-
Notifications
You must be signed in to change notification settings - Fork 7
Wireless measurements with USRP notes
-
HW config
- Tx equipment: TP-Link AC1750 V4 (US), openwrt, txpower 23.00 dBm
- RX equipment: USRP B210
- B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
- RX USRP config: gain 0dB, freq 5240e6 (channel 48)
Output file: Beacon_5240MHz_25Msps_c64.iq.7z (the packet was cut from a file of 2 seconds using numpy and pylab)
Inyecting beacon_5240MHz_c64.iq packet.
Flowgraph from file to USRP sink. 60dB gain, 20dB external attenuator, using cable to antenna input.
Running aircrack-ng in OpenWRT:
# iw phy phy0 interface add mon0 type monitor # ifconfig mon0 up # ifconfig wlan0 down
# airodump-ng -c 48 mon0
CH 48 ][ Elapsed: 2 mins ][ 2018-11-28 11:00
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
50:C7:BF:F9:1D:BF -51 100 22521 0 0 48 54e WPA2 CCMP PSK calle13enel115
BSSID STATION PWR Rate Lost Frames Probe
All 3 antennas measure between -51 to -52.
Rx into SMA (not to the UFL connector). Using openwrt default config:
# ifconfig wlan0 down # ifconfig wlan1 down # ifconfig wlan2 down
# iw phy phy2 interface add mon0 type monitor # ifconfig mon0 up
# airodump-ng -c 48 mon0
CH 48 ][ Elapsed: 3 mins ][ 2018-08-16 08:14
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
50:C7:BF:F9:1D:BF -48 100 21401 0 0 48 54e WPA2 CCMP PSK calle13enel115
BSSID STATION PWR Rate Lost Frames Probe
Both antennas of phy2 measure -48 to -49 dB. Both antennas of phy1 measure -50 to -51 dB.
Tx with USRP using slider to control the TX gain. Movin the gain until losing some packets
- phy2: gain 26dB+-1. airodump-ng reports between -82 +-1 PWR in both antennas.
- phy1: gain 23dB+-1. airodump-ng reports between -83 +-1 PWR in both antennas.
CH 48 ][ Elapsed: 1 min ][ 2018-11-22 17:49 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
50:C7:BF:F9:1D:BF -85 0 15221 0 0 48 54e WPA2 CCMP PSK calle13enel115
- gain 24+-1dB airodump-ng reports -85+-1dB
Same beacon packet but tx at 2412MHz.
- TP-Link AC1750, gain 20+-1dB airodump reports -85 +-2
- LibreRouter: gain 19dB+-2 dB, airodump reports -86dB+-2 in both antennas.
As testing equipment USRP is not calibrated so a relative measurment is performed! All measurments channel with 20MHz, AP mode (measuring only beacons)
HW config:
- Tx equipment: TP-Link AC1750 V4 (US), openwrt, txpower 23.00 dBm and 10dBm
- RX equipment: USRP B210
- B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
- RX USRP config: gain 0dB, freq 5240e6 (channel 48)
AC1750 configured with 10dBm Tx power and with maximum value of 23dBm:
import pylab;import numpy as np
s10dBm = np.fromfile("/tmp/foo10dBm.iq", dtype=np.complex64)
s23dBm = np.fromfile("/tmp/foo23dBm.iq", dtype=np.complex64)
# low pass averaging filter
s10dBm_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s10dBm))
s23dBm_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s23dBm))
# to power
s10dBm_pow = s10dBm_abs_filt**2
s23dBm_pow = s23dBm_abs_filt**2
s10dBm_packet_power = max(10*np.log10(s10dBm_pow))
s23dBm_packet_power = max(10*np.log10(s23dBm_pow))
In [102]: s10dBm_packet_power
Out[102]: -35.480660674158344
In [103]: s23dBm_packet_power
Out[103]: -21.831679644312317
In [104]: s23dBm_packet_power - s10dBm_packet_power
Out[104]: 13.65
def get_power_dB(iq_filename):
import scipy.signal
import numpy as np
s = np.fromfile(iq_filename, dtype=np.complex64)
s_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s))
return max(10*np.log10(s_abs_filt**2))
HW config:
- Tx equipment: TP-Link AC1750 V4 (US), openwrt, txpower 24.00 dBm
- RX equipment: USRP B210
- B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
- RX USRP config: gain 0dB, freq 2412e6 (channel 1)
In [107]: s24G_24dBm = np.fromfile("/tmp/foo.iq", dtype=np.complex64)
In [112]: s24G_24dBm_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s24G_24dBm))
In [116]: s24G_24dBm_pow = s24G_24dBm_abs_filt**2
In [117]: s24G_24dBm_packet_power = max(10*np.log10(s24G_24dBm_pow))
In [118]: s24G_24dBm_packet_power
Out[118]: -15.600464684115583
- LR mPCI phase2: AP mode
- RX equipment: USRP B210
- B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
- RX USRP config: gain 0dB
root@OpenWrt:/# iw dev
phy#2
Interface wlan2
ifindex 29
wdev 0x200000007
addr 00:02:03:04:05:06
ssid OpenWrt58_2
type AP
channel 48 (5240 MHz), width: 20 MHz, center1: 5240 MHz
txpower 23.00 dBm
phy#1
Interface wlan1
ifindex 28
wdev 0x100000007
addr 00:02:03:04:05:06
ssid OpenWrt58_1
type AP
channel 36 (5180 MHz), width: 20 MHz, center1: 5180 MHz
txpower 23.00 dBm
phy#0
Interface wlan0
ifindex 27
wdev 0x7
addr 00:03:7f:00:01:db
ssid OpenWrt24
type AP
channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
txpower 26.00 dBm
PHY1 ANT-0
In [29]: get_power_dB("/tmp/lr_phy1_ant0.iq")
Out[29]: -14.776969585143982
PHY1 ANT-1
In [30]: get_power_dB("/tmp/lr_phy1_ant1.iq")
Out[30]: -14.640995016503147
PHY2 ANT-0 @ 5248MHz
In [30]: get_power_dB("/tmp/lr_phy2_ant0.iq")
-16.84399427194689
PHY2 ANT-1 @ 5248MHz
In [30]: get_power_dB("/tmp/lr_phy2_ant1.iq")
-16.24412426147313
txpower 26dBm channel 11, 2462MHz
ANT-0
In [35 get_power_dB("/tmp/lr_phy0_ant0.iq")
Out[35] -11.335171607525222
ANT-1
In [36]: get_power_dB("/tmp/lr_phy0_ant1.iq")
Out[35]: -11.018415015427049
- LibreRouter 2.4GHz radio has 3dB+-1dB more per antenna than TP-Link AC1750. AC1750 has tx 3 antennas and LR has tx 2 antennas so radiated power is almost the same.
- LibreRouter 5.8GHz radio has 5dB+-1dB more per chain than the TP-Link (also 2 antennas vs 3 antennas).
This lab report of the TP-Link AC1750 states that 5.8GHz radio has 19dBm+-1dB per antenna and the 2.4GHz has 16+-3dB (depends on the channel) per antenna. Using this report as reference:
- LR 2.4GHz tx power is 19dBm+-3dBm at each antenna port
- LR 5.8GHz tx power is 24dBm+-1dBm at each antenna port