Author Topic: band indicator = 1800 even though frequency set to 900  (Read 197 times)

nonce

  • Newbie
  • *
  • Posts: 6
    • View Profile
band indicator = 1800 even though frequency set to 900
« on: March 29, 2019, 11:59:51 AM »
I'm having a problem with the phone connecting to the cell station. I have set the BladeRF station to broadcast on the 900MHz range and verified this with another SDR. My cellphone sees the station but can't connect.

Troubleshooting:
Attempted to connect to station then inspected for rejected IMSI numbers. none found.

Code: [Select]
nipc list rejected
IMSI            No attempts register
--------------- ---------------

Here is my configuration from ybts.conf

Code: [Select]
Radio.Band=900
Radio.C0=975
Identity.MCC=510
Identity.MNC=01

Here is the wired part. I performed a pcap for GMS traffic. I only see downlink traffic no uplink traffic. In the downlink traffic I see the band indicator field says 1800 even though I have set this to 900MHz. Please see attached pcap.

no. 426 > GSM CCCH > SI 6 Rest Octets > Band Indicator = 1800

I remember seeing a bug that was posted a few years ago about the wrong frequency being broadcast. I'm not sure if this is related.

Is this expected? It would of course help if I got a working pcap as well. I would like to review a pcap on a working configuration.

Here are the commands to get a pcap.

Code: [Select]
telnet localhost 5038
mbts config Control.GSMTAP.GSM on
quit
connect phone
Code: [Select]
sudo tcpdump -i any udp port 4729 -w GSMtraffic.pcap


« Last Edit: May 22, 2019, 05:16:32 PM by nonce »

nonce

  • Newbie
  • *
  • Posts: 6
    • View Profile
Re: band indicator = 1800 even though frequency set to 900
« Reply #1 on: May 22, 2019, 05:16:05 PM »
I don't know if the attachment got removed but I see there is none. I have added it again.

After further testing I've found a bug related to the issue I am having. It's already been filed but doesn't effect operation of the cell tower.

I am able to see a strong signal from the cellphone at the correct uplink frequency using a SDR-RTL. For some reason I'm unable to read any packets received on the cell tower or see the cell name on the phone.

What logs can I look at to see if there is any signal received by the BladeRF from the phone?

nonce

  • Newbie
  • *
  • Posts: 6
    • View Profile
Re: band indicator = 1800 even though frequency set to 900
« Reply #2 on: May 23, 2019, 05:17:31 PM »
A small update to this. I think this is where my issue is

I'm getting this log line.

"RACH burst for unsupported service RA="

looking at the code (../Control/RadioResource.cpp) it seems to reference the cell tower receiving a bad frame from the phone. However a PCAP as I have done in the past doesn't show the frame so I have no idea what is wrong with it. Adding -v's to start yates doesn't seem to show any additional errors.

Is there a way to get more information on what is wrong with this incoming frame?