Learning Huawei’s flavour of MML – Man Machine Language for the BTS 3900 series Macro Base Stations.
All the gear I’ve got so far for my DIY RAN Project requires -48vDC to power it up. Back to online auction websites and preso I’ve ended up with an Eltek MPSU3000, from the mid 2000s. The fellow I bought it from was even nice enough to throw a binder full of printed documentation, which […]
Picking and validating antenna selection for the new RAN project in my lab.
Using a NanoVNA to analyse antenna performance for SDR driven Base Stations for GSM / LTE.
A look at the Handover process between Cells / BTSs in GSM using the Osmocom stack.
When setting up the timeslots on the TRX for each BTS on your BSC, you’ll notice you have to set a channel type. So what do these acronyms mean, and how do they affect the performance of the network? GSM channels break down into one of to categories, control channels – used for signalling, and […]
So far we’ve focused on building a plain “2G” (voice and SMS only) network, which was all consumers expected twenty years ago. As the number of users accessing the internet through DSL, Dial Up & ISDN grew, the idea of getting this data “on the go” became more appealing. TCP/IP was becoming the dominant standard […]
Learning a very dumb lesson in antenna selection.
So now we’ve covered the basics of what’s involved let’s get some traffic on our network. For starters we’ll need to start each of our network elements and bring up whichever BTS hardware we’re using. In order for our calls to have audio, we’ll need to set a parameter on the Media Gateway. We’ll cover […]
Quick look at cheap “Magic SIM Cards”, what they do, how they do it, and the amazing graphics they use.
Configuring YateBTS NIPC with a BladeRF Software Defined Radio
Setting up YateBTS GSM BTS in Ubuntu 18.04
Accessing the Field Testing suite on an iOS Device
Exploring the how and why of Authentication in LTE & NR networks.
Note: NextEPC the Open Source project rebranded as Open5Gs in 2019 due to a naming issue. The remaining software called NextEPC is a branch of an old version of Open5Gs. This post was written before the rebranding. I’ve been working for some time on Private LTE networks, the packet core I’m using is NextEPC, it’s […]
I recently started working on an issue that I’d seen was to do with the HSS response to the MME on an Update Location Answer. I took some Wireshark traces of a connection from the MME to the HSS, and compared that to a trace from a different HSS. (Amarisoft EPC/HSS) The Update Location Answer […]
The packet structure of Diameter
A primer to the Diameter protocol and it’s usage.
ARP in LTE is not the Ethernet standard for address resolution, but rather the Allocation and Retention Policy. A scenario may arise where on a congested cell another bearer is requested to be setup. The P-GW, S-GW or eNB have to make a decision to either drop an existing bearer, or to refuse the request […]
MBR stands for Maximum Bit Rate, and it defines the maximum rate traffic can flow between a UE and the network. It can be defined on several levels: MBR per Bearer This is the maximum bit rate per bearer, this rate can be exceeded but if it is exceeded it’s QoS (QCI) values for the […]