Author Topic: band indicator = 1800 even though frequency set to 900  (Read 315 times)

nonce

  • Newbie
  • *
  • Posts: 8
    • View Profile
band indicator = 1800 even though frequency set to 900
« on: March 29, 2019, 11:59:51 AM »
I'm having a problem with the phone connecting to the cell station. I have set the BladeRF station to broadcast on the 900MHz range and verified this with another SDR. My cellphone sees the station but can't connect.

Troubleshooting:
Attempted to connect to station then inspected for rejected IMSI numbers. none found.

Code: [Select]
nipc list rejected
IMSI            No attempts register
--------------- ---------------

Here is my configuration from ybts.conf

Code: [Select]
Radio.Band=900
Radio.C0=975
Identity.MCC=510
Identity.MNC=01

Here is the wired part. I performed a pcap for GMS traffic. I only see downlink traffic no uplink traffic. In the downlink traffic I see the band indicator field says 1800 even though I have set this to 900MHz. Please see attached pcap.

no. 426 > GSM CCCH > SI 6 Rest Octets > Band Indicator = 1800

I remember seeing a bug that was posted a few years ago about the wrong frequency being broadcast. I'm not sure if this is related.

Is this expected? It would of course help if I got a working pcap as well. I would like to review a pcap on a working configuration.

Here are the commands to get a pcap.

Code: [Select]
telnet localhost 5038
mbts config Control.GSMTAP.GSM on
quit
connect phone
Code: [Select]
sudo tcpdump -i any udp port 4729 -w GSMtraffic.pcap


« Last Edit: May 22, 2019, 05:16:32 PM by nonce »

nonce

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: band indicator = 1800 even though frequency set to 900
« Reply #1 on: May 22, 2019, 05:16:05 PM »
I don't know if the attachment got removed but I see there is none. I have added it again.

After further testing I've found a bug related to the issue I am having. It's already been filed but doesn't effect operation of the cell tower.

I am able to see a strong signal from the cellphone at the correct uplink frequency using a SDR-RTL. For some reason I'm unable to read any packets received on the cell tower or see the cell name on the phone.

What logs can I look at to see if there is any signal received by the BladeRF from the phone?

nonce

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: band indicator = 1800 even though frequency set to 900
« Reply #2 on: May 23, 2019, 05:17:31 PM »
A small update to this. I think this is where my issue is

I'm getting this log line.

"RACH burst for unsupported service RA="

looking at the code (../Control/RadioResource.cpp) it seems to reference the cell tower receiving a bad frame from the phone. However a PCAP as I have done in the past doesn't show the frame so I have no idea what is wrong with it. Adding -v's to start yates doesn't seem to show any additional errors.

Is there a way to get more information on what is wrong with this incoming frame?

nonce

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: band indicator = 1800 even though frequency set to 900
« Reply #3 on: August 19, 2019, 03:28:52 PM »
I'm still trying to find what this error exactly means. Does this error mean the packet sent by the phone is corrupted?

If so what phones should work, that are still available? I've tested multiple phones without any luck.

thank you