Hi,
I didn’t find anything useful yet. Everything seems normal during the IMSI attach procedure (location updating request, authentication request/response, identity request/response …), I can call and send SMS normally but the phone doesn’t get paged in any way. It seems strange that no differences can be seen during the IMSI attach procedure while some sim cards do not work.
On Mar 4, 2016, at 7:13 PM, Dennis Eisenbarth dennis.eisenbarth@gmail.com wrote:
GSM specs, it is.
On 04.03.2016 17:32, robert wrote:
I read about sim card types since it must be a sim card problem but I didn’t find anything useful.
On Mar 4, 2016, at 6:05 PM, Dennis Eisenbarth dennis.eisenbarth@gmail.com wrote:
A good start would be a look into the specifications.
On 04.03.2016 14:31, robert wrote:
Hi,
I tried two sim cards one that works fine and another one that doesn’t get paged, I noticed that during the location update procedure everything is exactly the same (using wireshark). The log files are also similar. Although both cards work fine if used in a normal phone (even with a motorola c123/118 …).
Another thing to mention is that some sim cards only work when i stick them on a BTS that has the "SI type 3, GPRS indicator" as follows: "3G Early Classmark Sending Restriction: Neither UTRAN, CDMA2000 nor GERAN IU MODE CLASSMARK CHANGE message shall be sent with the Early classmark sending" while they can only make calls without being able to receive anything on other BTS where the "SI type 3, GPRS indicator" is as follows: "3G Early Classmark Sending Restriction: The sending of UTRAN,CDMA2000 and GERAN IU MODE CLASSMARK CHANGE messages are controlled by the Early Classmark Sending Control parameter" I would be very grateful if anyone has some explanations to what is going on.
Best regards, Robert,
On Jan 26, 2016, at 6:30 PM, Tomcsányi Domonkos domi@tomcsanyi.net wrote:
Hi Robert,
I think it would help us out a lot if you could provide at least one complete log file from the output of the mobile app, so we can start having some ideas.
Cheers, Domi
- jan. 26. dátummal, 17:24 időpontban robert steve robert.steve07@gmail.com írta:
Hi, I would first like to thank all those who participated in this nice project. I recently started working with osmocombb and was able to have it working fine on a motorola c118. However, I noticed that some sim cards can connect normally to the BTS, can make calls and send SMS but can’t receive anything. They simply don't get paged. While for some other sim cards everything seems to be working fine.
Does anyone know what might be causing this issue ?
thanks, Robert
On Wed, Mar 9, 2016 at 2:52 PM, robert robert.steve07@gmail.com wrote:
Hi,
I didn’t find anything useful yet. Everything seems normal during the IMSI attach procedure (location updating request, authentication request/response, identity request/response …), I can call and send SMS normally but the phone doesn’t get paged in any way. It seems strange that no differences can be seen during the IMSI attach procedure while some sim cards do not work.
The specs says it's possible to have paging channels on other time slots than 0.
I've never seen it any network do that and really not sure why they would. But support for it is not implemented in osmocom-bb ...
Record the BCCH system infos messages and look for the CCCH description in them.
Cheers,
Sylvain
Hi,
Thanks for your response. It seems logical. I will look for the BCCH info and give some feedback.
Best regards, Robert,
On Mar 9, 2016, at 4:00 PM, Sylvain Munaut 246tnt@gmail.com wrote:
On Wed, Mar 9, 2016 at 2:52 PM, robert robert.steve07@gmail.com wrote:
Hi,
I didn’t find anything useful yet. Everything seems normal during the IMSI attach procedure (location updating request, authentication request/response, identity request/response …), I can call and send SMS normally but the phone doesn’t get paged in any way. It seems strange that no differences can be seen during the IMSI attach procedure while some sim cards do not work.
The specs says it's possible to have paging channels on other time slots than 0.
I've never seen it any network do that and really not sure why they would. But support for it is not implemented in osmocom-bb ...
Record the BCCH system infos messages and look for the CCCH description in them.
