Difference between revisions of "Wireshark monitoring traffic inside YateENB"

From YateBTS
Jump to: navigation, search
(Capture traffic)
Line 1: Line 1:
To capture traffic inside YateENB, the Mobility Management Entity (MME), eNodeB and UE must use EPS encryption algorithm '''EEA0''' and must be supported by both sides.
+
To capture traffic inside YateENB, the Mobility Management Entity (MME), eNodeB and UE must use EPS encryption algorithm '''EEA0'''. This algorithm must be supported by both sides.
  
EEA0 (EPS Encryption Algorithm 0) is not using ciphering at all.  
+
EEA0 (EPS Encryption Algorithm 0) doesn't use ciphering at all.  
  
 
In ['''mme'''] section of '''yateucn.conf''' file add the following lines:
 
In ['''mme'''] section of '''yateucn.conf''' file add the following lines:
 +
 +
['''mme''']
 
  cipher_algos=EEA0
 
  cipher_algos=EEA0
 
  enb_cipher_algos=EEA0
 
  enb_cipher_algos=EEA0

Revision as of 13:20, 21 September 2017

To capture traffic inside YateENB, the Mobility Management Entity (MME), eNodeB and UE must use EPS encryption algorithm EEA0. This algorithm must be supported by both sides.

EEA0 (EPS Encryption Algorithm 0) doesn't use ciphering at all.

In [mme] section of yateucn.conf file add the following lines:

[mme]
cipher_algos=EEA0
enb_cipher_algos=EEA0

First setting is for YateUCN (UCN tells the eNodeB to use EEA0) and second is for YateENB (eNodeB tell the UE to use EEA0). To activate the changes reload yateucn from rmanager or restart yate-ucn.service and reattach UE to the eNodeB.

Capture traffic

  • From eNodeB rmanager console (telnet 0 5037) type: enb capture start mac 23234
  • From YateUCN linux console type: tcpdump -i any not tcp -w captured-trafic.pcap
  • Start using internet over LTE from the UE. (After you finish you can stop tcpdump capture with Ctrl+C and open captured-traffic.pcap file with Wireshark.)
  • Captured traffic: S1 Interface (S1AP and GTP-U, YateENB ↔ EPC)

Wireshark settings

  • To see MAC-LTE captured traffic with Wireshark, check all options from: Analize -> Enabled protocols -> MAC-LTE
  • Then on Protocol Preferences:
    • Source of LCID -> drb channel settings: check From configuration protocol
    • Which layer info to show in info column: check RLC info