Project

General

Profile

Actions

OpenBSC » History » Revision 20

« Previous | Revision 20/45 (diff) | Next »
laforge, 02/19/2016 10:47 PM


PageOutline
'''OpenBSC''' is the current name for a software program that started with the name bs11-abis.

What is OpenBSC
It is a [wiki:BSC] (Base Station Controller) side implementation of the A-bis protocol, as implemented in the GSM Technical Specification 08.5x and 12.21. It implements a minimal subset of the [wiki:BSC], [wiki:MSC] and [wiki:HLR]. It does not implement ant of the interfaces (like the A and B interfaces) between the higher-order GSM network components.

The goal of the project is to * provide a basis for experimentation and security research with GSM from the network side * document, publicized and point out any security related issues that we find as part of that * learn more about GSM networks on a lower level, particularly the practical aspects with real-world equipment

We '''are not primarily interested''' in * building a stable/reliable BSC/MSC for deployment in networks requiring high-9 (99.999....) availability * building something that follows the GSM spec to the last detail * disrupting actual commercial GSM network

Requirements

While OpenBSC is mainly written in portable C99 code, there are is one non-portable parts: The E1 input driver requires a Linux kernel with mISDN support and an [wiki:E1] interface card compatible with [wiki:mISDN]. You only need this if you have an E1 based BTS.

To opertate a GSM network, you not only need OpenBSC but of course also some kind of GSM [wiki:BTS]. The only currently tested configurations are with a * Siemens [wiki:BS11 BS-11] microBTS * [wiki:nanoBTS ip.access nanoBTS]

Configurations / Modes

=== OpenBSC network-in-the-box (NITB) mode ===

This is ''very different'' from a classic GSM network in which the BSC is only one minor element in the distributed network consisting
of many different elements like BSC, MSC, HLR, etc. Nonetheless, it is the ''classic'' mode to operate OpenBSC. In this configuration, you only need (at least) one BTS and OpenBSC. There is no need for a MSC, HLR, VLR, AuC or any other traditional GSM network components.

{{{
#!graphviz
digraph G {
rankdir=LR
bs11->OpenBSC [ label="Abis/E1" ]
nanobts->OpenBSC [ label="Abis/IP" ]
bs11 [ label = "Siemens\nBS-11" ]
nanobts [ label = "ip.access\nnanoBTS" ]
OpenBSC [ label = "OpenBSC\nNITB" ]
}
}}}

In order to use the NITB mode, you will use the [wiki:osmo-nitb] program.

==== Interconnecting OpenBSC with a PBX ====
If you want to connect calls outside of your OpenBSC based GSM network, you can have [wiki:lrc (Linux Call Router] and OpenBSC
work together to create a setup like this:

{{{
#!graphviz
digraph G {
rankdir=LR
bs11->OpenBSC [ label="Abis/E1" ]
nanobts->OpenBSC [ label="Abis/IP" ]
OpenBSC->LCR [ label="MNCC Socket" ]
LCR->ISDN [ label="E1/PRI/BRI" ]
bs11 [ label = "Siemens\nBS-11" ]
nanobts [ label = "ip.access\nnanoBTS" ]
OpenBSC [ label = "OpenBSC\nNITB" ]
}
}}}

=== OpenBSC in BSC-only mode ===

If you want to use OpenBSC as a classic GSM BSC, you can do that as well. However, you will need all other parts of the GSM
network and a MSC that can provide an A-over-IP interface using SCCP-lite

{{{
#!graphviz
digraph G {
rankdir=LR;
bs11->OpenBSC [ label="Abis/E1" ];
nanobts->OpenBSC [ label="Abis/IP" ];
OpenBSC->MSC [ label="A/SCCP-Lite/IP" ];
subgraph core {
MSC->VLR;
MSC->HLR;
HLR->AUC;
label = "not included";
color = blue;
}
bs11 [ label = "Siemens\nBS-11" ];
nanobts [ label = "ip.access\nnanoBTS" ];
OpenBSC [ label = "OpenBSC\nosmo-bsc" ];
}
}}}

In order to use the BSC-only mode, you will use the [wiki:osmo-bsc] program.