Cheers,
Sylvain
In system information type 3 I got the following info:
Control Channel Description 1 . . . . . . . = MSCR: MSC is Release ’99 onwards (1) . 1 . . . . . . = ATT: MSs in the cell shall apply IMSI attach and detach procedure (1) . . 00 1 . . . = BS_AG_BLKS_RES: 1 . . . . .110 = CCCH-CONF: 4 basic physical channels used for CCCH, not combined with SDCCCHs (6) . 00 . . . . . = CBQ3: IU mode not supported (0) . . . . . 110 = BS-PA-MFRMS: 6
This is the only info I got about CCCH description. I’m not sure if this is enough for telling that paging is done on other than timeslot 0.
Best regards, Robert,
On Mar 9, 2016, at 4:00 PM, Sylvain Munaut 246tnt@gmail.com wrote:
On Wed, Mar 9, 2016 at 2:52 PM, robert robert.steve07@gmail.com wrote:
Hi,
I didn’t find anything useful yet. Everything seems normal during the IMSI attach procedure (location updating request, authentication request/response, identity request/response …), I can call and send SMS normally but the phone doesn’t get paged in any way. It seems strange that no differences can be seen during the IMSI attach procedure while some sim cards do not work.
The specs says it's possible to have paging channels on other time slots than 0.
I've never seen it any network do that and really not sure why they would. But support for it is not implemented in osmocom-bb ...
Record the BCCH system infos messages and look for the CCCH description in them.
Cheers,
Sylvain
On Thu, Mar 10, 2016 at 11:37:42AM +0200, robert wrote:
This is the only info I got about CCCH description. I’m not sure if this is enough for telling that paging is done on other than timeslot 0.
why don't you record the messages via GSMTAP and post the BCCH information here? The BCCH is a public broadcast and does not contain any information related to privacy of subscribers, so it should be fine.
Hi,
the problem of sim cards not being paged is only for certain sim cards. It’s always the same sim cards that have the problem so most probably it’s not because of paging occurring on different time slots (unless if they are configured to work only on different time slots than 0 which doesn’t seem logical). Also it doesn’t seem related to sim card manufacturing date since I face the same problem with some old and new sim cards.
Best regards, Robert,
On Mar 9, 2016, at 4:00 PM, Sylvain Munaut 246tnt@gmail.com wrote:
On Wed, Mar 9, 2016 at 2:52 PM, robert robert.steve07@gmail.com wrote:
Hi,
I didn’t find anything useful yet. Everything seems normal during the IMSI attach procedure (location updating request, authentication request/response, identity request/response …), I can call and send SMS normally but the phone doesn’t get paged in any way. It seems strange that no differences can be seen during the IMSI attach procedure while some sim cards do not work.
The specs says it's possible to have paging channels on other time slots than 0.
I've never seen it any network do that and really not sure why they would. But support for it is not implemented in osmocom-bb ...
Record the BCCH system infos messages and look for the CCCH description in them.
Cheers,
Sylvain
Hi,
the problem of sim cards not being paged is only for certain sim cards. It’s always the same sim cards that have the problem so most probably it’s not because of paging occurring on different time slots (unless if they are configured to work only on different time slots than 0 which doesn’t seem logical). Also it doesn’t seem related to sim card manufacturing date since I face the same problem with some old and new sim cards.
Paging groups are a function of the IMSI of the sim card ... those that work could have a paging group mapped to TS=0 ... need all the SI and the IMSIs to know that.
Cheers,
Sylvain
So I should do some more research about paging groups.
Is there a way that I can monitor paging on the other time slots using some tools ?
Best regards, Robert,
On Mar 14, 2016, at 5:01 PM, Sylvain Munaut 246tnt@gmail.com wrote:
Hi,
the problem of sim cards not being paged is only for certain sim cards. It’s always the same sim cards that have the problem so most probably it’s not because of paging occurring on different time slots (unless if they are configured to work only on different time slots than 0 which doesn’t seem logical). Also it doesn’t seem related to sim card manufacturing date since I face the same problem with some old and new sim cards.
