This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Keith keith at rhizomatica.orgOn 10/05/2016 09:01, Alexander Chemeris wrote: > MEAS RES means that there is an open logical channel between the phone and > the BTS. Have you looked at the list of open channels at the NITB VTY? That's right, of course! Yes, there's an open channel. > > A useful log would be a pcap trace of communication between OpenBSC and > OsmoBTS (make sure osmo-trx communication is filtered out). Ok, I took a look at that and compared to it other MS. - This phone sends a GSM MAP invoke Service Request right after the Location Update. I don't know if it's more helpful for me to describe it or just send the dump, but I'm also not sure about sending the capture to the list. So.. let me go for the description route initially: At least according to Wireshark, the MS is sending a DTAP Register, "Non Call related SS message" GSM MAP invoke interrogateSS - invoke: cfu - call forwarding unconditional, basicService: teleservice, teleservice: allSpeechTransmissionServices. (Is that something to do with call diverts setup?) I have two of these phones, one does this, the other does not. - regardless of the inserted SIM) The SS Version Indicator at the end of the message is 7f 01 00 This is happening as the NITB log gives: ./openbsc/openbsc/src/libmsc/gsm_04_08.c:958 <- CM SERVICE REQUEST serv_type=0x08 MI(TMSI)=1448232929 ./openbsc/openbsc/src/libbsc/gsm_04_08_utils.c:692 -> CM SERVICE ACK And from there that channel stays open until I power off the phone. I had a look there to see if I could trace from what happens in gsm48_rx_mm_serv_req() up to the ACK being sent, but I'm afraid I get a little bit lost in the code flow as my c skills are not really up to the task, thinking I might intervene and identify some part of this "invoke" and reject it, but there I'm really not sure how to go about it at all. Now, I see the ack being sent from _gsm48_rx_mm_serv_req_sec_cb() but I don't really understand how this is called. I see that function name as a parameter to gsm48_secure_channel() but there I'm lost. Any clues are most welcome! Many thanks, Keith.