Hello,
I am using a nanoBTS 139.
After accepting a call between to cell phones I hear nothing. The connection is up but you are not able to hear each other.
Attached are the debug output from bsc_hack and the pcap file.
Any idea? Thanks.
Regards Konrad
DB: Database initialized. DB: Database prepared. <0005> bsc_init.c:626 bootstrapping OML for BTS 0 <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS NSE(f0) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS CELL(f1) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS NSVC(f2) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS NSVC(f2) INST=(00,01,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) Software Activated Report <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) Sending OPSTART <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=GPRS NSE(f0) INST=(00,ff,ff) SW Activate Request: NACKing for GPRS obj_class 0xf0 <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Enabled <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) Sending OPSTART <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) Software Activated Report <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1791 Set BTS Attr (bts=0) <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) Sending OPSTART <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 31 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 31 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 31 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 31 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) Software Activated Report <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) Sending OPSTART <0005> abis_nm.c:2862 ip.access RSL CONNECT IP=0.0.0.0 PORT=3003 STREAM=0x00 <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=0) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=1) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=2) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=3) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=4) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=5) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=6) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=7) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) Sending OPSTART <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) Software Activated Report <0005> abis_nm.c:1808 Set TRX Attr (bts=0,trx=0) <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) Sending OPSTART <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) IPACCESS(0xe1): RSL CONNECT ACK IP=132.230.4.62 PORT=3003 STREAM=0x00 <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Enabled AVAIL=Off line(03) ADM=Unlocked <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0004> bsc_init.c:761 bootstrapping RSL for BTS/TRX (0/0) on ARFCN 514 using MCC=1 MNC=1 LAC=1 CID=0 BSIC=63 TSC=7 <0003> bsc_init.c:689 SI 1: 55 06 19 8f 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e5 04 00 2b <0003> bsc_init.c:689 SI 2: 59 06 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff e5 04 00 <0003> bsc_init.c:689 SI 3: 49 06 1b 00 00 00 f1 10 00 01 41 03 00 22 47 00 e5 04 00 3b 2b 2b 2b <0003> bsc_init.c:689 SI 4: 31 06 1c 00 f1 10 00 01 47 00 e5 04 00 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b <0003> bsc_init.c:706 SI 5: 49 06 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <0003> bsc_init.c:713 SI 6: 2d 06 1e 00 00 00 f1 10 00 01 22 ff <0004> abis_rsl.c:1355 (bts=0,trx=0,ts=2,ss=0) Activating ARFCN(514) SS(0) lctype TCH/F r=OTHER ra=0xf7 <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=2,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 ESTABLISH INDICATION <0002> gsm_04_08.c:1257 <- CM SERVICE REQUEST serv_type=0x01 mi_type=0x04 M(1399609160) <0002> gsm_04_08.c:1208 -> CM SERVICE ACK <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 2 pd 05) Sending 0x21 to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08.c:1467 CLASSMARK CHANGE CM2(len=3) CM3(len=2) <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 2 ti 8 sub 24039) Received 'SETUP' from MS in state 0 (NULL) <0001> gsm_04_08.c:3466 Unknown transaction ID 8, creating new trans. <0001> transaction.c:69 subscr=0xed3d40, subscr->net=0xe5b940 <0001> gsm_04_08.c:1655 new state NULL -> INITIATED <0001> gsm_04_08.c:2155 Subscriber 262021514126885 (24039) sends SETUP to 44399 <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 2 ti 8 sub 24039) Sending 'MNCC_SETUP_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 24039) Received 'MNCC_LCHAN_MODIFY' from MNCC in state 1 (INITIATED) <0003> gsm_04_08_utils.c:621 -> CHANNEL MODE MODIFY mode=0x21 <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 2 pd 06) Sending 0x10 to MS. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 24039) Received 'MNCC_CALL_PROC_REQ' from MNCC in state 1 (INITIATED) <0001> gsm_04_08.c:1655 new state INITIATED -> MO_CALL_PROC <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'CALL_PROC' to MS. <0001> transaction.c:69 subscr=0xed6310, subscr->net=0xe5b940 <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08_utils.c:671 CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1631 (bts=0,trx=0,ts=2,ss=0) IPAC_BIND speech_mode=0x11 <0004> abis_rsl.c:1186 (bts=0,trx=0,ts=2,ss=0) CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1814 (bts=0,trx=0,ts=2,ss=0) IPAC_CRCX_NACK