Paging groups are a function of the IMSI of the sim card ... those that work could have a paging group mapped to TS=0 ... need all the SI and the IMSIs to know that.
Cheers,
Sylvain
I’m thinking about modifying some code to have the phone listen to the paging group corresponding to my IMSI. Do you think it is doable or are there some hardware limitations that could prevent this ?
Best regards, Robert,
On Mar 14, 2016, at 5:01 PM, Sylvain Munaut 246tnt@gmail.com wrote:
Hi,
the problem of sim cards not being paged is only for certain sim cards. It’s always the same sim cards that have the problem so most probably it’s not because of paging occurring on different time slots (unless if they are configured to work only on different time slots than 0 which doesn’t seem logical). Also it doesn’t seem related to sim card manufacturing date since I face the same problem with some old and new sim cards.
Paging groups are a function of the IMSI of the sim card ... those that work could have a paging group mapped to TS=0 ... need all the SI and the IMSIs to know that.
Cheers,
Sylvain
On Wed, Mar 16, 2016 at 02:56:45PM +0200, robert wrote:
I’m thinking about modifying some code to have the phone listen to the paging group corresponding to my IMSI.
yes, that kind of modification would be a 'bug fix', and one that we'd like to receive.
Do you think it is doable or are there some hardware limitations that could prevent this ?
There certainly is no limitation in the hardware, if paging works with the original Motorola/Compal firmware.
As stated in an old discussion, the prim_rx_nb.c file should be modified to change the time slot number: "l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0);” however if i change it to another number (ex: 2,4,6), the phone will not be able to detect the BCCH signal of the BTS so it will not connect to the network. Am I changing the wrong parameter ?
Best regards, Robert,
On Mar 16, 2016, at 4:06 PM, Harald Welte laforge@gnumonks.org wrote:
On Wed, Mar 16, 2016 at 02:56:45PM +0200, robert wrote:
I’m thinking about modifying some code to have the phone listen to the paging group corresponding to my IMSI.
yes, that kind of modification would be a 'bug fix', and one that we'd like to receive.
Do you think it is doable or are there some hardware limitations that could prevent this ?
There certainly is no limitation in the hardware, if paging works with the original Motorola/Compal firmware.
--
- Harald Welte laforge@gnumonks.org http://laforge.gnumonks.org/
============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
Hi Robert,
On Wed, Mar 16, 2016 at 04:30:19PM +0200, robert wrote:
As stated in an old discussion, the prim_rx_nb.c file should be modified to change the time slot number: "l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0);” however if i change it to another number (ex: 2,4,6), the phone will not be able to detect the BCCH signal of the BTS so it will not connect to the network. Am I changing the wrong parameter ?
you should probably change it to the dynamically determined 'tn' instead of a hard-coded number. Please send a patch, if that seems to work for you.
I can’t figure out a way to dynamically set the time slot, I’m always getting errors during compilation. When I solve these errors I will give you some feedback about any progress.
Best regards, Robert,
On Mar 16, 2016, at 4:50 PM, Harald Welte laforge@gnumonks.org wrote:
Hi Robert,
On Wed, Mar 16, 2016 at 04:30:19PM +0200, robert wrote:
As stated in an old discussion, the prim_rx_nb.c file should be modified to change the time slot number: "l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0);” however if i change it to another number (ex: 2,4,6), the phone will not be able to detect the BCCH signal of the BTS so it will not connect to the network. Am I changing the wrong parameter ?
you should probably change it to the dynamically determined 'tn' instead of a hard-coded number. Please send a patch, if that seems to work for you.
--
- Harald Welte laforge@gnumonks.org http://laforge.gnumonks.org/
============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
Hi robert,
On Mon, Mar 21, 2016 at 11:43:20AM +0200, robert wrote:
I can’t figure out a way to dynamically set the time slot, I’m always getting errors during compilation. When I solve these errors I will give you some feedback about any progress.
Feel free to post your patches + error messages here.
