1

Master-QA-Docs- (Deployment & Testing)

1. Explain LTE Attach Process?

 LTE Attach- Once UE Switched On It Complete Frequency and Time

Synchronisation,and then Perform Cell Selection, and Read MIB & SIB and send "RAP
Request" to EnodeB which first message to EnodeB from UE, now EnodeB send "RAP
Response" to UE , at this time of instance SRB0 Is active, after that UE send "RRC
connection Request" to EnodeB and EnodeB send "RRC connection Set-up Response
to" UE, at this time SRB1 is stabilized, Now UE send " RRC Connection Set-up
Complete" message to EnodeB in which NAS Message Piggy Banged (i.e. NAS EMM&
ESM) Attach +PDN connectivity request
 Once EnodeB received "attached+ PDN connectivity request", it sends " Initial UE
Message to MME (Attach+ PDN connectivity request), Now MME send
Authentication Request to HSS for UE Authentication and Obtaining Security Vectors.
MME received Authentication request and sends "authentication Information
response” To MME Carrying 4 Security Key (KASME, AUTN, RAND, XRES), after that
NAS Signaling take place as-
 MME Store XRES Locally and send "Authorization request" to UE, and UE Send
Authorization response to MME Carrying RES, If RES Matched with XRES Stored in
MME Then Authentication Will Complete.
 After that MME Has to Perform NAS Integrity & Encryption with UE, MME send
"Security mode command" message to UE and UE reply with security mode
command Answer. Once NAS Signaling is completed, MME send Update Location
Request to HSS, To Update Its Identity IN HSS and Retrieving UE Subscription Details,
and HSS send Update Location response to MME. carrying UE Related Subscription
Details (APN, QOS, Subscribed PGW)
 After that MME send "Create Session Request" to SGW, SGW receive create session
request and Send "Create default Bearer" Request to PGW, after that PGW Trigger
PCRF to Perform PCC Rules, PCRF Apply PCC Rules and Responded PGW, Then PGW
Allocate UE IP, And Send "Create Session Response" to SGW Carrying (UE IP, PGW IP)
and also Start sending Downlink data to SGW. At this Stage S5 Default Bearer Is
Stablished
 After that SGW send " Create session Response" to MME (carrying S1-Sgw IP)
 Now MMW send "Initial Context Activation" message to EnodeB, and EnodeB send
"RRC Security mode " message to UE, now UE complete RRC connection Security &
Encryption and send " RRC Security complete" message to EnodeB, at this time of
instance SRB2 is active, and now EnodeB send "RRC Connection Reconfiguration"
message to UE and UE send " RRC connection Reconfiguration" Response to EnodeB,

BY- sOLEX 1
2

Now UE Stablished A DRB With EnodeB, after that EnodeB send "initial Context setup
complete" response to MME,
 Now MMW send " Modify Bearer Request " to SGW and SGW Response with "Modify
Bearer Response"
 Now SGW Create Default Bearer with EnodeB, and SGW start sending Buffered
Downlink data to UW
 Now LTE attach is completed.

2. Explain MO side call flow?

 UE send Invite Request to PCSC, Now PCSCF forward invite Request to SCSCF, now
SCSCF perform ENUM Query to obtain address of Terminating B party ICSCF, Once
SCSCF got the address of Terminating B party ICSCF, IT forward the Invite Request to
Terminating ICSCF.

3. How MO will come to know about MT?

Terminating end ICSCF is the entry point for MT call. Once it received the request
from Originating end SCSF it did LIR/LIA to HSS for obtain the address of terminating
end SCSF.

4. On which node Diameter protocol exists?

a. In LTE- MME, HSS, EIR, PCRF, PGW, OCS.
b. In IMS- PCSCF, ICSCF, S-CSCF, IMS-HSS, TAS.

5. Explain messages on Diameter Protocol?

a. In LTE- AIR/AIA over S6a interface(MME-HSS), Device Authentication
Request/Answer
Over S-13 interface(MME-EIR), Update Location Request/Answer over S6a
interface(MME-HSS), Cancel Location Request/Answer over S6a Interface(MME-
HSS).
b. In IMS- AAR/AAA over Rx interface(PCSCF-PCRF), UAR/UAA, MAR/MAA,
SAR/SAA, over Cx Interface. UDR/UDA, PUR/PUA, SNR/SNA over Sh interface.

6. Which LTE Core and IMS Node involved when we making IMS call and how many
protocol protocols are involved?
a. In LTE-MME HSS PCRF and
b. IMS PCSCF ICSCF SCSCF DNS ENUM MNP-DB TAS OCS IMS-HSS.
c. Protocol used SIP and Diameter.

7. How you use to take trace and its analysis at message level, Tell me how ypu perform
BY- sOLEX 2
3

Test Cases?

Prerequisite.
First get the remote access through visor tool.
Reserve the particular imsi devise. Asked the lab team to rout the sim According the test
cases requirement.
TAC for the tac environment region Node trace.
Log in Credentials.
For Execution part-
First we click on batch file script, now we enter in RMTS mode. choose 2 for PP. It
connects us to lab devices remotely. Now we start a dry test. Flight mod on off to
check everything working fine at coverage level.
Log in to Wireshark server through putty.
Log in through ip and port no 22. Then give login credentials.
Now I am in Wireshark server. Used pwd command and cd command to work in my path
folder. Now start testing.

For end to end testing give

tshark Command filename. Cap
Wait some time and stop the trace using Ctrl+C
Give chmod777 command for file permission
Now go to winscp server for download the trace. Log in in sftp server using same key.
Download the trace and drag it to my local PC.
Then analysis the trace.
Verdict/Validation- if actual result match the expected result then closes the test case.
If I find bugs.
Then raise the bug to defect manager using JIRA/ ALM Tool.

8. Have you worked on MME and MSC?

Yes, on MME, I usually track messages for Authentication (AIR/AIA), Subscriber

Withdraw (CLR/CLA), Update Location ULR/ULA.

9. Tell me the work you make analysis on node (trace level).

Log in to Wireshark server through putty.

Log in through ip and port no 22. Then give login credentials.
Now I am in Wireshark server. Used pwd command and cd command to work in my
path folder. Now start testing.
to perform the Node testing
Used tcpdump command for it.

BY- sOLEX 3
4

For this first we switch as a root user for taking the trace.
Sudo su -
Root log in
Su - rtp99 User.

10.Explain Bug cycle?

When I analysis on Wireshark if I find out a bug in a call flow, I raise it to defect
manager through JIRA tool. Then troubleshooting team fix it, once I get back it by
defect manager then I retest to verify and then close it.

11. Explain PS to CS Call flow?

• UE sends SIP “INVITE” msg to P-CSCF which contains A Party Number along
with SIP URI and B Party Number Tel URI.
• P-CSCF sends “INVITE” to S-CSCF along with SDP (Session Description Protocol)
offer A, which includes media capabilities and Codecs to be used.
• S-CSCF executes originating trigger IFC (initial Filter Criteria). IFC is list of
conditions upon which an Application Server (NTAS) shall be contacted. It can be
Registration, Originating INVITE, terminating INVITE (Registered), terminating INVITE
(De Registered). In this case, it is Originating INVITE. S-CSCF sends originating
“INVITE” to TAS.
• TAS does MNP dip query with STP to get LRN of B party. TAS also executes
originating A party services. TAS sends “INVITE” to S-CSCF along with B party number
with LRN.
• S-CSCF does iNUM query for B party (LRN+ 10-digit number) to check if B party
is VoLTE subscriber or not. Here, B party is in CS domain. So, iNUM sends response
that Number not found to S-CSCF.
• S-CSCF sends SIP “INVITE” to BGCF and BGCF will send to MGCF (MSS or GCS)
based on B party number routing table defined for break out calls. MGCF will
do further routing of B party in CS domain and sends 180 ringing to S-CSCF. Once, B
party answers, conversation will happen,

12. What is SS7 protocol and its architecture?

It is a set of signaling protocol. It is used for call setup, teardown a telephonic call (GSN
& PSTN).

Architecture- In SS7 Architecture we have Service Switching Point(SSP), Service Control

Point(SCP), and Signal Transfer Point. For communication we used link based interface
between these Nodes.

BY- sOLEX 4
5

A Link- Access Link(SSP-STP)- It connect home network. SCP rout the message to home
network STP using A-Link.
B Link- Bridge Link(STP-STP)- Peer to Peer STP- It is used rout the call to one STP to
another STP.
C Link- It used for reliability. It is called Mated C-Link. If Some link is failures, then we
used mated link.
E Link- Home SSP to Visited STP.
F Link- It is used to connect one SSP to another SSP.

13. If any pod is not going to deploy then what you will do?
First I check on kubectl get pod then kubectl describe pod for configuration error and
then I check all occurred event through kubectl get event.

14. What kind of issue you are facing in deployment and how you have resolved it?
We have encounter configuration mismatch issue in deployment. For e.g. sometime
pods are not scheduled due to labels mismatch with cluster nodes.
Nodes selector and node affinity updated with incorrect labels in helm chart value.
yaml.
Secondly in recent deployments AUSF pod is not running fully due to Config error
UE-auth pod resource metrics release value is present as 2 instead of 1 for initial
deployment.

For resolved these problem we double-check on configuration in reghelm files and

check configuration through kubectl describe command and check the event through
kubectl get event.

15. What are the services in in UDM?

AUSF UDM is a service which is divided in sub service.

AUSF---Nausf ueauth—this is use for mgmt. of user identification & authorization.
UDM—Nudm-sdm—it manages all subscriber’s data and services. It allows to retrieve
user subscription data when required.
—Nudm-ueauth-- This service provides updated authentication related subscriber
data to the subscribed NF. For AKA based authentication, it supports 5G AKA and EAP-AKA’
algorithms.
Nudm-uecm—it is use to context data mgmt. like customer data is inside the old AMF
then its use to quay for new AMF & carried out old to new AMF,
Nudm-ee—its Allow NF consumer to subscribe to receive an event, Monitoring event,
suppose Subscriber in Roaming this kind of event is notified by EE.

BY- sOLEX 5
6

16. *How many UDM you have deployed till now?

17. *How much it takes in UDM deployment?

18. 5G Architecture?

19. What is the role of NRF in 5G?

Network Repository Function- It is used for discovery for Network Function. The main
function of NRF.
1. Register NFs (Service Registration), Maintain NFs profile, Maintain NFs instances,
Service discovery.

20. Interface between UDM and SDL?

Ldap
21. Have you done configuration if yes tell me the process?
Yes, if requirement we have done SDL configuration. We have dedicated pod CA
server (ZTS POD) for SDL configuration.
We login the CA server thru kubectl exec command then used config terminal
command now we get a config window now we used show configuration command.
We get all configuration details, we copy all the configuration data and paste in
Notepad. Now pick services one by one e.g. Udm-ueauth, udm-EE, udm-sdm and
done configuration according to their IP & give Priority Value- 0, Capacity Value- 1,
port value- 16611 and the use commit or wr.

22. Explain Kubernetes architecture?

We have Master Node (Control Plane) and Worker Node (User Plane).
Components of master Node:
1. API Server
2. Kube Scheduler
3. Controller Manager
4. ETCD.

Components of Worker Plane:

1. Kube Proxy
2. Kubelet
3. Pods
4. Container Engine

23. Difference between replica controller and replica set?

The replication controller only supports equality-based selectors whereas the replica

BY- sOLEX 6
7

set supports set- based selectors.

Replica Set is the next generation of Replication Controller. Replication controller is
kind of imperative, but replica sets try to be as declarative as possible.
24. What is deployment?
1. Replication controller & Replica Sets is not able to do the update and rollback apps in
the cluster
2. A deployment is act as a supervisor for pod, giving you fine-grained control over
how and when a new pod is Rolled out, updated or rollback to a previous state
3. When using deployment object, we first define the state of the app, then k8s
cluster schedule maintained app instance onto specific individual nodes
4. A deployment provides declarative updates for pods & replica sets
5. K8s then monitors if the node hosting an instance goes down or pod is deleted
then deployment control its replicas
6. this is providing a self-healing mechanism to address machine failure or
maintenance

25. What is service in kubernetes?

Service expose the pod process to the outside world.
Label & selectors are used to select which are the pods to be put under the service
Creating a service will create an endpoint to access the pods/application in it.
Service can be expose in 3 different ways be specifying a type in the service spec
a. Cluster IP
b. Node Port
c. Load Balancer

26. How you see hidden file in Linux?

ls -la
27. What is inode no in Linux?
ls -li
28. Where is key store in kubernetes?
Kube- etcd
29. How you check process in Linux?
Ps -ef
30. *Difference between Host and realm?

31. What is contact header, Explain AOR?

Subscriber can have only 1 IMSI, but 1 subscriber can choose multiple impu(msisdn), or we
can say 1 subscriber can have multiple impu(msisdn) and all these IMPU associated with
single IMSI is Known as AOR or subscriber........

BY- sOLEX 7
8

Note- we can register 1 IMPU at multiple end point (ie devices) so to register 1 user identity
at multiple end point we Required some identity which can differentiate multiple devices,
so here Contact header comes into pictures, contact header allows us to register multiple
end points with single user identity, and it also required for end to end communication (i.e.
device to device communication)

32. Which Protocol is used in email?

Protocol used in email communication is TCP (Transmission Control Protocol). TCP
ensures reliable and ordered delivery of email messages, making it suitable for
applications like email where data integrity is crucial. UDP (User Datagram Protocol)
is generally not used for email because it doesn't guarantee reliable delivery or error
checking, which are essential for email communication.

33. Which interface between TAS and HSS?

Sh

34. Registration call flow?

UE send " Register" request to PCSCF, PCSCF perform DNS Query (SRV, NAPTER, AAA)
to obtain address of ICSCF, once PCSCF got the address of ICSCF, PCSCF Set "Integrity
security flag" to "False" indicating the UE is not authorized, and PCSCF forward the
registration Request to ICSCF,
ICSCF Received registration request and send "UAR( User Authorization)" Request to
HSS for " user Authorization" and Obtaining SCSCF for subscriber, Now HSS send "UAA (user
Authorization answer)" which carries SCSCF list and capabilities, on the basis of HSS
response ICSCF select appreciate SCSCF for the Subscriber, and for the registration request
to selected SCSCF, SCSCF received registration request and identify that UE is not
authorized yet, and required " IMS AKA V2 MD5" security mechanism to be complete, Now
SCSCF send MAR ( Multimedia Authentication Request) to HSS to retrieve authentication
vectors, now HSS stored related SCSCF name and Send MAA (multimedia authentication
Answer) to SCSCF which carries 5 authentication vectors (ik,ck,auth,Rand,Xres) along with "
Nonce" Value.
Now SCSCF store X-RES and challenge UE with 401 unauthorized Response which
carries 4 security vectors in (www authentication header) , now Icscf received 401
unauthorized Response and forward to PCSCF, now PCSCF store ik and ck which is going to
be used in IP Security Mechanism, now PCSCF for "401 unauthorized" Response to UE , now
UE perform IMS AKA V2 MD5 IP Security association with PCSCF based on parameters
received from SCSCF, once UE Complete IP Security association, then UE compute RES and
send a new Registration request to PCSCF, now PCSCF set Integrity security flag to "YES" and
forward registration request to ICSCF , now ICSC send " UAR(user authentication request)"

BY- sOLEX 8
9

to HSS to Retrieve SCSCF name stored in HSS during 1st attempt, now HSS response with
UAA (user Authorization answer) to ICSCF, now ICSCF forward registration request to
SCSCF, SCSCF checks IP Security association and Match RES value with XRes if Both Matches
then SCSCF Send SAR(Server Assignment Request) to HSS to download subscriber services
related profile, Now HSS send SAA ( server assignment answer) which carries user service
profile and IFC.
Now SCSCF send 200O OK Response to ICSCF and add " Service Rout “header which
contains address of SCSCF, now ICSCF forward 200 OK Response to PCSCF, PCSCF Save
service rout header and forward 200O OK response to UE, As of now IMS registration is
completed.

35. Interface Between UE and IMS?

Gm
36. Volte to Volte call flow?

UE send Invite Request to PCSC, Now PCSCF forward invite Request to SCSCF, now
SCSCF perform ENUM Query to obtaine address of Terminating B party ICSCF, Once
SCSCF got the address of Terminating B party ICSCF, IT forward the Invite Request to
Terminating ICSCF,
Now ICSCF Query The SLF to Know Which HSS Required to Contact for user Location,
Now ICSCF send LIR (Location info Request) to HSS find the address of SCSCF, HSS
Response with LIA (Location Info Answer).
Now ICSCF forward INVITE Request to SCSCF, Now SCSCF Received Invite request and
forward to PCSCF and PCSCF Trigger PCRF to Reserve Resources and Creating
Dedicated Bearer for Termination user
After that PCSCF forward invite Request to B party,
Now B Party Response with " 183 session in progress" which also carrying SDP
Answer.
Now "183 session Progress Response “Received by A party, as of now Dedicated
Bearer is Created at both end but Precondition not met yet.
Now A Party Send " PRACK " upon Receiving "183 session Progress" Response.
Which Carry Final Select Codec.
Now B Party “Prack " and Agree with Final Selected Codec and Response "200OK "
for Prack.
As of now Codec Negotiation Done, but Precondition Not Meet Yet.
Now A Party Reserved Enough Network Resources and Send " Update " Request to B
party, B party Also Reserve Enough Network Resources and Response with "200OK "
for Update.
As of now Precondition meet, and Codec Negotiation is done.
Now B Party Ready to Ring
Now B Party Start Ringing and Send " 180 Ringing " to A party, A Party Received”
180R" and Send " PRACK" to make “180R " Reliable.
Now B Party Send 200OK for "PRACK".

BY- sOLEX 9
10

Once B party answer the call It Send "200OK" for "INVITE".

A Party Received 200OOK and send ACK to B Party.
After that RTP Stabilized between Both Users.

37. Port no of SIP and Diameter?

SIP- 5060, Diameter- 3868
38. How you check port no in Linux?
Netstat –anp | grep i 16611 for ldap port

39. File permission command in Linux?

Chmod777.
40. Which node is responsible for devise authentication?
EIR
41. There test cases you executed recently?
1. Volte registration using IMS- AKA Auth scheme.
2. SDM IMSI-Attach with IMSI active= false.
3. Volte implicit registration for MT call(TAS)

42. Global error code?

600
43. Tell me about 415, 403, 503 and 500 error code?
415- Media coded mismatch issue
403- forbidden
503- service unavailable- Indication of release of bearer.
500- server internal error.

44. IMS to IMS interworking Node?

IBCF

45. *Tell me the process of Node restoration?

46. Prerequisite of Ausf-Udm deployment?

1.AWS credential
2. Value.yaml file/resource file/app-pre installer. yaml file/reg-helm.yaml file/
3.Netconf.xml file

47. Which file is required for deployment?

Value.yaml file/resource file/app-pre installer. yaml file/reg-helm.yaml file/
Netconf.xml file.

48. Which file you used in UDM deployment?

BY- sOLEX 10
11

We used three files for UDM deployment Netconf.xml, app-pre-installer, and

reghelm chart value. yaml.
49. What modification do you make in Value.yaml file?
This file contains the information about image Registry/storage Class/ multuscidr/
route/route_gw/ztslenvoylbip/ztslenvoylbip2/VNF Name/Worker node
selector/Node affinity etc.

