPF as explained below.

The access interface inside the UPF has an IP address of; this is the destination IP address of GTP-encapsulated data plane packets from the eNodeB. In order for these packets to actually find their way to the UPF, they must arrive on the DATA_IFACE interface and then be forwarded on the access interface outside the UPF. The next section describes how to configure a static route on the eNodeB in order to send the GTP packets to DATA_IFACE. Forwarding the packets to the access interface is done by the following kernel route on the AiaB host (which should be present if your AiaB installation was successful):

$ route -n | grep "Iface\|access"
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface   U     0      0        0 access

The high-level behavior of the UPF is to forward packets between its access to core interfaces, while at the same time removing/adding GTP encapsulation on the access side. Upstream packets arriving on the access side from a UE have their GTP headers removed and the raw IP packets are forwarded to the core interface. The routes inside the UPF’s bessd container will look something like this:

$ kubectl -n omec exec -ti upf-0 -c bessd -- ip route
default via dev eth0
default via dev core metric 110 via dev access via dev eth0 dev eth0 scope link dev core proto kernel scope link src dev access proto kernel scope link src

The default route via is directing upstream packets to the Internet via the core interface, with a next hop of the core interface outside the UPF. These packets undergo source NAT in the kernel (also configured by AiaB) and are sent to the IP destination in the packet. The return (downstream) packets undergo reverse NAT and now have a destination IP address of the UE. They are forwarded by the kernel to the core interface by these rules on the AiaB host:

$ route -n | grep "Iface\|core"
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface     UG    0      0        0 core   U     0      0        0 core

The first rule above matches packets to the UEs (on subnet). The next hop for these packets is the core IP address inside the UPF. The second rule says that next hop address is reachable on the core interface outside the UPF. As a result the downstream packets arrive in the UPF where they are GTP-encapsulated with the IP address of the eNodeB. Inside the UPF these packets will match a route like this one (see above; in this case is the DATA_IFACE subnet): via dev access

These packets are forwarded to the access interface outside the UPF and out DATA_IFACE to the eNodeB. Recall that AiaB assumes that the eNodeB is on the same subnet as DATA_IFACE, so in this case it also has an IP address in the range.

Manual Sercomm eNodeB setup

The instructions in this section describe a basic configuration of the eNodeB. For a more comprehensive guide to eNodeB configuration see eNB Installation.

The Sercomm eNodeB has two Ethernet ports: WAN and LAN. We will use the LAN port for configuration of the eNodeB and the WAN port for normal operation. Connect the eNodeB WAN port to the local network.

Connect the eNodeB LAN port to a free Ethernet port on a Linux machine (say, a laptop) that will be used for the initial configuration of the eNodeB. On that machine run dhclient on the interface corresponding to the Ethernet port, for example:

sudo dhclient eth1

The interface should receive an IP address from the Sercomm eNodeB on the subnet. Check this using ifconfig:

$ ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet  netmask  broadcast
    inet6 fe80::2e0:4cff:fe68:2f76  prefixlen 64  scopeid 0x20<link>
    ether 00:e0:4c:68:2f:76  txqueuelen 1000  (Ethernet)
    RX packets 264652  bytes 216094312 (216.0 MB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 183978  bytes 36528580 (36.5 MB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

The eNodeB IP address should be on that link. Verify this using ping:

$ ping

To access the Sercomm eNodeB admin page, you can run a Web browser on the laptop and direct it to Login to the admin interface as user: sc_femto and password: scHt3pp.

Click the NetWork set menu at the top. In the first section IP Address, set Connect type: DHCP (assuming this is supported on your local network, otherwise set up a static IP address). Click the blue Save button at the bottom.

Next, click the Manage menu at the top and then click the LTE Basic Setting tab. Change these parameters and click Save:

  • Carrier Number: 2

  • Carrier Aggregation: Unset

  • BandWidth: 20

  • FrequencyBand: 48,48

  • EARFCN: 55440,55640

  • CellIdentity: 2,1

  • PCI: 100,101

  • TxPower: 20

  • Tunnel Type: IPv4

  • MME IP Address: <MME IP address from AiaB installation>

  • PLMNID: 315010

  • TAC: 1

  • Sync Source: FREE_RUNNING

  • Enable CWMP: Unset

Click the SAS Configuration tab. In the Location Configuration section, enter these values and click “Save”:

  • Location: Indoor

  • Location Source: Manual

  • Latitude: 0

  • Longitude: 0

  • Elevation: -18000

Next we need to add a static route to the UPF address,, on the eNodeB. Click on TR098 menu and then click on IP tab. Scroll down to Device.Routing.Router. section. Click View List. Add this info on the blank line:

  • Enable: Set

  • StaticRoute: Set

  • DestIPAddress:

  • DestSubnetMask:

  • GatewayIPAddress: <Use MME IP address from AiaB installation>

  • Interface: Device.IP.Interface.1.

Then click the Add button at the far right.

Finally click the FAPService menu and then go to the FAPControl tab. Check the box next to AdminState in the first section and click Save.

After these changes are made, reboot the eNodeB by clicking the red power button square at top right and selecting Reboot. When the eNodeB comes back up, it should have an IP address on the network (via the WAN port), and the admin page should now be available on https://<endoeb-ip>.

Test connectivity from the eNodeB to the MME and the UPF running on the server as follows. Login to the eNodeB admin interface, click the “Manage” menu at the top, and click the IP Diagnose tab. Under Ping and Traceroute, select ping, and then type the following IP addresses into the box to the right and click Run:

  • <MME IP address from AiaB installation>



If all of these are working, then you are ready to try to connect devices to the network.

Automated Sercomm eNodeB Setup (experimental)

The eNodeB service is used to provide the automatic configuration of the eNodeB device. It can be installed by the following command:

make enodebd

The eNodeBD service will listen on port 31005 and you need to configure the management url of eNodeB device to make eNodeB connect to the eNodeBD service. By default, the eNodeBD service will configure the eNodeB with the pre-defined configuration, but you can also add the customized configuration per serial number in the magma_config/serial_number/ directory. For the example configuration, please duplicate acs_common.yaml and rename it as the {serial_number}.yaml.

The automated setup via eNodeBD won’t configure the static route to UPF service, please follow the UPF route setup step describes in Manual Sercomm eNodeB setup to add the static route.

Configuration and Validation

To configure the Sercomm eNodeB be managed by eNodeBD service, access the TR098 configuration page:


The configuring path is: TR098 > MgmtServer > Device.ManagementServer.URL

  1. Check the EnableCWMP option to enable the management function.

  2. Fill the eNodeBD URL into Device.ManagementServer.URL field.

After you fill in the AiaB IP with eNodeBD service port as URL into the field, you need to restart the device. And you will be able to see the eNodeBD log by the following command (the pod name may be different):

kubectl -n aether-apps logs aether-enodebd-b46897745-fj5qj -f

Also, you can install the monitoring dashboard to view the eNodeB status on Grafana.

Connecting Devices

Documenting how to configure different types of devices to work with Aether is work-in-progress, but here are some basic guidelines.

The values of IMSI, OPc, and Transport Key you have configured on your SIM cards must be entered into the subscribers block under omec-sub-provision in the sd-core-4g-values.yaml file. If you are not using the ROC, the IMSIs must also be added under device-groups, and the relevant device group added under network-slices. If you are using the ROC, then your devices must be configured there and the associated device group added to a slice. In either case it is necessary to configure the basic info under subscribers.

Be aware that not all phones support the CBRS frequency bands. AiaB is known to work with recent iPhones (11 and greater) and Google Pixel phones (4 and up). CBRS may also be supported by recent phones from Samsung, LG Electronics and Motorola Mobility, but these have not been tested with AiaB. If you successfully test a phone on AiaB, please post details on Slack so we can add it to the list.

The APN to configure on your phone is internet.

Enable Monitoring

To easily monitor your AiaB deployment, you can run the following command to deploy the Prometheus/Grafana monitoring stack on your AiaB server:

make monitoring-4g

After this step, Grafana is available at http://<server-ip>:30950. You will see a number of system dashboards for monitoring Kubernetes, as well as a simple AiaB dashboard that enables inspection of the local Aether state.


Figure 4. 4G Grafana AiaB Dashboard

The dashboard shows whether the eNodeB is connected to the core, how many active UEs there are, and the uplink (Tx Bitrate) and downlink (Rx Bitrate) throughput at the UPF.

To create a new dashboard for Aether, you can login to Grafana as user admin with password prom-operator. You can also modify an existing dashboard by making a copy of the dashboard and editing that. Note that any dashboard changes will be lost if Grafana is restarted; if you want to make your dashboard more permanent, you can save its JSON to a file, add the file to directory aether-in-a-box/resources/4g-monitoring, and edit kustomization.yaml in that directory to add the file to the ConfigMapGenerator block. After these steps, re-running make monitoring-4g should install the dashboard in a ConfigMap and Grafana should automatically load it.


Please refer Aether Troubleshooting Guide