<0004> abis_rsl.c:1355 (bts=0,trx=0,ts=3,ss=0) Activating ARFCN(514) SS(0) lctype TCH/F r=PAGING ra=0x25 <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=3,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 <0000> abis_rsl.c:1435 (bts=0,trx=0,ts=3,ss=0) ERROR INDICATION cause=Timer T200 expired (N200+1) times <0004> abis_rsl.c:764 (bts=0,trx=0,ts=3,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=3,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=3,ss=0) CHAN REL ACK but state ACTIVE <0004> abis_rsl.c:1355 (bts=0,trx=0,ts=3,ss=0) Activating ARFCN(514) SS(0) lctype TCH/F r=PAGING ra=0x21 <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=3,ss=0) CHANNEL ACTIVATE ACK <0004> abis_rsl.c:1257 (bts=0,trx=0) CCCH/ACCH/CPU Overload <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 ESTABLISH INDICATION <0003> gsm_04_08.c:1614 Unimplemented GSM 04.08 RR msg type 0xa7 <0004> abis_rsl.c:1355 (bts=0,trx=0,ts=4,ss=0) Activating ARFCN(514) SS(0) lctype TCH/F r=PAGING ra=0x2c <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=4,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 ESTABLISH INDICATION <0003> gsm_04_08.c:1431 PAGING RESPONSE: mi_type=0x04 MI(1991754318) <0003> gsm_04_08.c:1449 <- Channel was requested by 262015548085124 <0001> gsm_04_08.c:1797 Paging subscr 44399 succeeded! <0001> gsm_04_08.c:2078 starting timer T303 with 30 seconds <0001> gsm_04_08.c:1655 new state NULL -> CALL_PRESENT <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 4 ti 00) Sending 'SETUP' to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08.c:1467 CLASSMARK CHANGE CM2(len=3) CM3(len=2) <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 4 ti 0 sub 44399) Received 'CALL_CONF' from MS in state 6 (CALL_PRESENT) <0001> gsm_04_08.c:1696 stopping pending timer T303 <0001> gsm_04_08.c:2078 starting timer T310 with 180 seconds <0001> gsm_04_08.c:1655 new state CALL_PRESENT -> MO_TERM_CALL_CONF <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 4 ti 0 sub 44399) Sending 'MNCC_CALL_CONF_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 4 ti 00 sub 44399) Received 'MNCC_LCHAN_MODIFY' from MNCC in state 9 (MO_TERM_CALL_CONF) <0003> gsm_04_08_utils.c:621 -> CHANNEL MODE MODIFY mode=0x21 <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 4 pd 06) Sending 0x10 to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08_utils.c:671 CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1631 (bts=0,trx=0,ts=4,ss=0) IPAC_BIND speech_mode=0x11 <0004> abis_rsl.c:1186 (bts=0,trx=0,ts=4,ss=0) CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1814 (bts=0,trx=0,ts=4,ss=0) IPAC_CRCX_NACK
<0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 4 ti 0 sub 44399) Received 'ALERTING' from MS in state 9 (MO_TERM_CALL_CONF) <0001> gsm_04_08.c:1696 stopping pending timer T310 <0001> gsm_04_08.c:2078 starting timer T301 with 180 seconds <0001> gsm_04_08.c:1655 new state MO_TERM_CALL_CONF -> CALL_RECEIVED <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 4 ti 0 sub 44399) Sending 'MNCC_ALERT_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 24039) Received 'MNCC_ALERT_REQ' from MNCC in state 3 (MO_CALL_PROC) <0001> gsm_04_08.c:1655 new state MO_CALL_PROC -> CALL_DELIVERED <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'ALERTING' to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 4 ti 0 sub 44399) Received 'CONNECT' from MS in state 7 (CALL_RECEIVED) <0001> gsm_04_08.c:1696 stopping pending timer T301 <0001> gsm_04_08.c:1655 new state CALL_RECEIVED -> CONNECT_REQUEST <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 4 ti 0 sub 44399) Sending 'MNCC_SETUP_CNF' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 4 ti 00 sub 44399) Received 'MNCC_SETUP_COMPL_REQ' from MNCC in state 8 (CONNECT_REQUEST) <0001> gsm_04_08.c:1655 new state CONNECT_REQUEST -> ACTIVE <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 4 ti 00) Sending 'CONNECT_ACK' to MS. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 24039) Received 'MNCC_SETUP_RSP' from MNCC in state 4 (CALL_DELIVERED) <0001> gsm_04_08.c:2078 starting timer T313 with 30 seconds <0001> gsm_04_08.c:1655 new state CALL_DELIVERED -> CONNECT_IND <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'CONNECT' to MS. <0001> gsm_04_08.c:1866 Setting up TCH map between (bts=0,trx=0,ts=4) and (bts=0,trx=0,ts=2) <0004> abis_rsl.c:1662 (bts=0,trx=0,ts=4,ss=0) IPAC_MDCX IP=0.0.0.0 PORT=0 RTP_PAYLOAD2=0 CONN_ID=0 speech_mode=0x01 <0004> abis_rsl.c:1662 (bts=0,trx=0,ts=2,ss=0) IPAC_MDCX IP=0.0.0.0 PORT=0 RTP_PAYLOAD2=0 CONN_ID=0 speech_mode=0x01 <0004> abis_rsl.c:1824 (bts=0,trx=0,ts=4,ss=0) IPAC_MDCX_NACK
<0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 2 ti 8 sub 24039) Received 'CONNECT_ACK' from MS in state 28 (CONNECT_IND) <0001> gsm_04_08.c:1696 stopping pending timer T313 <0001> gsm_04_08.c:1655 new state CONNECT_IND -> ACTIVE <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 2 ti 8 sub 24039) Sending 'MNCC_SETUP_COMPL_IND' to MNCC. <0004> abis_rsl.c:1824 (bts=0,trx=0,ts=2,ss=0) IPAC_MDCX_NACK
