After setting up the 5G environment, DNS server, and adding DNS security capabilities, it’s time to test our approach.

Start the gNB and UE simulation


Access the gNB machine, and run the following

  • Change directory to UERANSIM
  • Run the gNB script
sudo ./build/nr-ue -c config/open5gs-ue1.yaml


Access the UE machine, and run the following

  • Change directory to UERANSIM
  • Run the UE script
sudo ./build/nr-ue -c config/open5gs-ue1.yaml

Start the ryu script at the gNB

Open a new terminal or ssh session to run the following command

sudo ryu-manager

You should see the following:

loading app

Flow 1 of 3 added

Flow 2 of 3 added

Flow 3 of 3 added
loading app ryu.controller.ofp_handler
instantiating app of L2Switch
instantiating app ryu.controller.ofp_handler of OFPHandler

Only run this for the experiments with the SDN controller. If you want to test the environment without redirecting the DNS packets from the gNB to the DNS server, just stop the script.

Testing from the UE sim

Our experiments consist of using the kdig utility to add the +dnssec option, anr/or +tls option


Open a new terminal or an ssh session to the UE machine.

  • To run any dns query, do the following:
 kdig -b @  +tls +dnssec

-b is to specify the UE IP address @ it’s the DNS IP address (Local DNS) +tls +dnssec are optional. Add it depending on the experiment Add at the end the domain name

  • Without any security
 kdig -b @
  • With DNSSEC only
 kdig -b @  +dnssec
  • With DoT (TLS)
 kdig -b @  +tls
  • With DNSSEC and DoT
 kdig -b @  +tls +dnssec

We also added some bash scripts which allows us to make automate the DNS queries. They are in the bashscripts folder.

You can modify the domains and the DNS IP address. You can use Google DNS server, Cloudflare, etc