The below patch doens't work for you?
diff --git a/src/target/firmware/layer1/prim_rx_nb.c b/src/target/firmware/layer1/prim_rx_nb.c index 38c7b53..d186bff 100644 --- a/src/target/firmware/layer1/prim_rx_nb.c +++ b/src/target/firmware/layer1/prim_rx_nb.c @@ -204,7 +204,7 @@ static int l1s_nb_cmd(__unused uint8_t p1, uint8_t burst_id, burst_id, tsc );
- l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0); + l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, tn);
return 0; }
Hi Harald,
The patch that you provided does’t give any error, but is it enough to choose the right time slot? Shouldn’t I use another variable instead of ’tn’ so that I can set the time slot related to the paging group?
Best regards, Robert,
On Mar 21, 2016, at 11:52 AM, Harald Welte laforge@gnumonks.org wrote:
Hi robert,
On Mon, Mar 21, 2016 at 11:43:20AM +0200, robert wrote:
I can’t figure out a way to dynamically set the time slot, I’m always getting errors during compilation. When I solve these errors I will give you some feedback about any progress.
Feel free to post your patches + error messages here.
The below patch doens't work for you?
diff --git a/src/target/firmware/layer1/prim_rx_nb.c b/src/target/firmware/layer1/prim_rx_nb.c index 38c7b53..d186bff 100644 --- a/src/target/firmware/layer1/prim_rx_nb.c +++ b/src/target/firmware/layer1/prim_rx_nb.c @@ -204,7 +204,7 @@ static int l1s_nb_cmd(__unused uint8_t p1, uint8_t burst_id, burst_id, tsc );
- l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0);
l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, tn);
return 0;
}
- Harald Welte laforge@gnumonks.org http://laforge.gnumonks.org/
============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
Hi,
when using the patch, the phone was not able to connect to any BTS. I think the time slot number should be kept 0 but only changed when the phone is listening to the paging channel.
Best regards, Robert,
On Mar 21, 2016, at 11:52 AM, Harald Welte laforge@gnumonks.org wrote:
Hi robert,
On Mon, Mar 21, 2016 at 11:43:20AM +0200, robert wrote:
I can’t figure out a way to dynamically set the time slot, I’m always getting errors during compilation. When I solve these errors I will give you some feedback about any progress.
Feel free to post your patches + error messages here.
The below patch doens't work for you?
diff --git a/src/target/firmware/layer1/prim_rx_nb.c b/src/target/firmware/layer1/prim_rx_nb.c index 38c7b53..d186bff 100644 --- a/src/target/firmware/layer1/prim_rx_nb.c +++ b/src/target/firmware/layer1/prim_rx_nb.c @@ -204,7 +204,7 @@ static int l1s_nb_cmd(__unused uint8_t p1, uint8_t burst_id, burst_id, tsc );
- l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0);
l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, tn);
return 0;
}
- Harald Welte laforge@gnumonks.org http://laforge.gnumonks.org/
============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
Hi,
Is it possible to have two or more timeslots receiving at the same time. It is necessary to have timeslot 0 at all time and another timeslot for paging.
Best regards,
On Mar 21, 2016, at 11:52 AM, Harald Welte laforge@gnumonks.org wrote:
Hi robert,
On Mon, Mar 21, 2016 at 11:43:20AM +0200, robert wrote:
I can’t figure out a way to dynamically set the time slot, I’m always getting errors during compilation. When I solve these errors I will give you some feedback about any progress.
Feel free to post your patches + error messages here.
The below patch doens't work for you?
diff --git a/src/target/firmware/layer1/prim_rx_nb.c b/src/target/firmware/layer1/prim_rx_nb.c index 38c7b53..d186bff 100644 --- a/src/target/firmware/layer1/prim_rx_nb.c +++ b/src/target/firmware/layer1/prim_rx_nb.c @@ -204,7 +204,7 @@ static int l1s_nb_cmd(__unused uint8_t p1, uint8_t burst_id, burst_id, tsc );
- l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, 0);
l1s_rx_win_ctrl(arfcn, L1_RXWIN_NB, tn);
return 0;
}
- Harald Welte laforge@gnumonks.org http://laforge.gnumonks.org/
============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
Hi,
Is it possible to have two or more timeslots receiving at the same time. It is necessary to have timeslot 0 at all time and another timeslot for paging.
