Open in app

Sign in

Write

Sign in

Building an Open and Private LTE Network

Joey Padden
open5g
Published in
10 min readOct 19, 2020

A couple of years ago I wrote a blog about building your own LTE network while I was working at CableLabs. At the time, I was focused on building a lab grade network for doing research. It didn’t have requirements for availability, scalability, or need any fancy features. Using all open source software for such a network made sense and fit the maturity of the open source options at the time.

As I reprise that post 3 years later, a lot has changed. Private networks, no matter who you ask (see: here, here, or here) have transitioned from lab toys to a multi-billion dollar industry. Open source too has left the lab and solutions from the likes of RedHat, OpenStack, O-RAN Alliance, and the Telecom Infra Project are a growing presence in operators networks globally. As the footprint of open source grows, and network operators see the benefits of deploying open source, the industry is responding by developing open source solutions moving up the stack. Now with the introduction of the Magma project, open source is moving into complex network functions like the core of the 4G and 5G mobile network.

Dumping gas on the open and private network fire, the FCC has made available commercially deployable CBRS spectrum that we see taking off in the recent auction and as Spectrum Access Systems (SASs) go live. With it’s 3 tier access, CBRS means anyone can get a meaningful chunk of airwaves with 25 times (or more) the power of most Wi-Fi networks to deliver high quality wireless services.

In light of these changes, in this version of the build your own network how-to, I will move our target from a lab network to a commercial grade LTE network deployment. Let’s get started.

The Ingredients

There are 6 key components to an open and private LTE network:

The marketplace for these components has changed significantly in the last few years. Today an individual or small enterprise has the ability to get a hold of commercial grade LTE components at achievable price points. That’s new, so let’s look closer.

The Core

Perhaps the biggest shift has come recently with the Magma Core project. Previously your only option for a commercial grade LTE core was to go to a traditional mobile vendor and pay healthily. But now, you can deploy your own instance of an open source multi-access core network from the Magma Core project. Magma provides unified core functions for 4G LTE, 5G SA, and Enterprise Wi-Fi networks, built as a set of cloud native microservices. FreedomFi has taken the Magma project and developed a curated and hardened version we sell for as little as $300 for a single Gateway network (good for up to about 5 radios). But it’s open source, if you don’t mind a little elbow grease, you can buy your own hardware/AWS machines and create your own Magma core by going here and pulling the latest release.

Radios

Next you need a radio to plug into your new core. Until recently LTE radios were tough to come buy if you weren’t a mobile network operator. And even if you could buy one, they were all built for specific licensed spectrum bands you likely weren’t allowed to radiate on. BUT! CBRS is changing all of that by creating a growing market of off the shelf radios, with varying capabilities (indoor, outdoor, low power, high power, multi-sector, multi-carrier, etc) all built for spectrum you can actually use. Vendors like Baicells, Accelleran, Blinq Networks, and Airspan all have CBRS radio portfolios. Better yet, they are available for anyone to order off websites like DoubleRadius, ISPSupplies, and WinnComm. All of these offerings are giant steps ahead of a BYO radio based on a mini-pc and an SDR in terms of power output, performance, and environmental hardening; these are radios you can deploy. For a full list of devices you can hunt down, go to the OnGo certification page and you can see a list of all the FCC approved devices.

At FreedomFi, we’ve had good luck with the Baicells 436Q and the Accelleran E1000 products in our early deployments.

A couple of gotchas to watch out for when ordering an LTE radio:

  1. LTE radios often don’t come with integrated antennas. You’ll need to chose between an omnidirectional (think donut shape coverage) or a sector antenna (more directional, focused energy) when ordering an antenna.
  2. Features vary significantly, so looks closely. In these early days of CBRS, many products are focused at fixed wireless deployments and don’t support the common mobility features you might be expecting (e.g. seamless handover). So read the spec sheets and ask questions to make sure you are getting a radio that does what you need.
  3. Most of these modern small cells are heavily software driven. Because of this, the same HW package can have really different functionality based on the license you purchase with it. Here again your best bet is to read the fine print and ask questions about things like carrier aggregation, split cell modes, number of UEs supported, and number of carriers.
  4. SAS interoperability is another topic to double check. We’ll talk more about this next, but as CBRS and SAS integration is still new, not all radios play nice with all SASs yet, so ask.

Spectrum

The spectrum game changed in 2017 when CBRS left the rule making phase and entered the market. This band is a whole new approach to sharing the valuable airwaves bouncing around the nation. Boris made this point clearly before, so I won’t belabor it. The point here is, to get access to CBRS spectrum you need a commercial relationship with a SAS operator and most likely a Certified Professional Installer (CPI) to perform / approve your installation. As of today you have 5 choices for SAS operators (in alphabetical order) Amdocs, CommScope, Federated Wireless, Google, and Sony.

At FreedomFi we’ve had good initial success testing with Federated Wireless and Google. Depending on what package you select when buying a FreedomFi Gateway, we can also provide you a SAS connection and CPI services. Or for about $600 you can take an online course from Google, Federated Wireless or others and become a CPI yourself.

Once you have your SAS connection, the SAS will periodically make sure your radio power and channel selection aren’t going to cause interference, and configure your radio to ensure it stays that way. In this way, the SASs keep the CBRS spectrum clean and interference free, making your private network more performant.

The one gotcha I can share for SAS configuration is the units. Some power values are in dBm / MHz, others are in dBm / 10 MHz, and others can be in total power, just dBm. If you have configuration issues (e.g. keep getting error code 103 responses from SAS) triple check you haven’t mixed your units.

