0. Used the following Instructions: 

A. https://github.com/magma/magma

B. https://magma.github.io/magma/docs/basics/quick_start_guide

1. jFed Iris rspec

<?xml version='1.0'?>
<rspec xmlns="http://www.geni.net/resources/rspec/3" type="request" generated_by="jFed RSpec Editor" generated="2020-08-18T12:20:10.471+01:00" xmlns:emulab="http://www.protogeni.net/resources/rspec/ext/emulab/1" xmlns:delay="http://www.protogeni.net/resources/rspec/ext/delay/1" xmlns:jfed-command="http://jfed.iminds.be/rspec/ext/jfed-command/1" xmlns:client="http://www.protogeni.net/resources/rspec/ext/client/1" xmlns:jfed-ssh-keys="http://jfed.iminds.be/rspec/ext/jfed-ssh-keys/1" xmlns:jfed="http://jfed.iminds.be/rspec/ext/jfed/1" xmlns:sharedvlan="http://www.protogeni.net/resources/rspec/ext/shared-vlan/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.geni.net/resources/rspec/3 http://www.geni.net/resources/rspec/3/request.xsd ">
  <node client_id="magma" exclusive="false" component_manager_id="urn:publicid:IDN+iris-open-testbed.connectcentre.ie+authority+am">
    <sliver_type name="vm">
      <disk_image name="urn:publicid:IDN+iris-open-testbed.connectcentre.ie+image+snap_fb_magma_250520_uhd_srs"/>
      <flavor_type xmlns="http://iris-testbed.connectcentre.ie/rspec/ext/openstack/1" name="m1.large.100gb.8cpu.20gbram"/>
    <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1" x="257.0" y="177.0"/>
    <interface client_id="vm:ens3">
      <ip address="provider" type="ipv4"/>
    <interface client_id="vm:ens5">
      <ip address="provider" type="ipv4"/>

2. Download FB Magma from GitHub

sudo apt-get update
sudo apt-get dist-upgrade -y
sudo apt install python3-pip
pip3 install ansible fabric3 jsonpickle requests PyYAML
sudo apt install vagrant -y
vagrant plugin install vagrant-vbguest
sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils -y
sudo apt-get install virtualbox -y

sudo dpkg-reconfigure virtualbox-dkms
sudo apt-get install linux-headers-generic -y
sudo dpkg-reconfigure virtualbox
sudo apt-get install lksctp-tools libsctp-dev lksctp-tools -y

3. install docker

sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common -y

sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \

sudo apt-get update
sudo apt-get install docker -y

sudo apt-get remove docker-compose -y
sudo curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose


Bionic (18.04 LTS) and higher

The group name is changed to libvirt, and you also need to be a member of 'kvm':

$ sudo adduser `id -un` libvirt
Adding user '<username>' to group 'libvirt' ...
$ sudo adduser `id -un` kvm
Adding user '<username>' to group 'kvm' ...

sudo usermod -a -G libvirt $USER

4. Download FB Magma from GitHub

git clone https://github.com/magma/magma.git

5. Pass network interface on host FB Magma VM to Vagrant Container

To connect a physical srsLTE eNodeB to the gateway VM

On the terminal command line (available via jfed),  switch the Adapter 3 (for eth1 interface) from Host-only to Bridged mode and bridge it to interface ens3 from above. 

See screenshot below.

Save and exit.


6. Enable ipv4 forwarding

Note, ensure packet forwarding is enabled on the host VM:

cat /etc/sysctl.conf | grep net.ipv4.ip_forward

If you change the sysctl.conf file, you need to reboot the operating system

sudo reboot

7. Find the MAC address of the network interface being passed to the container

ifconfig -a command on the magma VM. Not the MAC address of the interface you plan on passing to the EPC (e.g., ens3, and the Mac address).

ubuntu@fb-magma-1:~/magma/orc8r/cloud/docker$ ifconfig ens3
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::f816:3eff:fee4:a963  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:e4:a9:63  txqueuelen 1000  (Ethernet)
        RX packets 20016  bytes 22934703 (22.9 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2881  bytes 282164 (282.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Note Mac address: fa:16:3e:e4:a9:63

8. Provision the AGW VM

 Now, bring the modified Vagrant container online:

cd ~/magma/lte/gateway

vagrant destroy magma

vagrant up magma

9. Build Orchestrator

Build the Orchestrator Docker Containers

cd ~/magma/orc8r/cloud/docker

sudo PWD=$PWD python3 ./build.py -a

10. Support DHCP at container on the OpenStack platform.

Once the Vagrant container is up, you need to run the following commands if you are using OpenStack as the underlying cloud platform.

You will need to set the MAC address of the Vagrant interface to the mac address of the host VM interface passed. For example:

sudo ifconfig eth1 hw ether fa:16:3e:e4:a9:63

Also, you need to set the interface to promisc mode, otherwise it is not seen by other nodes in the network:

sudo ifconfig eth1 promisc

11. Build AGW from Source

cd ~/magma/lte/gateway
vagrant ssh magma
cd /home/vagrant/magma/lte/gateway
make run

This takes a few minutes to run. So grab a coffee.

12. Build Orchestrator

Here, we'll be building the Orchestrator docker containers.

cd ~/magma/orc8r/cloud/docker

#####Start the orchestrator including metrics
sudo ./run.sh -all

The Orchestrator application containers will bootstrap certificates on startup which are cached for future runs. Watch the directory magma/.cache/test_certs for a file admin_operator.pfx to show up (this may take a minute or 2), then:

HOST [magma/orc8r/cloud/docker]$ ls ../../../.cache/test_certs

admin_operator.key.pem  bootstrapper.key        controller.crt          rootCA.key
admin_operator.pem      certifier.key           controller.csr          rootCA.pem
admin_operator.pfx      certifier.pem           controller.key          rootCA.srl

HOST [magma/orc8r/cloud/docker]$ open ../../../.cache/test_certs

In the Finder window that pops up, double-click admin_operator.pfx to add the local client cert to your keychain. The password for the cert is magma. In some cases, you may have to open up the Keychain app in MacOS and drag-drop the file into the login keychain if double-clicking doesn't work.

If you use Firefox, you'll have to import this .pfx file into your browser's installed client certificates. See here for instructions. If you use Chrome or Safari, you may have to restart the browser before the certificate can be used. 

13. Add admin_operator.pfx file to Firefox

If Firefox is not installed on the magma VM, please install it

Open Firefox. [assuming ssh X11 forwarding is working - i.e., ssh -Y ... ]

Now, install the certificate 


Install Client Digital Certificate - Firefox for Windows
  1. Open Firefox. ...
  2. Click the Advanced icon on the top right of the options screen. ...
  3. Click Import on the Your Certificates tab.
  4. Browse to your certificate and click Open. ...
  5. You will now receive an alert saying the import was successful.

14. Change the MME_IPV4_ADDRESS_FOR_S1_MME variable

Change the following MME_IPV4_ADDRESS_FOR_S1_MME variable in the mme.conf file as follows. It should be equal to the IP address of the eth1 interface  Search for the file if it is not at this location

vagrant@magma-dev:~$ grep  MME_IPV4_ADDRESS_FOR_S1_MME /home/vagrant/magma/lte/gateway/deploy/roles/magma_oai/files/mme.conf
        MME_IPV4_ADDRESS_FOR_S1_MME           = "<MME IP>/24";
For example:
        MME_IPV4_ADDRESS_FOR_S1_MME           = "";

You need to restart magmad service as in the next section. 

15. Connecting Your Local LTE Gateway to Your Local Cloud

This command will seed your gateway and network on Orchestrator with some default LTE configuration values and set your gateway VM up to talk to your local Orchestrator cloud.

cd ~/magma/lte/gateway
fab -f dev_tools.py register_vm

Wait 2 minutes.

While waiting make the following change:

  1. In gateway VM, modify the nat_iface in /etc/magma/pipelined.yml from eth2 to eth0. Restart all services.
  2. In the gateway VM, follow the steps in EnodeB Configuration. Make sure the earfcn set in the enodebd section of gateway.mconfig is the one that is supported by the eNodeB under consideration. to support srslte earfcn should be 3400. 

After two minutes, Then:

cd ~/magma/lte/gateway
vagrant ssh magma

sudo service magma@* stop
sudo service magma@magmad restart
sudo tail -f /var/log/syslog

16. Using the NMS UI 

Magma provides an UI for configuring and monitoring the networks. To set up the NMS to talk to your local Orchestrator:

cd /home/$USER/magma/nms/app/packages/magmalte
sudo docker-compose build magmalte
mkdir -p  /home/iristest/magma/symphony/.cache/test_certs/
cp /home/iristest/magma/.cache/test_certs/*  /home/iristest/magma/symphony/.cache/test_certs/
sudo docker-compose up -d
sudo ./scripts/dev_setup.sh

17. Launch FireFox

After this, you will be able to access the UI by visiting https://magma-test.localhost, and using the email This email address is being protected from spambots. You need JavaScript enabled to view it. and password password1234.

Go to this URL as map does not appear to work: https://magma-test.localhost/nms/test/metrics/gateways 

18. Add IMSI via GUI

IMPORTANT: Make sure to add the OPC parameter, otherwise you get: "11:27:20.672516 [NAS ] [W] Network authentication failure"
IMPORTANT: Make sure to add an APN, otherwise you will get the following message on the UE:
"11:35:52.312242 [NAS ] [W] Received Attach Reject. Cause= 13"

"root":{7 items
"active_apns":[1 item
"config":{1 item
"lte":{5 items
"lte":{5 items
"monitoring":{}0 items
"state":{1 item
"directory":{1 item
"location_history":[1 item

This is to add the subscriber - if not using the GUI. Note, the NMS UI, the subscriber database file is overwritten by contents of NMS. So this is just for reference.

cd ~/magma/lte/gateway
vagrant ssh magma

subscriber_cli.py add --lte-auth-key 00112233445566778899aabbccddeeff IMSI001010123456789 --lte-auth-opc 63bfa50ee6523365ff14c1f45f88737d
subscriber_cli.py add --lte-auth-key 00112233445566778899aabbccddeeff IMSI001010123456780 --lte-auth-opc 63bfa50ee6523365ff14c1f45f88737d

#list all subscribers
subscriber_cli.py list

#get specific subscriber information
subscriber_cli.py get IMSI001010123456780
sid {
  id: "001010123456780"
gsm {
lte {
  state: ACTIVE
  auth_key: "\000\021\"3DUfw\210\231\252\273\314\335\356\377"
  auth_opc: "c\277\245\016\346R3e\377\024\301\364_\210s}"
state {

subscriber_cli.py delete IMSI001010123456780


19. Add Gateway in GUI for srsLTE 


Network ID: test
Network Name: Test Network
Network Type: lte
Add Description: Test network

Policy Enfourcement Enabled: Disabled
LTE Auth AMF: gAA=
MCC: 001
MNC: 01
TAC: 1

Band Type: TDD
Special Subframe Pattern: 7
Subfrane Assignment: 2

This srsLTE URL was useful: 


The following URL proved useful when selecting EARFCNDL where band is 42:  




20. Successful Connection 


A. Troubleshooting

Get the following error when launching Vagrant container. 

iristest@magma:~/magma/lte/gateway$ vagrant up
Bringing machine 'magma' up with 'libvirt' provider...
==> magma: You assigned a static IP ending in ".1" to this machine.
==> magma: This is very often used by the router and can cause the
==> magma: network to not work properly. If the network doesn't work
==> magma: properly, try changing this IP.
==> magma: Box 'fbcmagma/magma_dev' could not be found. Attempting to find and install...
    magma: Box Provider: libvirt
    magma: Box Version: 1.0.1586316960
==> magma: Loading metadata for box 'fbcmagma/magma_dev'
    magma: URL: https://vagrantcloud.com/fbcmagma/magma_dev
The box you're attempting to add doesn't support the provider
you requested. Please find an alternate box or use an alternate
provider. Double-check your requested provider to verify you didn't
simply misspell it.

If you're adding a box from HashiCorp's Vagrant Cloud, make sure the box is

Name: fbcmagma/magma_dev
Address: https://vagrantcloud.com/fbcmagma/magma_dev
Requested provider: [:libvirt]

Delete and Reinstall vagrant

sudo apt-get install virtualbox -y

B. EPC Not connecting with SCTP protocol. 

If its determined that the eNB is not connecting to the magma EPC, the SCTP protocol might be an issue.

Try connect the eNB. When its trying to connect, see if there is any output from the following command:

sudo tcpdump -i any sctp

If if there no output, then its likely the SCTP protocol is blocked. On OpenStack, allow "Other Protocol" and port 132 (ingress and egress)


C. Logs

sudo service magma@* status

sudo journalctl -fu magma@subscriberdb

sudo tail -f  /var/log/syslog

sudo tail -f /var/log/mme.log

sudo tail -f /var/log/daemon.log 

Magma will be running a DHCP server to assign an IP address to your connected eNodeB. Check if an IP address gets assigned to your eNodeB by either checking the eNodeB UI or monitoring the dnsd service.

journalctl -u magma@dnsd -f
# Check for a similar log
# DHCPDISCOVER(eth1) 48:bf:74:07:68:ee
# DHCPOFFER(eth1) 48:bf:74:07:68:ee
# DHCPREQUEST(eth1) 48:bf:74:07:68:ee
# DHCPACK(eth1) 48:bf:74:07:68:ee

Monitor the progress of enodebd using the following command

journalctl -u magma@enodebd -f
# Check for a similar log
# INFO:root:Successfully configured CPE parameters!


Use the tools in /home/vagrant/build/python/bin to troubleshoot. It also allows for querying the value of parameters such as subscriber, setting them etc.

(python) vagrant@magma-dev:~$ ls -ltrh /home/vagrant/build/python/bin
total 4.9M
-rwxr-xr-x 1 vagrant vagrant 2.3K Aug 19 21:20 python-config
-rw-r--r-- 1 vagrant vagrant 1.2K Aug 19 21:20 activate_this.py
-rw-r--r-- 1 vagrant vagrant 2.2K Aug 19 21:20 activate.fish
-rw-r--r-- 1 vagrant vagrant 1.1K Aug 19 21:20 activate.csh
-rw-r--r-- 1 vagrant vagrant 2.1K Aug 19 21:20 activate
-rwxr-xr-x 1 vagrant vagrant  245 Aug 19 21:21 cythonize
-rwxr-xr-x 1 vagrant vagrant  265 Aug 19 21:21 cython
-rwxr-xr-x 1 vagrant vagrant  244 Aug 19 21:21 cygdb
-rwxr-xr-x 1 vagrant vagrant  234 Aug 19 21:21 netaddr
-rwxr-xr-x 1 vagrant vagrant  235 Aug 19 21:21 pbr
-rwxr-xr-x 1 vagrant vagrant  246 Aug 19 21:21 pybabel
-rwxr-xr-x 1 vagrant vagrant  245 Aug 19 21:21 chardetect
-rwxr-xr-x 1 vagrant vagrant  244 Aug 19 21:21 oslo-config-validator
-rwxr-xr-x 1 vagrant vagrant  244 Aug 19 21:21 oslo-config-generator
-rwxr-xr-x 1 vagrant vagrant  238 Aug 19 21:21 ryu-manager
-rwxr-xr-x 1 vagrant vagrant  239 Aug 19 21:21 ryu
-rwxr-xr-x 1 vagrant vagrant  243 Aug 19 21:21 sort_wsdl
-rwxr-xr-x 1 vagrant vagrant  242 Aug 19 21:21 UTscapy
-rwxr-xr-x 1 vagrant vagrant  241 Aug 19 21:21 scapy
-rwxr-xr-x 1 vagrant vagrant  232 Aug 19 21:21 flask
-rwxr-xr-x 1 vagrant vagrant 5.8K Aug 19 21:21 wsdump.py
drwxr-xr-x 2 vagrant vagrant 4.0K Aug 19 21:21 __pycache__
-rwxr-xr-x 1 vagrant vagrant  235 Aug 19 21:21 nosetests-3.4
-rwxr-xr-x 1 vagrant vagrant  235 Aug 19 21:21 nosetests
-rwxr-xr-x 1 vagrant vagrant 1.8K Aug 19 21:21 pyroute2-cli
-rwxr-xr-x 1 vagrant vagrant  21K Aug 19 21:21 ss2
-rwxr-xr-x 1 vagrant vagrant  233 Aug 19 21:22 isort
-rwxr-xr-x 1 vagrant vagrant  243 Aug 19 21:22 symilar
-rwxr-xr-x 1 vagrant vagrant  247 Aug 19 21:22 pyreverse
-rwxr-xr-x 1 vagrant vagrant  241 Aug 19 21:22 pylint
-rwxr-xr-x 1 vagrant vagrant  243 Aug 19 21:22 epylint
-rwxr-xr-x 1 vagrant vagrant 1.9K Aug 19 21:22 snowflake
-rwxr-xr-x 1 vagrant vagrant  237 Aug 19 21:22 jsonschema
-rwxr-xr-x 1 vagrant vagrant 1.9K Aug 19 21:22 jsonpointer
-rwxr-xr-x 1 vagrant vagrant  335 Aug 20 08:43 create_oai_certs.py
-rwxr-xr-x 1 vagrant vagrant  331 Aug 20 08:43 agw_health_cli.py
-rwxr-xr-x 1 vagrant vagrant  329 Aug 20 08:43 feg_hello_cli.py
-rwxr-xr-x 1 vagrant vagrant  321 Aug 20 08:43 fake_user.py
-rwxr-xr-x 1 vagrant vagrant  325 Aug 20 08:43 enodebd_cli.py
-rwxr-xr-x 1 vagrant vagrant  321 Aug 20 08:43 hello_cli.py
-rwxr-xr-x 1 vagrant vagrant  341 Aug 20 08:43 generate_oai_config.py
-rwxr-xr-x 1 vagrant vagrant  337 Aug 20 08:43 packet_tracer_cli.py
-rwxr-xr-x 1 vagrant vagrant  317 Aug 20 08:43 ocs_cli.py
-rwxr-xr-x 1 vagrant vagrant  337 Aug 20 08:43 mobility_dhcp_cli.py
-rwxr-xr-x 1 vagrant vagrant  327 Aug 20 08:43 mobility_cli.py
-rwxr-xr-x 1 vagrant vagrant  319 Aug 20 08:43 pcrf_cli.py
-rwxr-xr-x 1 vagrant vagrant  331 Aug 20 08:43 packet_ryu_cli.py
-rwxr-xr-x 1 vagrant vagrant  329 Aug 20 08:43 s6a_proxy_cli.py
-rwxr-xr-x 1 vagrant vagrant  327 Aug 20 08:43 policydb_cli.py
-rwxr-xr-x 1 vagrant vagrant  329 Aug 20 08:43 pipelined_cli.py
-rwxr-xr-x 1 vagrant vagrant  331 Aug 20 08:43 subscriber_cli.py
-rwxr-xr-x 1 vagrant vagrant  317 Aug 20 08:43 sgs_cli.py
-rwxr-xr-x 1 vagrant vagrant  341 Aug 20 08:43 session_manager_cli.py
-rwxr-xr-x 1 vagrant vagrant  333 Aug 20 08:43 s6a_service_cli.py
-rwxr-xr-x 1 vagrant vagrant  321 Aug 20 08:43 state_cli.py
-rwxr-xr-x 1 vagrant vagrant  335 Aug 20 08:43 spgw_service_cli.py
-rwxr-xr-x 1 vagrant vagrant  339 Aug 20 08:43 cpe_monitoring_cli.py
-rwxr-xr-x 1 vagrant vagrant 4.6M Aug 20 08:43 python3.5
lrwxrwxrwx 1 vagrant vagrant    9 Aug 20 08:43 python3 -> python3.5
lrwxrwxrwx 1 vagrant vagrant    9 Aug 20 08:43 python -> python3.5
-rwxr-xr-x 1 vagrant vagrant  258 Aug 20 08:43 easy_install-3.5
-rwxr-xr-x 1 vagrant vagrant  258 Aug 20 08:43 easy_install
-rwxr-xr-x 1 vagrant vagrant  249 Aug 20 08:43 pip3.5
-rwxr-xr-x 1 vagrant vagrant  249 Aug 20 08:43 pip3
-rwxr-xr-x 1 vagrant vagrant  249 Aug 20 08:43 pip
-rwxr-xr-x 1 vagrant vagrant  236 Aug 20 08:43 wheel
-rwxr-xr-x 1 vagrant vagrant  333 Aug 20 08:43 checkin_cli.py
-rwxr-xr-x 1 vagrant vagrant  351 Aug 20 08:43 generate_dnsd_config.py
-rwxr-xr-x 1 vagrant vagrant  339 Aug 20 08:43 directoryd_cli.py
-rwxr-xr-x 1 vagrant vagrant  357 Aug 20 08:43 generate_service_config.py
-rwxr-xr-x 1 vagrant vagrant  357 Aug 20 08:43 generate_nghttpx_config.py
-rwxr-xr-x 1 vagrant vagrant  359 Aug 20 08:43 generate_lighttpd_config.py
-rwxr-xr-x 1 vagrant vagrant  361 Aug 20 08:43 magma_conditional_service.py
-rwxr-xr-x 1 vagrant vagrant  331 Aug 20 08:43 health_cli.py
-rwxr-xr-x 1 vagrant vagrant  363 Aug 20 08:43 generate_fluent_bit_config.py
-rwxr-xr-x 1 vagrant vagrant  335 Aug 20 08:43 service_util.py
-rwxr-xr-x 1 vagrant vagrant  343 Aug 20 08:43 magma_get_config.py
-rwxr-xr-x 1 vagrant vagrant  331 Aug 20 08:43 magmad_cli.py
-rwxr-xr-x 1 vagrant vagrant  345 Aug 20 08:43 show_gateway_info.py
-rwxr-xr-x 1 vagrant vagrant  339 Aug 20 08:43 service303_cli.py