From johann.tzt at gmail.com Thu Apr 30 12:52:18 2020 From: johann.tzt at gmail.com (Johann T.) Date: Thu, 30 Apr 2020 14:52:18 +0200 Subject: Thuraya ARFCN Message-ID: Dear all, In the past weeks, I have been playing with the Osmocom GMR code. The code has been successfully compiled and installed. My intention is to listen to the broadcast channel of Thuraya in the Netherlands. There are two spotbeams for NL namely 288 and 289. As I am located at the border of the two beams, I have tried both options. So far I couldn't see anything decoded in Wireshark. I noted that the translation of ARFCN to frequency is slightly different in the formula by Driessen (Practical cryptanalysis of the real world systems) and in the ETSI standard (TS 101 376-5-5). There is a shift of half of the channel bandwidth (31.25 kHz). For your information, I am using Ubuntu 16.04, USRP B210, a wideband antenna and LNA with about 20 dBi gain on L-band. As mentioned by Sylvain in the mailing list, the gmr_multi_rx.py is obsolete. I am using the gmr1_rx_sdr.py for my tests. I ran the following commands (one each time) and with Wireshark listening to lo interface while applying the gmr1.bcch filter. Is this the right approach as I don't see anything show up so far? Did I overlook something here? Spotbeam 289 (ARFCN 1007) ./gmr1_rx_sdr.py -s 10000000 -B L -f 1556484375 -a 1007 -g 45 (Driessen) ./gmr1_rx_sdr.py -s 10000000 -B L -f 1556468750 -a 1007 -g 45 (ETSI) Spotbeam 288 (ARFCN 267) ./gmr1_rx_sdr.py -s 10000000 -B L -f 1533359375 -a 267 -g 45 (Driessen) ./gmr1_rx_sdr.py -s 10000000 -B L -f 1533343750 -a 267 -g 45 (ETSI) Comments or suggestions are much appreciated. Many thanks in advance. Best regards, Johann -------------- next part -------------- An HTML attachment was scrubbed... URL: From 246tnt at gmail.com Thu Apr 30 16:53:17 2020 From: 246tnt at gmail.com (Sylvain Munaut) Date: Thu, 30 Apr 2020 18:53:17 +0200 Subject: Thuraya ARFCN In-Reply-To: References: Message-ID: Hi Johann, So, first wrt to different formula, the spec is definitely right ... (I mean it's the spec ...). However they are narrow channels and if your B210 is not GPS disciplined, its oscillator could be out quite a bit. It's default xtal is only rated to +- 20ppm and that's a 30 kHz error at 1.5 GHz ... so you can be off by a full channel just with that. Second, the frequency you give to gmr1_rx_sdr.py is where to tune. In reality you want to tune not to the channel directly but a bit to the side so that the DC offset and 1/f noise at the center of the capture don't mess up the data. The script will automatically filter and recenter the proper frequency depending on the -a argument you passed to it. Finally that python script only does the sample and channelization, and saves to a cfile in /tmp it doesn't do any of the decoding at all. For that you need to also run gmr1_rx binary ( or gmr1_rx_live , see the live branch ) on the recording. And it's that one that will take the raw samples do all the demod and decoding of the channels and send the data to wireshark. Cheers, Sylvain