<0004> abis_rsl.c:996 (bts=0,trx=0,ts=3,ss=0) CONNECTION FAIL: RELEASING CAUSE=0x01(Radio Link Failure) <0004> abis_rsl.c:764 (bts=0,trx=0,ts=3,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=3,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=3,ss=0) CHAN REL ACK but state ACTIVE <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 RELEASE INDICATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=3,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=3,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=3,ss=0) CHAN REL ACK but state NONE <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 4 ti 0 sub 44399) Received 'DISCONNECT' from MS in state 10 (ACTIVE) <0001> gsm_04_08.c:1655 new state ACTIVE -> DISCONNECT_IND <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 4 ti 0 sub 44399) Sending 'MNCC_DISC_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 4 ti 00 sub 44399) Received 'MNCC_REL_REQ' from MNCC in state 12 (DISCONNECT_IND) <0001> gsm_04_08.c:2078 starting timer T308 with 10 seconds <0001> gsm_04_08.c:1655 new state DISCONNECT_IND -> RELEASE_REQ <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 4 ti 00) Sending 'RELEASE' to MS. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 24039) Received 'MNCC_DISC_REQ' from MNCC in state 10 (ACTIVE) <0001> gsm_04_08.c:2078 starting timer T306 with 30 seconds <0001> gsm_04_08.c:1655 new state ACTIVE -> DISCONNECT_IND <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'DISCONNECT' to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 2 ti 8 sub 24039) Received 'RELEASE' from MS in state 12 (DISCONNECT_IND) <0001> gsm_04_08.c:1696 stopping pending timer T306 <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'RELEASE_COMPL' to MS. <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 2 ti 8 sub 24039) Sending 'MNCC_REL_IND' to MNCC. <0001> gsm_04_08.c:1655 new state DISCONNECT_IND -> NULL <0001> gsm_04_08.c:3254 (bts - trx - ts - ti -- sub ) Received 'MNCC_REL_REQ' from MNCC with unknown callref 1 <0001> gsm_04_08.c:1723 (bts - trx - ts - ti -- sub -) Sending 'MNCC_REL_IND' to MNCC. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 4 ti 0 sub 44399) Received 'RELEASE_COMPL' from MS in state 19 (RELEASE_REQ) <0001> gsm_04_08.c:1696 stopping pending timer T308 <0001> gsm_04_08.c:1655 new state RELEASE_REQ -> NULL <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=4,ss=0) SAPI=0 RELEASE INDICATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=4,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=4,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=4,ss=0) CHAN REL ACK but state ACTIVE <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 RELEASE INDICATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=2,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=2,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=2,ss=0) CHAN REL ACK but state ACTIVE ^Csignal 2 received <0005> bsc_init.c:642 shutting down OML for BTS 0
On Thursday 25 February 2010 18:40:50 Konrad Meier wrote:
<0004> abis_rsl.c:1631 (bts=0,trx=0,ts=4,ss=0) IPAC_BIND speech_mode=0x11 <0004> abis_rsl.c:1186 (bts=0,trx=0,ts=4,ss=0) CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1814 (bts=0,trx=0,ts=4,ss=0) IPAC_CRCX_NACK
NACK is not good. We try to ask the nanoBTS to allocate an audio endpoint for "receive only" and EFR. And your BTS is saying NO!
On Thursday 25 February 2010 18:40:50 Konrad Meier wrote:
After accepting a call between to cell phones I hear nothing. The connection is up but you are not able to hear each other.
Attached are the debug output from bsc_hack and the pcap file.
Hi, one more thing. For the nanoBTS it is better to just use tcpdump to dump the information. The current PCAP code in bsc_hack only works properly for the bs11... and I would love to remove it once someone is confirming that the mISDNtools can capture this information too.
Hi,
You need one of the patch that's in my pending branch. The "ipaccess: Send RTP Payload IE for CRCX & MDCX" patch to be exact.
Try sylvain/pending branch and it should work. Basically the RTP Payload IE is required.
Sylvain
Sylvain Munaut schrieb:
Hi,
You need one of the patch that's in my pending branch. The "ipaccess: Send RTP Payload IE for CRCX & MDCX" patch to be exact.
Try sylvain/pending branch and it should work. Basically the RTP Payload IE is required.
Sylvain
Hi Sylvain,
I tried you branch code. After initializing the nanoBTS the bsc_hack crashed with the following output:
DB: Database initialized. DB: Database prepared. <000d> input/ipaccess.c:504 accept()ed new OML link from 132.230.8.239 <0005> bsc_init.c:626 bootstrapping OML for BTS 0 <000d> input/ipaccess.c:562 accept()ed new RSL link from 132.230.8.239 <0004> bsc_init.c:761 bootstrapping RSL for BTS/TRX (0/0) on ARFCN 514 using MCC=1 MNC=1 LAC=1 CID=0 BSIC=63 TSC=7 *** stack smashing detected ***: ./bsc_hack terminated ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0x211ed8] /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0x211e90] ./bsc_hack[0x804b8af] ./bsc_hack[0x806d77b] ./bsc_hack[0x8070629] ./bsc_hack[0x806a275] ./bsc_hack[0x804a6ce] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0x147b56] ./bsc_hack[0x804a2a1] ======= Memory map: ======== 00110000-00125000 r-xp 00000000 08:05 864987 /lib/tls/i686/cmov/libpthread-2.10.1.so 00125000-00126000 r--p 00014000 08:05 864987 /lib/tls/i686/cmov/libpthread-2.10.1.so 00126000-00127000 rw-p 00015000 08:05 864987 /lib/tls/i686/cmov/libpthread-2.10.1.so 00127000-00129000 rw-p 00000000 00:00 0 00131000-0026f000 r-xp 00000000 08:05 864973 /lib/tls/i686/cmov/libc-2.10.1.so 0026f000-00270000 ---p 0013e000 08:05 864973 /lib/tls/i686/cmov/libc-2.10.1.so 00270000-00272000 r--p 0013e000 08:05 864973 /lib/tls/i686/cmov/libc-2.10.1.so 00272000-00273000 rw-p 00140000 08:05 864973 /lib/tls/i686/cmov/libc-2.10.1.so 00273000-00276000 rw-p 00000000 00:00 0 00276000-002fc000 r-xp 00000000 08:05 841133 /usr/lib/libsqlite3.so.0.8.6 002fc000-002fd000 r--p 00086000 08:05 841133 /usr/lib/libsqlite3.so.0.8.6 002fd000-002fe000 rw-p 00087000 08:05 841133 /usr/lib/libsqlite3.so.0.8.6 00359000-0037d000 r-xp 00000000 08:05 864977 /lib/tls/i686/cmov/libm-2.10.1.so 0037d000-0037e000 r--p 00023000 08:05 864977 /lib/tls/i686/cmov/libm-2.10.1.so 0037e000-0037f000 rw-p 00024000 08:05 864977 /lib/tls/i686/cmov/libm-2.10.1.so 00709000-00712000 r-xp 00000000 08:05 864975 /lib/tls/i686/cmov/libcrypt-2.10.1.so 00712000-00713000 r--p 00008000 08:05 864975 /lib/tls/i686/cmov/libcrypt-2.10.1.so 00713000-00714000 rw-p 00009000 08:05 864975 /lib/tls/i686/cmov/libcrypt-2.10.1.so 00714000-0073b000 rw-p 00000000 00:00 0 007bf000-007c1000 r-xp 00000000 08:05 864976 /lib/tls/i686/cmov/libdl-2.10.1.so 007c1000-007c2000 r--p 00001000 08:05 864976 /lib/tls/i686/cmov/libdl-2.10.1.so 007c2000-007c3000 rw-p 00002000 08:05 864976 /lib/tls/i686/cmov/libdl-2.10.1.so 008ce000-008e9000 r-xp 00000000 08:05 187717 /lib/ld-2.10.1.so 008e9000-008ea000 r--p 0001a000 08:05 187717 /lib/ld-2.10.1.so 008ea000-008eb000 rw-p 0001b000 08:05 187717 /lib/ld-2.10.1.so 00989000-0098e000 r-xp 00000000 08:05 3394967 /usr/lib/dbd/libdbdsqlite3.so 0098e000-0098f000 r--p 00004000 08:05 3394967 /usr/lib/dbd/libdbdsqlite3.so 0098f000-00990000 rw-p 00005000 08:05 3394967 /usr/lib/dbd/libdbdsqlite3.so 00b9e000-00bba000 r-xp 00000000 08:05 191751 /lib/libgcc_s.so.1 00bba000-00bbb000 r--p 0001b000 08:05 191751 /lib/libgcc_s.so.1 00bbb000-00bbc000 rw-p 0001c000 08:05 191751 /lib/libgcc_s.so.1 00ec1000-00ecc000 r-xp 00000000 08:05 1103345 /usr/lib/libdbi.so.0.0.5 00ecc000-00ecd000 rw-p 0000a000 08:05 1103345 /usr/lib/libdbi.so.0.0.5 00ee2000-00ee3000 r-xp 00000000 00:00 0 [vdso] 08048000-08091000 r-xp 00000000 08:05 1518261 /home/konrad/openbsc/openbsc/src/bsc_hack 08091000-08092000 r--p 00048000 08:05 1518261 /home/konrad/openbsc/openbsc/src/bsc_hack 08092000-08095000 rw-p 00049000 08:05 1518261 /home/konrad/openbsc/openbsc/src/bsc_hack 08095000-08099000 rw-p 00000000 00:00 0 08817000-0889f000 rw-p 00000000 00:00 0 [heap] b6fdd000-b6fde000 ---p 00000000 00:00 0 b6fde000-b77e0000 rw-p 00000000 00:00 0 b77fd000-b7800000 rw-p 00000000 00:00 0 bfe1b000-bfe30000 rw-p 00000000 00:00 0 [stack] signal 6 received talloc report on 'vty' (total 26794 bytes in 2351 blocks) save_cwd contains 33 bytes in 1 blocks (ref 0) 0x8836b00 vty_command contains 15081 bytes in 1180 blocks (ref 0) 0x8836ac8 vty_vector contains 11680 bytes in 1169 blocks (ref 0) 0x8836a90 full talloc report on 'openbsc' (total 137802 bytes in 62 blocks) struct e1inp_line contains 45208 bytes in 1 blocks (ref 0) 0x88733a8 struct ia_e1_handle contains 60 bytes in 1 blocks (ref 0) 0x885c588 telnet_connection contains 1 bytes in 1 blocks (ref 0) 0x881b048 struct gsm_network contains 85112 bytes in 5 blocks (ref 0) 0x881af20 struct gsm_bts contains 84856 bytes in 2 blocks (ref 0) 0x885cc08 struct gsm_bts_trx contains 82348 bytes in 1 blocks (ref 0) 0x885d608 OpenBSC contains 8 bytes in 1 blocks (ref 0) 0x881e060 OpenBSC contains 8 bytes in 1 blocks (ref 0) 0x881f2c0 counter contains 500 bytes in 26 blocks (ref 0) 0x8817568 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881f278 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881f230 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881f1e8 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881f1a0 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d8b8 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d870 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d828 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d7e0 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d798 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d750 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881d708 struct counter contains 20 bytes in 1 blocks (ref 0) 0x8819980 struct counter contains 20 bytes in 1 blocks (ref 0) 0x8819938 struct counter contains 20 bytes in 1 blocks (ref 0) 0x88198f0 struct counter contains 20 bytes in 1 blocks (ref 0) 0x88198a8 struct counter contains 20 bytes in 1 blocks (ref 0) 0x8819860 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881aa40 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881a9f8 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881a9b0 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881a968 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881a920 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881b0f8 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881b0b0 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881e0a0 struct counter contains 20 bytes in 1 blocks (ref 0) 0x881e5d8 trau_upq_entry contains 0 bytes in 1 blocks (ref 0) 0x8817530 trau_map_entry contains 0 bytes in 1 blocks (ref 0) 0x88174f8 transaction contains 0 bytes in 1 blocks (ref 0) 0x88174c0 subch_txq_entry contains 0 bytes in 1 blocks (ref 0) 0x8817488 signal_handler contains 140 bytes in 8 blocks (ref 0) 0x8817450 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x885cb50 