Can the hw do it : yes
Can the software do it : no. Is it really necessary: no it's not. For each frame you'll need either ts0 or tsX but not both at once in the same frame.
Cheers,
Sylvain
Hi Sylvain,
Thanks for explaining. I couldn’t find a way to decide which ts to choose so I thought about having multiple ts at the same time. So I understand that I should stick with only one ts.
Best regards,
On Oct 25, 2016, at 11:35 AM, Sylvain Munaut 246tnt@gmail.com wrote:
Hi,
Is it possible to have two or more timeslots receiving at the same time. It is necessary to have timeslot 0 at all time and another timeslot for paging.
Can the hw do it : yes
Can the software do it : no. Is it really necessary: no it's not. For each frame you'll need either ts0 or tsX but not both at once in the same frame.
Cheers,
Sylvain
Thanks for explaining. I couldn’t find a way to decide which ts to choose so I thought about having multiple ts at the same time. So I understand that I should stick with only one ts.
Which TS to listen on for paging message will be dependent on the paging group your sim card is in. It's a formula that's based on your IMSI and the cell configuration. It's described somewhere in the spec, GSM 04.08 should have at least reference to it if you search for "paging group".
Curently we don't support configs that have a CCCH on any other ts than 0.
Cheers,
Sylvain
Hi,
On Oct 26, 2016, at 8:10 AM, Sylvain Munaut 246tnt@gmail.com wrote:
Thanks for explaining. I couldn’t find a way to decide which ts to choose so I thought about having multiple ts at the same time. So I understand that I should stick with only one ts.
Which TS to listen on for paging message will be dependent on the paging group your sim card is in. It's a formula that's based on your IMSI and the cell configuration. It's described somewhere in the spec, GSM 04.08 should have at least reference to it if you search for "paging group”.
Yes I understand, my problem is in modifying the osmocombb code so that it listens to other TS. I have tried to change the code to make it work but with no success. I only need some instructions on where to start and what should be done.
Best regards,
As far as I remember the calypso-trx code was capable of receiving multiple timeslots, maybe check out that code (jolly/trx if I'm right) and watch Sylvain's talk about it. https://youtu.be/B1od4x9L3t4
Cheers, Domi
2016. okt. 26. dátummal, 8:40 időpontban robert robert.steve07@gmail.com írta:
Hi,
On Oct 26, 2016, at 8:10 AM, Sylvain Munaut 246tnt@gmail.com wrote:
Thanks for explaining. I couldn’t find a way to decide which ts to choose so I thought about having multiple ts at the same time. So I understand that I should stick with only one ts.
Which TS to listen on for paging message will be dependent on the paging group your sim card is in. It's a formula that's based on your IMSI and the cell configuration. It's described somewhere in the spec, GSM 04.08 should have at least reference to it if you search for "paging group”.
Yes I understand, my problem is in modifying the osmocombb code so that it listens to other TS. I have tried to change the code to make it work but with no success. I only need some instructions on where to start and what should be done.
Best regards,
On Wed, Oct 26, 2016 at 9:07 AM, Tomcsányi, Domonkos domi@tomcsanyi.net wrote:
As far as I remember the calypso-trx code was capable of receiving multiple timeslots, maybe check out that code (jolly/trx if I'm right) and watch Sylvain's talk about it. https://youtu.be/B1od4x9L3t4
That's only to act as a BTS. This screws with the DSP code and breaks all normal phone code function. You loose all the channel coding/decoding with this and have to do all that on the host.
Cheers,
Sylvain
baseband-devel@lists.osmocom.org
-
Harald Welte -
robert -
Sylvain Munaut -
Tomcsányi, Domonkos