After migrating from TTNv2 to v3 my devices constantly receive the following downlink:
0503D2AD84060703184F84500704E85684500705B85E84500706886684500707586E84500805
This is supposed to be a command indicating the frequencies the device can use.
This command is replacing the downlinks that i have scheduled myself. I want to stop this behaviour
I found the following topic and tried every solution i could find there:
I entered the factory settings of my device in the console, but this does not stop the command from being sent
I set the āmac-settings.status-count-periodicityā to 0 and āmac-settings.status-time-periodicityā to 0s
I tried to change the desired parameters of my device to match the current parameters using the ttn-lw-cli, but while the command succeeds the desired parameters are never changed.
Is there any other method of stopping this command from being sent? or at the very least give my own scheduled downlink priority over this command?
Please double check the RX2 settings.
Iāve had the same issue and here it was related to the RX2 frequency which is wrong in almost all preset vendor definitions as it is wrong in the example which anyone copied.
In your screenshot the frequency at least seems OK, but perhaps one of the other settings there isnāt right?
N.B. for the RX2 frequency issue, I opened an issue on GitHub for it as I really donāt know how it should be fixed as either fix is a bad one.
Not necessarily - the standard built-in delay for TTS is 5 seconds. But if your node is running ABP pre-TTS it will have Rx1 set to 1 second and there is no way for the server to update that figure, so it is set on the server to match the device.
OTAA updates it as part of the join-accept so old or new firmware, thatās sorted.
Without decyrypting the MAC command itās a bit fuzzy, but it may be that the device isnāt acting on the MAC command so it keep being sent. Hopefully the OP will report back with what the device, firmware & version is.
I have tried to decode the package using the Lora Packet Decoder. https://github.com/anthonykirby/lora-packet
But it doesnāt make any sense. It says itās a Join request with the completely wrong AppEUI and DevEUI.
I am using a HopeRF RFM95W module. With the 1.5.0 version of the LMIC library.
It seems that whatever the commmand is our software is not handling it. The problem is that this concerns devices that are already in use and cannot be modified. Therefore iām really hoping there is some way to prevent this command from being sent without any changes to the end device.
@TD-er
I have checked the RX2 frequency and it looks to be alright. I have also tried to remove it from the settings, but this doesnāt make a difference.
A version that knows what a MAC is but can only really process ADR requests.
Try the MCCI LMIC 3.1.0 or above - that is declared as being actually compliant - Iāve been using 3.2.0 for non-critical devices with no issues and using 4.0.0 on the bench.
Leave the Rx2 settings alone for now, getting āa stack that can macā is the priority here.
Try this for packet decoding, it makes using the Kirby code base simpler and has lots more explanations:
Thank you for your help, but that is not an option right now unfortunately. In the next iteration iāll be sure to update my software to something that is completely compliant to prevent these kind of issues.
My current pilot devices can however not be updated with new software.
Iāve also tried the online packet decoder. This gives me the same response:
Has per LoRaWAN specification RFU fields must be set to 000 (001 in this case) and the Major field has always a value of 00 (01 in this case).
RFU field definition:
Major field definition:
Another indication telling us that this is not a valid packet is the length of it. A JoinReq has always a size of 23 bytes => MHDR(1)+JoinEUI(8)+DevEUI(8)+DevNonce(2)+MIC(4) = 23
The hex-encoded packet has a size of 45 bytes.
It has to be noted as well that the JoinReq packet is not encrypted. This packet is only authenticated by the MIC computed using the AppKey.
Therefore the possibilities to have this happening are:
This packet has been transmitted by a LoRa (Not LoRaWAN) device. There is nothing that can be done. Just ignore this packet.
The Gateway is setup to forward all received packets including the ones having a wrong CRC.
The Gateways should be setup to only forward valid packets.
The end-device stack is not correctly implemented. As you say that LMIC is the used stack I doubt this to be the case. The JoinReq packet definition is the same since LoRaWAN 1.0.0
The OP implies that this is from his gateway - if it was a LoRa packet surely itās preamble, id code and inversion bit or what not (this area of LoRaWAN Iām still learning as you can tell) would be totally wrong. And very co-incidental that it be transmitted dead on the start of an Rx window.
He says itās a downlink.
He says it is a downlink after a join.
Hopefully Mr @577e4e6de7caf50f0070 will answer my question regarding if itās an encrypted packet or if itās taken from the web console.
But given that heās using a very old un-compliant version of LMIC, anything could be happening!
Even if this is a downlink the MHDR field is always transmitted not encrypted. Which means that this downlink is not a LoRaWAN packet.
In case this packet is a downlink I donāt think this issue to be related to the end-device.
I would more suspect a gateway setup issue.
It would be helpful if @577e4e6de7caf50f0070 could provide the gateway log as well as the Network Server log in order to identify what could be the cause for this issue.
With such gateway log we can see if this packet has been received from the Network Server or if it is something received on the RF interface.
I have doubts that the TTN network server would send to a gateway a non LoRaWAN packet.
My packet is a downlink i receive immediatly after sending an uplink. Not after a join.
I got the string directly from my arduino which prints the exact bytes it receives in the downlink.
Iāve been trying to decrypt the message using this go library lorawan package - github.com/brocaar/lorawan - pkg.go.dev, but iām really not sure if its encrytped or not since i donāt exactly understand what itās supposed to be.
When i change the gateway to use the V2 implementation or a private lora backend i do not have these problems. The only thing i change about the gateway is the forwarder address.
I will let you know if i have any succes getting more information out of the packet.
If I understand well the hex-decode packet is what your end-device receives (end-device log would be helpful).
Then this may mean that the problem is on the end-device side. Maybe a wrong handling of the end-device radio reception buffer.
As @descartes indicated maybe the only way to fix this would be to upgrade your firmware to use a more compliant stack implementation.
Would it be possible for you to check what the gateway really transmits (gateway log would be useful)?
Like this we can compare what has been transmitted and what has been received.
So, not encrypted then. Is there any chance you sent a confirmed downlink at some point? Because if itās never ACKd, the v3 stack is very very persistent (as I found out).
So if the device is on v3 but you change the gateway back to v2, this problem goes away?
Ah, OK. Really must fill in the blanks on the bit between āsend thisā and the app server.
Maybe write a device stack of my own - I mean, how hard can it be!
As I donāt recall 1.5 printing any MAC commands as standard, unless this has been added by Mr577, it will take a bit of testing to figure out what it might actually mean.
As @mluis says, an actual gateway log would be good, even better run the gateway and device web consoles and capture the exchange in verbose mode (screen shot) and give us the full JSON of the downlink (text) and even better, both!