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x88565b8 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x88176c0 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x8817678 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x8817630 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x88175e8 struct signal_handler contains 20 bytes in 1 blocks (ref 0) 0x88175a0 paging_request contains 0 bytes in 1 blocks (ref 0) 0x8817418 gsm_call contains 0 bytes in 1 blocks (ref 0) 0x88173e0 subscr_request contains 0 bytes in 1 blocks (ref 0) 0x88173a8 subscriber contains 0 bytes in 1 blocks (ref 0) 0x8817370 sms contains 0 bytes in 1 blocks (ref 0) 0x8817338 loc_updating_oper contains 0 bytes in 1 blocks (ref 0) 0x8817300 bs11_file_list_entry contains 0 bytes in 1 blocks (ref 0) 0x88172c8 msgb contains 6780 bytes in 8 blocks (ref 0) 0x8817290 RSL contains 1072 bytes in 1 blocks (ref 0) 0x887fab0 RSL contains 1072 bytes in 1 blocks (ref 0) 0x887f648 RSL contains 1072 bytes in 1 blocks (ref 0) 0x887f1e0 RSL contains 1072 bytes in 1 blocks (ref 0) 0x887ed78 RSL contains 1072 bytes in 1 blocks (ref 0) 0x887e910 RSL contains 1072 bytes in 1 blocks (ref 0) 0x885c5f8 Abis/IP contains 348 bytes in 1 blocks (ref 0) 0x8872288 Aborted
For debugging the Code with gdb I had to change the makefile. (See attached patch)
Here is the backtrace: Program received signal SIGABRT, Aborted. 0x0021a832 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 (gdb) bt #0 0x0021a832 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #1 0x00b8e4d1 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0x00b91932 in *__GI_abort () at abort.c:92 #3 0x00bc4ee5 in __libc_message (do_abort=2, fmt=0xc866dd "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189 #4 0x00c44ed8 in *__GI___fortify_fail (msg=0xc866c5 "stack smashing detected") at fortify_fail.c:32 #5 0x00c44e90 in __stack_chk_fail () at stack_chk_fail.c:29 #6 0x0804b8df in input_event (event=1, type=E1INP_SIGN_RSL, trx=0x80df1c0) at bsc_init.c:787 #7 0x0806d7ab in e1inp_event (ts=0x80f54f4, evt=1, tei=0 '\000', sapi=77 'M') at e1_input.c:519 #8 0x08070659 in handle_ts1_read (bfd=0x80f5a5c, what=<value optimized out>) at input/ipaccess.c:360 #9 ipaccess_fd_cb (bfd=0x80f5a5c, what=<value optimized out>) at input/ipaccess.c:469 #10 0x0806a2a5 in bsc_select_main (polling=0) at select.c:109 #11 0x0804a6fe in main (argc=1, argv=0xbffff2d4) at bsc_hack.c:233
I located the Error in file bsc_init.c line 677: si_tmp[23] -> buffer overflow
changing si_tmp[24] fixed the crash but the nanoBTS refuses to work.
Do you have any idea?
Regards Konrad
I tried you branch code. After initializing the nanoBTS the bsc_hack crashed with the following output:
It's a bug that was fixed afterwards. Maybe try to just cherry pick the patch I was talking about in my previous message or merge the master with my branch to get the more recent work as well.
Cheers,
Sylvain
Sylvain Munaut schrieb:
I tried you branch code. After initializing the nanoBTS the bsc_hack crashed with the following output:
It's a bug that was fixed afterwards. Maybe try to just cherry pick the patch I was talking about in my previous message or merge the master with my branch to get the more recent work as well.
Cheers,
Sylvain
Ok, the bsc_hack is running but the problem still exists. I can't hear a voice during a call.
Thanks for your help!
Here is the debug output:
DB: Database initialized. DB: Database prepared. <0005> bsc_init.c:626 bootstrapping OML for BTS 0 <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS NSE(f0) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS CELL(f1) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS NSVC(f2) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=GPRS NSVC(f2) INST=(00,01,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Not installed(07) <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) Software Activated Report <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Off line(03) <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) Sending OPSTART <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=GPRS NSE(f0) INST=(00,ff,ff) SW Activate Request: NACKing for GPRS obj_class 0xf0 <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) STATE CHG: OP_STATE=Enabled <0005> abis_nm.c:545 OC=SITE MANAGER(00) INST=(ff,ff,ff) Sending OPSTART <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) Software Activated Report <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1791 Set BTS Attr (bts=0) <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) Sending OPSTART <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 31 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) SW Activate Request: ACKing and Activating <0005> abis_nm.c:888 Found SW config: 42 12 00 08 31 32 30 61 30 30 31 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 42 12 00 08 31 32 30 61 30 30 32 00 13 00 0a 76 31 34 39 62 34 34 64 30 00 <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) Software Activated Report <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) Sending OPSTART <0005> abis_nm.c:2862 ip.access RSL CONNECT IP=0.0.0.0 PORT=3003 STREAM=0x00 <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) Software Activated Report <0005> abis_nm.c:1808 Set TRX Attr (bts=0,trx=0) <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) Sending