05-04, 18:15–18:45 (Europe/Berlin), Meeting Room
Often I get a 3GPP related network trace (pcap), and have to manually gather leads to find out what exactly is going on in it. I have tried different ways to automate the analysis part, and will share what I ended up with.
I'll show my little tools that I played with to trace and visualize GSM network activity.
Immature as all of it is, maybe it is interesting to share and form a vision of a helpful tool.
For example, when the task is to find out: at which network edge of a call leg do the RTP packets drop.
First I need to know the chain of RTP ports that one particular subscriber uses.
Then I need to count RTP packets arriving at each of them.
Another example, there are a bunch of {PFCP,MGCP} conversations, setting up the user plane vectors.
Are all the ports configured correctly? I have to read through the entire {PFCP,MGCP} session to overlay all the bits that form the final result.
Another example, in a very active network, a particular voice call has a problem. How do I efficiently examine only those packets that are directly related to this particular TMSI / IMSI / RTP packet / RSL-ChanRef / ...
Most of my career happened in FLOSS.
sysmocom employee since 2015.
I wrote a large portion of Osmocom's CNI code in osmo-bsc, -msc, -hlr, -hnbgw...
Currently mostly busy in the realms:
- negotiating voice codecs in osmo-msc, -bsc, -sip-connector
- PFCP and UPF (osmo-upf, gtp-load-gen, ...)