GSM on the table
Web development: HTTP, HTML, CSS, JavaScript, Python ... Oh. Everything is the same. So I want to get distracted by something radically different. I live in the Moscow hackspace Neuron ! Why not ask around?
For example, in Neuron there are guys from the company Fairwaves , developing GSM equipment for low-cost cellular networks. The entire stack - from hardware to software - is available under an open source license. Yes, yes, including iron . Therefore, it is not necessary to work at Fairwaves to become familiar with this technology. And the result of digging can be posted on GitHub or make a contribution to an existing project . At a minimum, there will be something to brag about in interviews.
A couple of days reading the documentation, scrolling through the code, dozens of obsessive questions and experiments (thanks to Alexander Chemeris and Ivan Klyuchnikov for help). And here is the result - my own GSM network under the control of my MacBook: Hackspace
guests came to test the network:
What are they talking about?
How it works? Like this:
The computer runs VirtualBox with Ubuntu, which runs the Docker container with Ubuntu 12.04 and the open source base station controller OpenBSC (Base Station Controller, BSC). In my case, OpenBSC operates in the network-in-the box mode and includes not only BSC, but also a simple implementation of all the other components needed for a small GSM network ( MSC, HLR, VLR, AuC and SMSC ).
Fairwaves UmSITE base station is connected to the controller via a local network, on which OsmoBTS is spinning - open source implementation of the GSM base station (Base Transceiver Station, BTS):
To start a GSM network, one (!) Command is enough:
(No Docker? Install it. You do not have Ubuntu and Docker is not installed? Then see below.)
For information about other parameters of the container and command,
What if I don’t have Ubuntu?
If you do not have Ubuntu 12.04+, install Vagrant and VirtualBox and start the Ubuntu + Docker virtual machine using these commands:
Why Docker?
Yes, Docker is optional. You can put and configure everything with your hands . But firstly, I wanted to experiment with Docker. Secondly, you can reliably wrap it with it, and then repeat the configuration of the entire machine (debian packages, manually installed programs, configuration files). Thirdly, the list of dozens of commands and manipulations is replaced by one -
Why not OpenBTS?
In addition to the described Osmocom projects (OpenBSC, OsmoBTS, OsmoTRX ), there is another open source implementation of GSM protocols - OpenBTS. The age of both projects is approximately the same, but OpenBTS is better known on the Internet due to a little more friendliness to beginners. If you do not delve into the technical differences, then under real conditions, Osmocom works better :
Where to get the equipment?
The easiest option for Moscow residents is to use the equipment in the Neuron hackspace :)
If you do not live in Moscow or just want to have the equipment to play with GSM at home, there are two relatively inexpensive alternatives for laboratory use:
In terms of capabilities, they are approximately similar, but UmTRX has advantages:
If you want to save some money and the problems with the reference generator are not terrible, then you can use the USRP B200. She has only one channel, but for home experiments this is not important. The reference generator in USRP B200 does not comply with the GSM standard in accuracy, but in most cases it is enough for simple work on the table. With the USRP B200, there may be problems with handover from one of your base stations to another, but you do not plan to build a high-value network on your knee, right?
But I can be biased, check for yourself.
Thanks to Andrei Bakhmat, Ivan Klyuchnikov, Pavel Trukhanov, Alexander Chemeris and other hackspace participants for comments on the drafts of this text.
For example, in Neuron there are guys from the company Fairwaves , developing GSM equipment for low-cost cellular networks. The entire stack - from hardware to software - is available under an open source license. Yes, yes, including iron . Therefore, it is not necessary to work at Fairwaves to become familiar with this technology. And the result of digging can be posted on GitHub or make a contribution to an existing project . At a minimum, there will be something to brag about in interviews.
A couple of days reading the documentation, scrolling through the code, dozens of obsessive questions and experiments (thanks to Alexander Chemeris and Ivan Klyuchnikov for help). And here is the result - my own GSM network under the control of my MacBook: Hackspace
guests came to test the network:
What are they talking about?
How it works? Like this:
+ ---------------------------------------- + | MacBook | | | | + ------------------------------- + | | | VirtualBox virtual | | | | | | | | + ---------------------- + | | | | | | Docker container | | | \ | | / | | | | (Ubuntu 12.04) | | | \ | | / | | | | | | | \ | | / | | | | + ------------- + | | | + ---- + ---- + + ------- + | | | | Openbsc | | | | | | | | | | | | (osmo-nitb) | <------------------------- + basic | | GSM | | | | | | | | | | station | | TV | | | | + ------------- + | | | | | | background | | | | | | | | | | | | | + ---------------------- + | | + --------- + + ------- + | | | | | + ------------------------------- + | | | + ---------------------------------------- +
The computer runs VirtualBox with Ubuntu, which runs the Docker container with Ubuntu 12.04 and the open source base station controller OpenBSC (Base Station Controller, BSC). In my case, OpenBSC operates in the network-in-the box mode and includes not only BSC, but also a simple implementation of all the other components needed for a small GSM network ( MSC, HLR, VLR, AuC and SMSC ).