OPSTART <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=0) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=1) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=2) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=3) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=4) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=5) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=6) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) Sending OPSTART <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) Software Activated Report <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) <0005> abis_nm.c:1966 Set Chan Attr (bts=0,trx=0,ts=7) <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) Sending OPSTART <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) IPACCESS(0xe1): RSL CONNECT ACK IP=132.230.8.231 PORT=3003 STREAM=0x00 <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=BTS(01) INST=(00,ff,ff) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=BASEBAND TRANSCEIVER(04) INST=(00,00,ff) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=RADIO CARRIER(02) INST=(00,00,ff) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,00) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,01) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,02) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,03) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,04) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,05) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,06) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Disabled AVAIL=Dependency(05) ADM=Unlocked <0005> abis_nm.c:545 OC=CHANNEL(03) INST=(00,00,07) STATE CHG: OP_STATE=Enabled ADM=Unlocked <0004> bsc_init.c:761 bootstrapping RSL for BTS/TRX (0/0) on ARFCN 514 using MCC=1 MNC=1 LAC=1 CID=0 BSIC=63 TSC=7 <0003> bsc_init.c:689 SI 1: 55 06 19 8f 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e5 04 00 2b <0003> bsc_init.c:689 SI 2: 59 06 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff e5 04 00 <0003> bsc_init.c:689 SI 3: 49 06 1b 00 00 00 f1 10 00 01 41 03 00 22 47 00 e5 04 00 3b 2b 2b 2b <0003> bsc_init.c:689 SI 4: 31 06 1c 00 f1 10 00 01 47 00 e5 04 00 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b <0003> bsc_init.c:706 SI 5: 49 06 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <0003> bsc_init.c:713 SI 6: 2d 06 1e 00 00 00 f1 10 00 01 22 ff <0004> abis_rsl.c:1355 (bts=0,trx=0,ts=0,ss=0) Activating ARFCN(514) SS(0) lctype SDCCH r=LOCATION_UPDATE ra=0x17 <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=0,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 ESTABLISH INDICATION <0002> gsm_04_08.c:1382 LOCATION UPDATING REQUEST: mi_type=0x01 MI(262026550055616) type=NORMAL <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 0 pd 05) Sending 0x18 to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08.c:1467 CLASSMARK CHANGE CM2(len=3) CM3(len=7) <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 DATA INDICATION <0002> gsm_04_08.c:901 IDENTITY RESPONSE: mi_type=0x02 MI(352495022152950) <0002> gsm_04_08.c:865 -> LOCATION UPDATE ACCEPT <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 0 pd 05) Sending 0x02 to MS. <0002> gsm_subscriber.c:112 Subscriber 262026550055616 ATTACHED LAC=1 <0003> gsm_04_08_utils.c:385 Sending Channel Release: Chan: Number: 0 Type: 1 <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 0 pd 06) Sending 0x0d to MS. <0004> abis_rsl.c:746 (bts=0,trx=0,ts=0,ss=0) DEACTivate SACCH CMD <0000> chan_alloc.c:325 (bts=0,trx=0,ts=0,ss=0) Recycling Channel <0004> abis_rsl.c:1072 (bts=0,trx=0,ts=0,ss=0): MEAS RES for inactive channel <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 RELEASE CONFIRMATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=0,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=0,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1355 (bts=0,trx=0,ts=0,ss=0) Activating ARFCN(514) SS(0) lctype SDCCH r=LOCATION_UPDATE ra=0x10 <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=0,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 ESTABLISH INDICATION <0002> gsm_04_08.c:1382 LOCATION UPDATING REQUEST: mi_type=0x04 MI(178331526) type=IMSI ATTACH <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 0 pd 05) Sending 0x18 to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08.c:1467 CLASSMARK CHANGE CM2(len=3) CM3(len=2) <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 DATA INDICATION <0002> gsm_04_08.c:901 IDENTITY RESPONSE: mi_type=0x02 MI(350105809824020) <0002> gsm_04_08.c:865 -> LOCATION UPDATE ACCEPT <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 0 pd 05) Sending 0x02 to MS. <0002> gsm_subscriber.c:112 Subscriber 262021514127926 ATTACHED LAC=1 <0003> gsm_04_08_utils.c:385 Sending Channel Release: Chan: Number: 0 Type: 1 <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 0 pd 06) Sending 0x0d to MS. <0004> abis_rsl.c:746 (bts=0,trx=0,ts=0,ss=0) DEACTivate SACCH CMD <0000> chan_alloc.c:325 (bts=0,trx=0,ts=0,ss=0) Recycling Channel <0004> abis_rsl.c:1072 (bts=0,trx=0,ts=0,ss=0): MEAS RES for inactive channel <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=0,ss=0) SAPI=0 RELEASE CONFIRMATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=0,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=0,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1355 (bts=0,trx=0,ts=2,ss=0) Activating ARFCN(514) SS(0) lctype TCH/F r=OTHER ra=0xfd <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=2,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 ESTABLISH INDICATION <0002> gsm_04_08.c:1257 <- CM SERVICE REQUEST serv_type=0x01 mi_type=0x04 M(1230489847) <0002> gsm_04_08.c:1208 -> CM SERVICE ACK <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 2 pd 05) Sending 0x21 to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08.c:1467 CLASSMARK CHANGE CM2(len=3) CM3(len=7) <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 2 ti 8 sub 48214) Received 'SETUP' from MS in state 0 (NULL) <0001> gsm_04_08.c:3466 Unknown transaction ID 8, creating new trans. <0001> transaction.c:69 subscr=0x8a833a8, subscr->net=0x8a20f20 <0001> gsm_04_08.c:1655 new state NULL -> INITIATED <0001> gsm_04_08.c:2155 Subscriber 262026550055616 (48214) sends SETUP to 45679 <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 2 ti 8 sub 48214) Sending 'MNCC_SETUP_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 48214) Received 'MNCC_LCHAN_MODIFY' from MNCC in state 1 (INITIATED) <0003> gsm_04_08_utils.c:621 -> CHANNEL MODE MODIFY mode=0x21 <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 2 pd 06) Sending 0x10 to MS. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 48214) Received 'MNCC_CALL_PROC_REQ' from MNCC in state 1 (INITIATED) <0001> gsm_04_08.c:1655 new state INITIATED -> MO_CALL_PROC <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'CALL_PROC' to MS. <0001> transaction.c:69 subscr=0x8a62878, subscr->net=0x8a20f20 <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08_utils.c:671 CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1631 (bts=0,trx=0,ts=2,ss=0) IPAC_BIND speech_mode=0x11 <0004> abis_rsl.c:1186 (bts=0,trx=0,ts=2,ss=0) CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1814 (bts=0,trx=0,ts=2,ss=0) IPAC_CRCX_NACK
<0004> abis_rsl.c:1355 (bts=0,trx=0,ts=3,ss=0) Activating ARFCN(514) SS(0) lctype TCH/F r=PAGING ra=0x2b <0004> abis_rsl.c:1161 (bts=0,trx=0,ts=3,ss=0) CHANNEL ACTIVATE ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 ESTABLISH INDICATION <0003> gsm_04_08.c:1431 PAGING RESPONSE: mi_type=0x04 MI(748932926) <0003> gsm_04_08.c:1449 <- Channel was requested by 262021514127926 <0001> gsm_04_08.c:1797 Paging subscr 45679 succeeded! <0001> gsm_04_08.c:2078 starting timer T303 with 30 seconds <0001> gsm_04_08.c:1655 new state NULL -> CALL_PRESENT <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 3 ti 00) Sending 'SETUP' to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08.c:1467 CLASSMARK CHANGE CM2(len=3) CM3(len=2) <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 3 ti 0 sub 45679) Received 'CALL_CONF' from MS in state 6 (CALL_PRESENT) <0001> gsm_04_08.c:1696 stopping pending timer T303 <0001> gsm_04_08.c:2078 starting timer T310 with 180 seconds <0001> gsm_04_08.c:1655 new state CALL_PRESENT -> MO_TERM_CALL_CONF <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 3 ti 0 sub 45679) Sending 'MNCC_CALL_CONF_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 3 ti 00 sub 45679) Received 'MNCC_LCHAN_MODIFY' from MNCC in state 9 (MO_TERM_CALL_CONF) <0003> gsm_04_08_utils.c:621 -> CHANNEL MODE MODIFY mode=0x21 <0001> gsm_04_08_utils.c:144 (bts 0 trx 0 ts 3 pd 06) Sending 0x10 to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0003> gsm_04_08_utils.c:671 CHANNEL MODE MODIFY ACK <0004> abis_rsl.c:1631 (bts=0,trx=0,ts=3,ss=0) IPAC_BIND speech_mode=0x11 <0004> abis_rsl.c:1186 (bts=0,trx=0,ts=3,ss=0) CHANNEL MODE MODIFY ACK <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 3 ti 0 sub 45679) Received 'ALERTING' from MS in state 9 (MO_TERM_CALL_CONF) <0001> gsm_04_08.c:1696 stopping pending timer T310 <0001> gsm_04_08.c:2078 starting timer T301 with 180 seconds <0001> gsm_04_08.c:1655 new state MO_TERM_CALL_CONF -> CALL_RECEIVED <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 3 ti 0 sub 45679) Sending 'MNCC_ALERT_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 48214) Received 'MNCC_ALERT_REQ' from MNCC in state 3 (MO_CALL_PROC) <0001> gsm_04_08.c:1655 new state MO_CALL_PROC -> CALL_DELIVERED <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'ALERTING' to MS. <0004> abis_rsl.c:1814 (bts=0,trx=0,ts=3,ss=0) IPAC_CRCX_NACK
<0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 3 ti 0 sub 45679) Received 'CONNECT' from MS in state 7 (CALL_RECEIVED) <0001> gsm_04_08.c:1696 stopping pending timer T301 <0001> gsm_04_08.c:1655 new state CALL_RECEIVED -> CONNECT_REQUEST <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 3 ti 0 sub 45679) Sending 'MNCC_SETUP_CNF' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 3 ti 00 sub 45679) Received 'MNCC_SETUP_COMPL_REQ' from MNCC in state 8 (CONNECT_REQUEST) <0001> gsm_04_08.c:1655 new state CONNECT_REQUEST -> ACTIVE <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 3 ti 00) Sending 'CONNECT_ACK' to MS. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 48214) Received 'MNCC_SETUP_RSP' from MNCC in state 4 (CALL_DELIVERED) <0001> gsm_04_08.c:2078 starting timer T313 with 30 seconds <0001> gsm_04_08.c:1655 new state CALL_DELIVERED -> CONNECT_IND <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'CONNECT' to MS. <0001> gsm_04_08.c:1866 Setting up TCH map between (bts=0,trx=0,ts=3) and (bts=0,trx=0,ts=2) <0004> abis_rsl.c:1662 (bts=0,trx=0,ts=3,ss=0) IPAC_MDCX IP=0.0.0.0 PORT=0 RTP_PAYLOAD2=0 CONN_ID=0 speech_mode=0x01 <0004> abis_rsl.c:1662 (bts=0,trx=0,ts=2,ss=0) IPAC_MDCX IP=0.0.0.0 PORT=0 RTP_PAYLOAD2=0 CONN_ID=0 speech_mode=0x01 <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 2 ti 8 sub 48214) Received 'CONNECT_ACK' from MS in state 28 (CONNECT_IND) <0001> gsm_04_08.c:1696 stopping pending timer T313 <0001> gsm_04_08.c:1655 new state CONNECT_IND -> ACTIVE <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 2 ti 8 sub 48214) Sending 'MNCC_SETUP_COMPL_IND' to MNCC. <0004> abis_rsl.c:1824 (bts=0,trx=0,ts=3,ss=0) IPAC_MDCX_NACK
