How to block devices on LoRaWAN gateway

Hi all,

We have been testing our device with gateway and have got some of the other devices are sending join request continuously.

Due to this our network does not remain stable and not able to get all data from all our devices.

What is best practice to handle this kind of scenario in actual development?

Lalit Shah

I have had a similar problem a few weeks ago, “Misbehaving Nodes”.
It seems not to be possible to blacklist other nodes. A gateway receives everything and if the CRC is valid the data will be forwarded to the server.

Are you implying the ethernet connection can’t handle the load? (Unlikely) Or does your gateway not receive all traffic from your nodes (to be expected due to collisions on the airwaves)?

Try to find the owner of the misbehaving nodes. There is no way (and it is not useful) to filter traffic with current gateway software.

Hi Kersing,

Thanks for suggestion.

We are able to receive data of node on gateway but not able to forward all our data on back-haul connectivity. As we are getting join request from other Node to fast.

Is there any mechanism we can not forward this traffic on back-haul connectivity?

Lalit Shah

Some data would help:

  • How many uplinks per hour on average from all your nodes?
  • How fast is fast for this other node - average number of attempts per hour?
  • What are its EUI’s, RSSI & SNR?

What are you using for backhaul? Join requests is not a lot of data when forwarded from gateway to the backend, at least not for a tcp/ip connection. What data rates are you observing?

No there isn’t in the current standard software versions for gateways. What brand of gateway are you using?

It’s not really a software problem.

Rather it’s a designed aspect of architecture & policy: a gateway can’t know what is or isn’t legitimate traffic.

Only the servers know that, in the sense of what nodes they’ve been given information sufficient to interact with.

A lot of people also forget that “their” TTN gateway is by definition for other people’s traffic and not just their own.

That said, in very particular cases such as a flood of join requests it may be possible to implement rate-limiting in a way that would not penalize a legitimate but unknown node, but only reduce the harm caused by a misconfigured one.

1 Like

That would be possible for gateways where the owner can replace the packet forwarder with something they build themselves (or have someone build for them). As we (still) don’t know what the brand of the gateway is it is hard to provide a definitive answer for this particular case.

It could also be done at a box co-located with the gateway and providing its connectivity, provided that SSL or similar terminates there and not in the packet forwarder.

I like the architectural cleanliness of having a packet forwarder worry about radios and something else deal with the Internet. It meant things like Semtech’s sx1302 code being a distinct software project has little headache, since that’s confined to the packet forwarder. Similarly the forwarder need not track improvements in backend scheme.

1 Like

That works for UDP forwarders but is quite a bit harder to implement for BasicStation.

Hi all,

Thanks for your support and guidance.
We are actually using BasicStation and trying to get it done with basic station.

Lalit Shah

You come here to ask for advice but seem unwilling to provide any details asked for.
This feels like wasting other people’s time.

Hi all,

Sorry but there ware multiple questions and i may have missed and don’t have any intension to waste time of anyone.

We are using 4G connectivity as backhaul.
We are sending data at every 15 minutes from our device.
We have been getting join request from multiple devices and not able to get exact details for those devices.
RSSI and all was good from our devices and other devices from which we are getting join request.
We are using IMST ic880a lora concentrator board and have our own custom gateway design on top of this.

1 Like

BasicStation does not have filtering build in as far as I know, if you want to filter you will have to modify the software yourself to add that capability.

In my experience (multiple 4G connected gateways) the backhaul should provide plenty bandwidth for LoRaWAN including join requests. If you want all the traffic on a metered connection is another issue of course.

The best course of action would still be to try to locate the devices sending those join requests and get the owner(s) to solve the issue. Search the forum for hints on how to hunt for rogue devices, there have been several forum members that successfully solved their issues that way.

1 Like

Dear Jac,

Thanks for your support, will try to look into how to hunt for rogue device and will try to get this shorted out.

Lalit Shah