Fairwaves UmSITE base station is connected to the controller via a local network, on which OsmoBTS is spinning - open source implementation of the GSM base station (Base Transceiver Station, BTS):
To start a GSM network, one (!) Command is enough:
docker run -v $ HOME / db: / var / db -i -t -p 3002: 3002 -p 3003: 3003 -p 30000: 30000 / udp -p 30001: 30001 / udp -p 30002: 30002 / udp -p 30003: 30003 / udp -p 30004: 30004 / udp -p 30005: 30005 / udp -p 30006: 30006 / udp -p 30007: 30007 / udp shamrin / osmonitb start-nitb -i 10.0.0.10 -n HabraFon GSM1800 10 20
(No Docker? Install it. You do not have Ubuntu and Docker is not installed? Then see below.)
10.0.0.10You need to replace the host with the Docker network address (ifconfig). A 10and 20to use the channel numbers, ARFCN . Which channels to indicate, you ask? This is a difficult question. At GSM frequencies, you can not radiate anything without a license, regardless of power. But mere mortals can’t get a license. The following options remain:- Testing in a Faraday cage . If there is no suitable Faraday cage, imitate it in a remote basement where the cellular network does not catch and where there is no risk to interfere with mobile operators (and they will not interfere with you). In this case, the entire radio frequency spectrum is at your disposal and you can specify any pair of numbers in the range from 512 to 885 with a difference of at least 2-3 channels (preferably 10 channels). For example, 600 and 700.
- Under the supervision of a qualified professional, find a couple of unused channels and indicate these channels at startup. For example, using a phone that can scan broadcasts, such as Sagem OT. Once again, under the supervision of a qualified professional!
For information about other parameters of the container and command,
start-nitbsee my repository . What if I don’t have Ubuntu?
If you do not have Ubuntu 12.04+, install Vagrant and VirtualBox and start the Ubuntu + Docker virtual machine using these commands:
git clone https://github.com/shamrin/osmonitb-docker cd osmonitb-docker vagrant up vagrant ssh
Why Docker?
Yes, Docker is optional. You can put and configure everything with your hands . But firstly, I wanted to experiment with Docker. Secondly, you can reliably wrap it with it, and then repeat the configuration of the entire machine (debian packages, manually installed programs, configuration files). Thirdly, the list of dozens of commands and manipulations is replaced by one -
docker run …. Why not OpenBTS?
In addition to the described Osmocom projects (OpenBSC, OsmoBTS, OsmoTRX ), there is another open source implementation of GSM protocols - OpenBTS. The age of both projects is approximately the same, but OpenBTS is better known on the Internet due to a little more friendliness to beginners. If you do not delve into the technical differences, then under real conditions, Osmocom works better :
We started using Osmocom software at the beginning of this year and found that it works much better in real life deployments than OpenBTS. It almost never crashes, has more features, scales better and is more flexible.
Where to get the equipment?
The easiest option for Moscow residents is to use the equipment in the Neuron hackspace :)
If you do not live in Moscow or just want to have the equipment to play with GSM at home, there are two relatively inexpensive alternatives for laboratory use:
In terms of capabilities, they are approximately similar, but UmTRX has advantages:
- all circuit boards and software source codes are available under open source license
- cheaper than similar configuration on USRP
- the board can work with two independent channels, while USRP have only one channel
- GPS for fine-tuning the reference frequency generator is already built-in, and not purchased separately, as in USRP (the floating frequency of the generator leads to unexpected problems in GSM )
- support of the Russian manufacturer (and no need to pay customs)
If you want to save some money and the problems with the reference generator are not terrible, then you can use the USRP B200. She has only one channel, but for home experiments this is not important. The reference generator in USRP B200 does not comply with the GSM standard in accuracy, but in most cases it is enough for simple work on the table. With the USRP B200, there may be problems with handover from one of your base stations to another, but you do not plan to build a high-value network on your knee, right?
But I can be biased, check for yourself.
Thanks to Andrei Bakhmat, Ivan Klyuchnikov, Pavel Trukhanov, Alexander Chemeris and other hackspace participants for comments on the drafts of this text.