SIM Cards

I’m gonna be honest, I’ve been programming SIM cards for lab and private networks for 10 years, and they still baffle me. They are so powerful, they can do so much, but configuration and management of SIM cards is a Byzantine affair. To make things more fun, some UEs honor SIM fields strictly, others ignore various settings in favor of values stored in a black box somewhere. But as SIM cards are the literal key to LTE security, you gotta have them.

There are a handful of options on how to get SIM cards: you can talk to ThalesGroup for tier one service, you can go to Alibaba and try your luck, or you can work with SmartJac. At FreedomFi we have always used SmartJac for their quick service and great support. Alternatively many radio providers (e.g. Baicells) will also sell you SIMs along with your radios.

For most basic private network operators, here are the important items you need to worry about, and some suggestions on how to handle them:

  1. Ki — This is the private key for each subscriber. For a lab setup, handy to have all your SIMs match. For any production network, ask your SIM provider to randomize these per card.
  2. OP/OPc — OP is your operator secret key. OPc is a munge of Ki and OP you store in your HSS. You should pick an OP and keep it somewhere real safe. You can then provide OP to your SIM provider and they will calculate OPc using the random Ki they chose and put these in your SIMs.
  3. IMSI — This is the subscriber identity. It is made of your PLMN + a unique number for each subscriber. More on this in the next section.
  4. SPN — This a fun one, the Service Provider Name field in the SIM is what makes your phone say “Bob’s Wireless” of whatever name you choose for your network. Android tends to honor it and display the name, iOS phones less reliably.
  5. PINs — Some SIMs have security PINs to enable/disable them. You can chose how secure you want your SIMs. Keep in mind the subscriber you give the SIM card to has to remember the SIM and plug it into their phone to activate the SIM. So, SIM PINs can also be a source of trouble calls.

One last note on SIMs. They come in many sizes e.g. standard, micro, mini, nano. When you order SIMs, you have to select your size or chose a multi form factor card. In a multi form factor SIM, you can pop out a nano, from a mini, from a micro… etc. They are handy if you don’t know the exact set of devices you plan to support and what their SIM needs are.

PLMN/SHMI/IMSIs

Yeah, I know, PL-what? These fun acronyms are the way LTE/5G networks identify themselves to UEs and vice a versa. You can kinda think of PLMN like an SSID for Wi-Fi, though I’m sure many 3GPP people just cringed reading that. To deploy a private network, you need the right to use a PLMN and your SIM cards need configuration to match it.

In the case of CBRS, the CBRS Alliance has developed a shared PLMN, or Shared Home Network Indicator (SHMI) that can be used by many private network operators. There is a registration process and a bunch more detail I’ll get into in a future post. For now, CBRS Alliance has a good page with some specifications at the top to help understand these needed values are and how you get them. Also be sure to watch the linked webinar, it too contains good information.

Some radio vendors also have registered PLMNs that can be used with the purchase of their gear. Baicells for example provides its customers with a PLMN they can use.

Last note on identifiers, unlike SSID in Wi-Fi, they are controlled in the LTE/5G world, so be sure to use something you have the right to use. Broadcasting on someone else's PLMN is a pretty bad idea.

UEs

Last but not least, the User Equipment, or UE in 3GPP nerd speak, is the name for a smartphone, a dumb phone, an ethernet to LTE bridge, a USB 5G dongle, really any LTE/5G client device. There are myriad LTE and now 5G capable devices on the market. And while the air interface for LTE and 5G are well standardized, there is a lot of room in other layers of the stack for device specific behavior when it comes to getting a UE attached to and passing data on your network.

Below are some suggestions that will help you keep from draining hours fighting UE compatibility problems:

  1. In general Android will act differently than Apple products. Even within an OS ecosystem, a Samsung phone will act differently than a Google Pixel. Even the same device, with a SW update may use a different attach call flow and start or stop working with your network. So always test your SIM and your network with the device and SW version you plan to use. It is never safe to assume “it worked with X, so it will work with Y” so always test.
  2. Some UEs are “Locked” to a carrier network. A carrier locked UE will only join that particular carriers PLMN (or set of approved PLMNs). As you shouldn’t be using someone else’s PLMN, that means the phone won’t work on your network. This may even manifest as the phone displaying an error when you put your SIM card in, or saying “no SIM” when you put your SIM in.
  3. All UEs support a finite set of frequency bands. The cheaper the UE, the small the list usually. If the UE doesn’t support the band you are using (e.g. CBRS Band 48) there is nothing SW can do to make it. There is a great website called gmsarena.com that you can use to lookup the band support of many many smartphone UEs. For other device types be sure to check the spec sheets. If you can’t explicitly confirm a device supports your band, probably not safe to assume it does.

Let’s Do It!

Ok, there you have it, you are armed with knowledge and links galore. If this blog made you excited to go it alone, great, get after it.

If on the other hand it made you feel like you want someone to handle all the details for you, that’s great too, contact us at FreedomFi.com. At FreedomFi we’re all about building private networks using open source software. We think you should do it too. If your Wi-Fi network isn’t delivering the service you need, the reach you need, the security you need, let us help build you a open and private LTE or 5G network.

Check back here, I’ll be posting more tips and explainers about open private LTE and 5G networks.

5g
Private Network
Open Source
Freedomfi
Lte

--

--

Joey Padden
open5g

Written by Joey Padden

201 Followers
Editor for

Wireless nerd and Co-Founder at FreedomFi. Interested in Private LTE/5G, Wi-Fi, and open source.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams