https://laforge.gnumonks.org/enThu, 24 Oct 2024 20:08:48 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rsshttps://laforge.gnumonks.org/blog/20180919-wireshark-cbsp-dissector/Harald Welte<p>I recently was reading <a class="reference external" href="http://www.etsi.org/deliver/etsi_ts/148000_148099/148049/15.00.00_60/ts_148049v150000p.pdf">3GPP TS 48.049</a>, the specification for the CBSP (Cell Broadcast Service Protocol), which is the protocol between the BSC (Base Station Controller) and the CBC (Cell Broadcast Centre). It is how the CBC according to spec is instructing the BSCs to broadcast the various cell broadcast messages to their respective geographic scope.</p> <p>While OsmoBTS and OsmoBSC do have support for SMSCB on the CBCH, there is no real interface in OsmoBSC yet on how any external application would instruct it tot send cell broadcasts. The only existing interface is a VTY command, which is nice for testing and development, but hardly a scalable solution.</p> <p>So I was reading up on the specs, discovered CBSP and thought one good way to get familiar with it is to write a wireshark dissector for it. You can find the result at <a class="reference external" href="https://code.wireshark.org/review/#/c/29745/">https://code.wireshark.org/review/#/c/29745/</a></p> <p>Now my main problem is that as usual there appear to be no open source implementations of this protocol, so I cannot generate any traces myself. More surprising is that it's not even possible to find any real-world CBSP traces out there. So I'm facing a chicken-and-egg problem. I can only test / verify my wireshark dissector if I find some traces.</p> <p>So if you happen to have done any work on cell broadcast in 2G network and have a CBSP trace around (or can generate one): Please send it to me, thanks!</p> <p>Alternatively, you can of course also use the patch linked above, build your own wireshark from scratch, test it and provide feedback. Thanks in either case!</p>3gppgsmosmocomwiresharkhttps://laforge.gnumonks.org/blog/20180919-wireshark-cbsp-dissector/Tue, 18 Sep 2018 16:00:00 GMThttps://laforge.gnumonks.org/blog/20160716-ericsson_packet_abis/Harald Welte<p>Some topics keep coming back, even a number of years after first having worked on them. And then you start to search online using your favorite search engine - and find <a class="reference external" href="https://laforge.gnumonks.org/blog/20101129-ericsson_abis_oml">your old posts</a> on that subject are the most comprehensive publicly available information on the subject ;)</p> <p>Back in 2011, I was working on some very basic support for Ericsson RBS2xxx GSM BTSs in OpenBSC. The major part of this was to find out the weird dynamic detection of the signalling timeslot, as well as the fully non-standard OM2000 protocol for OML. Once it reached the state of a 'proof-of-concept', work at this ceased and remained in a state where still lots of manual steps were involved in BTS bring-up.</p> <p>I've recently picked this topic up again, resulting in some work-in-progress code in <a class="reference external" href="http://git.osmocom.org/openbsc/log/?h=laforge/om2000-fsm">http://git.osmocom.org/openbsc/log/?h=laforge/om2000-fsm</a></p> <p>Beyond classic E1 based A-bis support, I've also been looking (again) at Ericsson Packet Abis. Packet Abis is their understanding of Abis over IP. However, it is - again - much further from the 3GPP specifications than what we're used to in the Osmocom universe. Abis/IP as we know consists of:</p> <ul class="simple"> <li><p>RSL and OML over TCP (inside an IPA multiplex)</p></li> <li><p>RTP streams for the user plane (voice)</p></li> <li><p>Gb over IP (NS over UDP/IP), as te PCU is in the BTS.</p></li> </ul> <p>In the Ericsson world, they decided to taka a much lower-layer approach and decided to</p> <ul class="simple"> <li><p>start with L2TP over IP (<em>not</em> the L2TP over UDP that many people know from VPNs)</p></li> <li><p>use the IETF-standardized Pseudowire type for HDLC but use a frame format in violation of the IETF RFCs</p></li> <li><p>Talk LAPD over L2TP for RSL and OML</p></li> <li><p>Invent a new frame format for voice codec frames called TFP and feed that over L2TP</p></li> <li><p>Invent a new frame format for the PCU-CCU communication called P-GSL and feed that over L2TP</p></li> </ul> <p>I'm not yet sure if we want to fully support that protocol stack from OpenBSC and related projects, but in any case I've extende wireshark to decode such protocol traces properly by</p> <ul class="simple"> <li><p>Extending the L2TP dissector with Ericsson specific AVPs</p></li> <li><p>Improving my earlier pakcet-ehdlc.c with better understanding of the protocol</p></li> <li><p>Implementing a new TFP dissector from scratch</p></li> <li><p>Implementing a new P-GSL dissector from scratch</p></li> </ul> <p>The resulting work can be found at <a class="reference external" href="http://git.osmocom.org/wireshark/log/?h=laforge/ericsson-packet-abis">http://git.osmocom.org/wireshark/log/?h=laforge/ericsson-packet-abis</a> in case anyone is interested. I've mostly been working with protocol traces from RBS2409 so far, and they are decoded quite nicely for RSL, OML, Voice and Packet data. As far as I know, the format of the STN / SIU of other BTS models is identical.</p> <p>Is anyone out there in possession of Ericsson RBS2xxx RBSs interested in collboration on either a Packet Abis implementation, or an inteface of the E1 or packet based CCU-PCU interface to OsmoPCU?</p>gsmosmocomwiresharkhttps://laforge.gnumonks.org/blog/20160716-ericsson_packet_abis/Sat, 16 Jul 2016 04:00:00 GMT