Using community gateways for a commercial product

Indeed, if at all possible we tend to install a gateway backhauled on each of two mobile network providers.

The key question here would be if the packet broker ends up usable by something that is not the TTN v3 stack - not just not the off the shelf version, but an entirely distinct codebase.

If there’s an extractable interchange standard that’s flexible enough to interwork with a variety of commercial needs, this may work. But if it’s only going to work for local builds of essentially the same software, that’s limiting.

Hi @kersing, you are correct.

Many forum members may be unaware that public/routable LoRaWAN dev_addr addresses cost real money that has to be paid to the LoRa Alliance and that TTI currently pays the high cost of this for the TTN network. This should be taken up with the LoRa Alliance.

Any organisation - commercial or community - that does not need to roam or use packet broker does not need to pay.

1 Like

Hi @cslorabox,

The packet broker API specifications and code are all on github at

Very nice, but I’m quite sure that a lot of applications don’t “need” that.

I’m suffering a failure of imagination regarding how this community and business thing works.

If sessions are between back-end servers and nodes, and gateways will pick up any packet at least for analysis to see if it needs to pass it on to the server, isn’t a DDoS trivial? Even the fair use policy could only be implemented by the servers and I assume gateways can’t selectively listen for nodes because they don’t know who’s talking until they’ve received and examined the message.

It sounds like a risk setting up a network of commercial gateways that can easily be flooded even if they’re not forwarding the uplinks to a server. I assume LoRaWAN is pretty rare still so this isn’t an immediate problem but I can’t wrap my head around how it’s supposed to work in future.

And what is the impact of people breaking the rules using these RF bands? Do other technologies suffer?

Apart from the technical knowledge that would be required, DDoS’ing LoRaWAN isn’t focused on any particularly user group as the perpetrator wouldn’t know precisely who was using it, so philosophically would probably be at student prank level. I’d think the mobile phone networks would be a more impactful target.

However this thread isn’t about naughty people, it’s about the wisdom of basing a commercial offering on the potentially ephemeral community gateway coverage in an area (town, region, country).

The “bottleneck” in the system is the actual gateway receive mechanism, which can work on a less than fully arbitrary combination of 8 potential packets arriving at various spreading factors on various frequencies (note the combinations do NOT necessarily all need to be on unique frequencies).

DOS’ing a gateway would be fairly simple; but also likely illegal as transmitting signals for the purpose of interference rather than to accomplish a legitimate purpose is banned essentially everywhere.

Given the limitation of the gateway, it should not be possible to DOS the backhaul and servers through the gateways if those are well designed as compared to most Internet-era data tasks the bandwidth of information that can fit through the gateways is fairly small. Attacks on the Internet-connected infrastructure originating on the Internet are probably of more concern.