Wireless measurements with USRP notes

spiccinini edited this page Dec 6, 2018 · 6 revisions

Wireless measurements with USRP notes

Capture packet with USRP

  • HW config

    • Tx equipment: TP-Link AC1750 V4 (US), openwrt, txpower 23.00 dBm
    • RX equipment: USRP B210
    • B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
    • RX USRP config: gain 0dB, freq 5240e6 (channel 48)

Output file: Beacon_5240MHz_25Msps_c64.iq.7z (the packet was cut from a file of 2 seconds using numpy and pylab)

Send packet with USRP

Inyecting beacon_5240MHz_c64.iq packet.

Flowgraph from file to USRP sink. 60dB gain, 20dB external attenuator, using cable to antenna input.

Running aircrack-ng in OpenWRT:

# iw phy phy0 interface add mon0 type monitor # ifconfig mon0 up # ifconfig wlan0 down

Receiving with AC1750

# airodump-ng -c 48 mon0

CH 48 ][ Elapsed: 2 mins ][ 2018-11-28 11:00

BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

50:C7:BF:F9:1D:BF -51 100 22521 0 0 48 54e WPA2 CCMP PSK calle13enel115

BSSID STATION PWR Rate Lost Frames Probe

All 3 antennas measure between -51 to -52.

Receiving with LibreRouter phase2 (SN 003)

Rx into SMA (not to the UFL connector). Using openwrt default config:

# ifconfig wlan0 down # ifconfig wlan1 down # ifconfig wlan2 down

# iw phy phy2 interface add mon0 type monitor # ifconfig mon0 up

# airodump-ng -c 48 mon0

CH 48 ][ Elapsed: 3 mins ][ 2018-08-16 08:14

BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

50:C7:BF:F9:1D:BF -48 100 21401 0 0 48 54e WPA2 CCMP PSK calle13enel115

BSSID STATION PWR Rate Lost Frames Probe

Both antennas of phy2 measure -48 to -49 dB. Both antennas of phy1 measure -50 to -51 dB.

Sensitivity

LibreRouter

Tx with USRP using slider to control the TX gain. Movin the gain until losing some packets

  • phy2: gain 26dB+-1. airodump-ng reports between -82 +-1 PWR in both antennas.
  • phy1: gain 23dB+-1. airodump-ng reports between -83 +-1 PWR in both antennas.

TP-Link AC1750

CH 48 ][ Elapsed: 1 min ][ 2018-11-22 17:49 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

50:C7:BF:F9:1D:BF -85 0 15221 0 0 48 54e WPA2 CCMP PSK calle13enel115

  • gain 24+-1dB airodump-ng reports -85+-1dB

2.4GHz test

Same beacon packet but tx at 2412MHz.

  • TP-Link AC1750, gain 20+-1dB airodump reports -85 +-2
  • LibreRouter: gain 19dB+-2 dB, airodump reports -86dB+-2 in both antennas.

Measure Tx power with USRP

As testing equipment USRP is not calibrated so a relative measurment is performed! All measurments channel with 20MHz, AP mode (measuring only beacons)

TP-Link AC1750

5.8GHz

HW config:

  • Tx equipment: TP-Link AC1750 V4 (US), openwrt, txpower 23.00 dBm and 10dBm
  • RX equipment: USRP B210
  • B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
  • RX USRP config: gain 0dB, freq 5240e6 (channel 48)

AC1750 configured with 10dBm Tx power and with maximum value of 23dBm:

import pylab;import numpy as np
s10dBm = np.fromfile("/tmp/foo10dBm.iq", dtype=np.complex64)
s23dBm = np.fromfile("/tmp/foo23dBm.iq", dtype=np.complex64)

# low pass averaging filter
s10dBm_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s10dBm))
s23dBm_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s23dBm))

# to power
s10dBm_pow = s10dBm_abs_filt**2
s23dBm_pow = s23dBm_abs_filt**2

s10dBm_packet_power = max(10*np.log10(s10dBm_pow))
s23dBm_packet_power = max(10*np.log10(s23dBm_pow))