<0004> abis_rsl.c:1824 (bts=0,trx=0,ts=2,ss=0) IPAC_MDCX_NACK
<0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 3 ti 0 sub 45679) Received 'DISCONNECT' from MS in state 10 (ACTIVE) <0001> gsm_04_08.c:1655 new state ACTIVE -> DISCONNECT_IND <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 3 ti 0 sub 45679) Sending 'MNCC_DISC_IND' to MNCC. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 3 ti 00 sub 45679) Received 'MNCC_REL_REQ' from MNCC in state 12 (DISCONNECT_IND) <0001> gsm_04_08.c:2078 starting timer T308 with 10 seconds <0001> gsm_04_08.c:1655 new state DISCONNECT_IND -> RELEASE_REQ <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 3 ti 00) Sending 'RELEASE' to MS. <0001> gsm_04_08.c:3367 (bts 0 trx 0 ts 2 ti 08 sub 48214) Received 'MNCC_DISC_REQ' from MNCC in state 10 (ACTIVE) <0001> gsm_04_08.c:2078 starting timer T306 with 30 seconds <0001> gsm_04_08.c:1655 new state ACTIVE -> DISCONNECT_IND <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'DISCONNECT' to MS. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 3 ti 0 sub 45679) Received 'RELEASE_COMPL' from MS in state 19 (RELEASE_REQ) <0001> gsm_04_08.c:1696 stopping pending timer T308 <0001> gsm_04_08.c:1655 new state RELEASE_REQ -> NULL <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 DATA INDICATION <0001> gsm_04_08.c:3461 (bts 0 trx 0 ts 2 ti 8 sub 48214) Received 'RELEASE' from MS in state 12 (DISCONNECT_IND) <0001> gsm_04_08.c:1696 stopping pending timer T306 <0001> gsm_04_08_utils.c:139 (bts 0 trx 0 ts 2 ti 80) Sending 'RELEASE_COMPL' to MS. <0001> gsm_04_08.c:1715 (bts 0 trx 0 ts 2 ti 8 sub 48214) Sending 'MNCC_REL_IND' to MNCC. <0001> gsm_04_08.c:1655 new state DISCONNECT_IND -> NULL <0001> gsm_04_08.c:3254 (bts - trx - ts - ti -- sub ) Received 'MNCC_REL_REQ' from MNCC with unknown callref 1 <0001> gsm_04_08.c:1723 (bts - trx - ts - ti -- sub -) Sending 'MNCC_REL_IND' to MNCC. <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=3,ss=0) SAPI=0 RELEASE INDICATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=3,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=3,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=3,ss=0) CHAN REL ACK but state ACTIVE <0000> abis_rsl.c:1460 (bts=0,trx=0,ts=2,ss=0) SAPI=0 RELEASE INDICATION <0004> abis_rsl.c:764 (bts=0,trx=0,ts=2,ss=0) RF Channel Release CMD <0004> abis_rsl.c:1177 (bts=0,trx=0,ts=2,ss=0) RF CHANNEL RELEASE ACK <0004> abis_rsl.c:1181 (bts=0,trx=0,ts=2,ss=0) CHAN REL ACK but state ACTIVE ^Csignal 2 received <0005> bsc_init.c:642 shutting down OML for BTS 0
246tnt@gmail.com schrieb:
That's weird.
Can you post a tcpdump of the communication with the nano BTS ?
http://www.ks.uni-freiburg.de/download/misc/debug.pcap
I hope this helps.
Regards Konrad
FYI, I had the same problem with a very old model of the nanoBTS 139, probably one of the first units released. I compiled the "sylvain/pending" branch and that fixed the voice problem.
Regards, BSS
On Fri, Feb 26, 2010 at 7:16 PM, Konrad Meier meierk@informatik.uni-freiburg.de wrote:
246tnt@gmail.com schrieb:
That's weird.
Can you post a tcpdump of the communication with the nano BTS ?
http://www.ks.uni-freiburg.de/download/misc/debug.pcap
I hope this helps.
Regards Konrad
Hi
You either didn't merge properly or didn't take the right branch or didn' cherry pick the right patch because the packets send on your trace don't show the right RTP payload IE on the CRCX messages.
I just rebased my sylvain/pending branch onto master so just update and try this branch again and it should work.
Cheers,
Sylvain
Sylvain Munaut schrieb:
Hi
You either didn't merge properly or didn't take the right branch or didn' cherry pick the right patch because the packets send on your trace don't show the right RTP payload IE on the CRCX messages.
I just rebased my sylvain/pending branch onto master so just update and try this branch again and it should work.
Cheers,
Sylvain
Hi Sylvain
I don't know what went wrong with the path. But with the updated branch it works!
Thank you for your help.
In your branch you wrote: "More testing with newer EDGE units should be done by whoever has some of theses."
I hope to get a nanoBTS 165AU soon. I could do some tests if you think this is helpful.
Regards Konrad
Hi
In your branch you wrote: "More testing with newer EDGE units should be done by whoever has some of theses."
I hope to get a nanoBTS 165AU soon. I could do some tests if you think this is helpful.
Yes, and post the result to the list. If my branch runs without issues on those and on BS-11, it'll get merged in mainline.
Sylvain
-
246tnt@gmail.com -
Bjarni S. Sigurðsson -
Holger Freyther -
Konrad Meier -
Sylvain Munaut