LoRa packet analysis

(Felipe Robles) #1

Hi everyone, I have a couple of questions, I hope you can point me out on the right direction:

So I have a TTN gateway and a Dragino acting as an End-Device, my first try was to create a private network server, so I followed a guide (https://www.thethingsnetwork.org/article/setting-up-a-private-routing-environment) In which I managed to follow all the steps but at the end it is not “private” backend is just connecting to TTN, so this is my question: What else Can I do in order to receive the LoRa packets that my gateway sends besides the TTN online console.

The main objective of this project is because I want to analyze the LoRa packets that the Gateway sends, if there is another option that you know how can I do this please let me know.

I have tried to connecting the gateway through the ethernet interface of my Laptop sharing the Wifi connection and with wireshark analyzing the packets that go through that interface but I have TCP packets and TLS packets in which I believed the data is sent but I think certificates to decrypt the data are necessary.

I was also thinking of creating a DNS server and acting as TTN and fowarding the packets to me but since Certificates are needed I dont know if I am going to be able to achieve this.

So this is mainly what I want, a point where I can see the packets and analyze them or capture the data with wireshark.

Thanks in advance




theoretically you can ‘grab’ the gateway’s RF signal from the air with a modified RFM95 + code.
but I haven’t seen examples in the wild

(Jac Kersing) #3

What is the goal? The packet format (including the sources used to create the packets) is publicly available so what are you looking for?

(Felipe Robles) #4

My goal is to get the packets that are sent from the gateway and analyze them.

What do you mean with the packet format being publicly available?

(Jac Kersing) #5

What do you expect to find within the packets that is not available in the TTN console?

The TCP protocol uses MQTTS with protobuf. The protobuf definitions can be found in TTN Github repos. (The back-end uses them and all back-end code is open source)
The UDP protocol definition can be found at github repo with the Semtech packet forwarder sources.

(Arjan) #6

To add to kersing’s questions:

Is this relevant for what you want, or do you want all messages (for any node) that the gateway “sends”?

If you only want to know about this specific device, which might actually also be handled by other gateway(s), then the MQTT Data API (including its #/events/# topic) might suffice to see what’s going on?

Is that “sends” as in “LoRaWAN downlinks that it has been commanded by TTN to transmit wirelessly”, or as in “LoRaWAN uplinks that it forwards to TTN over the internet”? Or is it even about the bare packets of the LoRa radio protocol that are being received and transmitted, rather than the bytes of the LoRaWAN messages?

Without setting up some private network, to see what the TTN Gateway is doing for devices that are not yours, I think you’ll need to compile your own firmware to log all received and transmitted LoRaWAN packets. If you’re after the LoRa radio packets, then I think it cannot be done on the gateway, as the gateway delegates all that to the embedded LoRa card which you cannot easily reprogram yourself.

(LoRaTracker) #7

I did a logging program, for a Arduino and SX1272/6/8. It will log received packets as hex or ASCII to terminal or SD card. It works on point to point or LoRaWAN, but being single frequency and single spreading factor it misses most of the LoRaWAN packets, so not very useful really.

(Arjan) #8

And if it’s about LoRaWAN messages rather than LoRa radio packets, and if you can wait for V3, then see also (emphasis mine):