50. Difference between Docker and kubernetes?

Docker used for containerization whereas kubernetes used for manage the
container.
Container is ephemeral in nature like if container goes down for multiple reason then
the end user cannot access the application and we will see the traffic loss. So to avoid
this we move to kubernetes. Kubernetes offers orchestration environment that have
capabilities like Auto-Healing, Auto-Scaling, clustering, & enterprises level support
like Load Balancing.
51. Which file is used for LAN connectivity?
App-pre-installer file.
52. You create user and group in key clock. Tell me name of group and why you create
them?
We create group like SS-Admin- for Secret Provisioning, Setting-Admin- For Netact
Integration, CM-Admin- for Configuration.
53. How you check the LAN connectivity?
Kubectl get danmets –n udm01 & then Netstat -anp

54. Tell me the name of networks services you created through LAN?
Ldap LAN/HTTP2 lan/LI lan/HSM lan/Trigger lan/etc.
55. *Have you done Netact Integration?
56. *Tell me about RTP error, Internal log, how you collect log?
57. How you check health?
Kubectl get pod
Kubectl get node
58. Which IP Addr. Used for login in keyclock.
We used ZTS ip addr & used 9090 port for login.
59. Why you do certificate provisioning & Netconf upload?
We do certificate provisioning to get access/permission for connectivity for udm
microservise, for that we upload secret in Vault Agent of ZTS and Netconf in CA-
server for all configuration and integration of microservises. We upload secret
through key file (key.pem, cert.pem, cacert.pem) authentication & used curl
command.
60. Difference between Pod and container?
A pod is a runtime specification of a container. A pod provides more declarative way
of defining through yaml file. We can run more than one container in a pod. They can
have taught each-other, can share resources & storage.

BY- sOLEX 11
12

61. Why we create security group in VNF?

It enables communication for all protocol at every port. If we don’t create security
group, then firewall block the SIP message coming from VMs.

62. Difference between VNF and CNF?

In VNF we did virtualization of hardware system and in CNF we did virtualization of
operating system and hardware system. In VNF application run in VMs and in CNF
application run in containers.
63. Have you used SCP command if yes tell me the uses?
Yes, we used SCP command for file transfer/copy one server to another server.
64. What is the used of sed command?
To replace one word to another word in file, we used SED command.
65. Tell me some command of kubernetes you used in deployment?
Kubectl get pod (To get the status of pod )
Kubectl get pod – o wide (To get the status of pod with more information, IP addr
and worker node information)
Kubectl describe pod (for all the configuration of pod).
Kubectl exec –it pods (to login in the pod).
Kubectl get event (to get all the event, activity)

66. IMS Architecture, UDM Architecture, SDM Architecture?

67. What is namespace and why we used it?
We deploy many project in a single cluster so we namespace for logical isolation of
recourses, network policy and everything for our project. End goal is to avoid
overlapping and authentication problems.
68. What is HSM connectivity?
ARPF is used to generate security vector algo, in the same manner HSM (Hardware
sec module) also generate sec vector algo for Customer end......
ARPF forward sec vector algo to hsm when customer requirement due to security
reasons.

69. Explain the process of UDM Deployment?

1 First we need to get software either TPM share software link or download
from software repository.
2. first we need to copy all software package in local pc & move to local jump
server.
3.Check checksum value either sha256sum/md5256sum
4.Copy all software package to S3 bucket
5.login AWS cli & download all software package to AWS cli
6.Untar all software package & tag images & push to ECR repo
7.modify value. Yaml/resource file
8.Start zts deployment by helm chart (by using Helm install command

BY- sOLEX 12
13

9. once ZTS deployments is completed, Check health

10.Create user in key clock
11.Certificate provision & Netconf upload
12.Create LAN by Helm with the heal of App pre installer helm
13.Deploy UDM by using Reg-helm chart
14.Check health check Status
15. Additional configuration if required
16.Netact integration

BY- sOLEX 13