In [102]: s10dBm_packet_power
Out[102]: -35.480660674158344

In [103]: s23dBm_packet_power
Out[103]: -21.831679644312317

In [104]: s23dBm_packet_power - s10dBm_packet_power
Out[104]: 13.65

def get_power_dB(iq_filename):
    import scipy.signal
    import numpy as np
    s = np.fromfile(iq_filename, dtype=np.complex64)
    s_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s))
    return max(10*np.log10(s_abs_filt**2))

2.4GHz

HW config:

  • Tx equipment: TP-Link AC1750 V4 (US), openwrt, txpower 24.00 dBm
  • RX equipment: USRP B210
  • B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
  • RX USRP config: gain 0dB, freq 2412e6 (channel 1)
In [107]: s24G_24dBm = np.fromfile("/tmp/foo.iq", dtype=np.complex64)

In [112]: s24G_24dBm_abs_filt = scipy.signal.lfilter(np.ones(100)/100, [1], np.abs(s24G_24dBm))

In [116]: s24G_24dBm_pow = s24G_24dBm_abs_filt**2

In [117]: s24G_24dBm_packet_power = max(10*np.log10(s24G_24dBm_pow))

In [118]: s24G_24dBm_packet_power
Out[118]: -15.600464684115583

LibreRouter phase2

  • LR mPCI phase2: AP mode
    • RX equipment: USRP B210
    • B210 connected directly to antenna input/output using SMA cable with 20dB attenuator and RP-SMA to SMA adapter.
    • RX USRP config: gain 0dB
    root@OpenWrt:/# iw dev
    phy#2
            Interface wlan2
                    ifindex 29
                    wdev 0x200000007
                    addr 00:02:03:04:05:06
                    ssid OpenWrt58_2
                    type AP
                    channel 48 (5240 MHz), width: 20 MHz, center1: 5240 MHz
                    txpower 23.00 dBm
    phy#1
            Interface wlan1
                    ifindex 28
                    wdev 0x100000007
                    addr 00:02:03:04:05:06
                    ssid OpenWrt58_1
                    type AP
                    channel 36 (5180 MHz), width: 20 MHz, center1: 5180 MHz
                    txpower 23.00 dBm
    phy#0
            Interface wlan0
                    ifindex 27
                    wdev 0x7
                    addr 00:03:7f:00:01:db
                    ssid OpenWrt24
                    type AP
                    channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
                    txpower 26.00 dBm

5.8GHz

PHY1 ANT-0

In [29]: get_power_dB("/tmp/lr_phy1_ant0.iq")
Out[29]: -14.776969585143982

PHY1 ANT-1

In [30]: get_power_dB("/tmp/lr_phy1_ant1.iq")
Out[30]: -14.640995016503147

PHY2 ANT-0 @ 5248MHz

In [30]: get_power_dB("/tmp/lr_phy2_ant0.iq")
-16.84399427194689

PHY2 ANT-1 @ 5248MHz

In [30]: get_power_dB("/tmp/lr_phy2_ant1.iq")
-16.24412426147313

2.4GHz

txpower 26dBm channel 11, 2462MHz

ANT-0

In [35 get_power_dB("/tmp/lr_phy0_ant0.iq")
Out[35] -11.335171607525222

ANT-1

In [36]: get_power_dB("/tmp/lr_phy0_ant1.iq")
Out[35]: -11.018415015427049

Conclusions

  • LibreRouter 2.4GHz radio has 3dB+-1dB more per antenna than TP-Link AC1750. AC1750 has tx 3 antennas and LR has tx 2 antennas so radiated power is almost the same.
  • LibreRouter 5.8GHz radio has 5dB+-1dB more per chain than the TP-Link (also 2 antennas vs 3 antennas).

This lab report of the TP-Link AC1750 states that 5.8GHz radio has 19dBm+-1dB per antenna and the 2.4GHz has 16+-3dB (depends on the channel) per antenna. Using this report as reference:

  • LR 2.4GHz tx power is 19dBm+-3dBm at each antenna port
  • LR 5.8GHz tx power is 24dBm+-1dBm at each antenna port
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.