Source code

=== Releases ===
As we're a mostly research oriented project, we don't really have any releases yet. This will likely change soon.

=== Development Version ===
You can check out the source code via {{{
git clone git://git.osmocom.org/openbsc.git
}}}
or browse it at http://cgit.osmocom.org/cgit/openbsc/

Mailing list

There's a '''developer''' mailing list called
Subscription is available at [http://lists.osmocom.org/mailman/listinfo/openbsc/]

IRC (Internet Relay Chat)

We have an IRC channel where some developers and users hang out. You can find it at:
irc.freenode.net/#openbsc

Project status

=== Things that work === * Housekeeping * [wiki:OML] Initialization of the BTS * Support for frequency hopping channels on BTS equipment that supports it (like BS-11) * [wiki:RSL] bringup, channel allocation, Channel required / Immediate Assign * Mobility Management * Very simplistic [wiki:HLR] implemented as sqlite database * Non-secure Authentication using [wiki:IMEI]/[wiki:IMSI] and regular SIM cards. * Authentication using COMP128v1 if you have SIM cards with known Ki * [wiki:IMEI]/[wiki:IMSI] skimming of all phones that try to register with OpenBSC * Transmission of MM INFO packets with operator name and local time / timezone * paging of mobiles that are registered to the BTS * keeping track of which location area a phone has last performed location updating * in-call handover between multiple cells inside one BSC * SMS Support * [wiki:SMS] reception and [wiki:SMS] sending, including routing between subscribers * Sending of SMS from OpenBSC command line * Sending of SMS from external applications by writing to the SQL tables * Voice Call Support * MO (Mobile Originated) and MT (Mobile Terminated) calls * TCH/F support with FR and EFR codec * TCH/H support with AMR codec (in BSC-only configuration) * E1 support * demultiplex of the four 16k sub-channels with voice data contained in one [wiki:E1] timeslot * support for multiple [wiki:TRX] in one [wiki:BTS] * support for multiple [wiki:BTS] connected to the same E1 link (multi-loop configuration) * Abis/IP support * Abis/IP protocol for nanoBTS * RTP gateway to interoperate E1 based BTS and nanoBTS on one BSC and switch calls between them * GPRS/EDGE support * configuring the nanoBTS OML objects/attributes for GPRS and EDGE * setting SYSTEM INFORMATION 13 via RSL * configurable RAID/CGI/NSVCI/NSEI/BVCI * have the BTS interoperate a SGSN with Gb (NS-over-IP) interface * beta state [wiki:OsmoSGSN] included along OpenBSC

=== Things that are implemented but don't work yet or aren't tested yet === * dynamic PDCH / TCH switching

=== Things being worked at === * GPS/DCF77 disciplined quartz reference for the HFC-E1 card (via HS-Esslingen, Student Research Project)

=== Things that are not implemented === * Cell Broadcast * Any type of transcoding of voice data * TCH/H voice calls (they work in [wiki:osmo-bsc], but not in [wiki:osmo-nitb]) * [wiki:CSD] calls * emergency call handling (works in [wiki:osmo-bsc], but not in [wiki:osmo-nitb]) * Discontinuous TX and RX ([wiki:DTX] / [wiki:DRX]) support

Authors

OpenBSC was mainly developed by [http://laforge.gnumonks.org/ Harald Welte] and Holger Freyther. Contributions by Dieter Spaar, Stefan Schmidt, Daniel Willmann, Jan Luebbe, Thomas Seiler and Andreas Eversberg.

Special thanks to Dieter Spaar for [wiki:BS11-Init] and tons of feedback and comments, without which we would not have been able to make progress as quickly as we did.

Files (0)

Updated by laforge about 8 years ago · 20 revisions

Add picture from clipboard (Maximum size: 48.8 MB)