Hello, first of all: I do not expect support from nordic here, but if any kind sole could shed some light on this, I would be very grateful. I’m developing an open source BLE GATT server and my first adaptation to a concrete hardware is a nrf51422. For analyzing, I use a ubertooth-one sniffer. As this sniffer has some issued, I wanted to use the nordic ble-sniffer. I have two firmwares to compare, both running on nrf51422 DK. One with an s310 soft device and a second with my open source implementation. I can see the advertising packages of both implementations when using ubertooth, but I can see just the s310 implementation when using the nordic bel-sniffer. I thought, it could be an issue with the device address and used the same device address for my implementation, but this doesn’t helps. What could be the difference here?
This packets stem from s310 implemenation:
systime=1439550612 freq=2402 addr=8e89bed6 delta_t=76.734 ms
40 1d 0b 60 4f d5 a6 f0 13 09 46 41 47 20 56 65 6c 6f 6d 61 74 69 63 20 45 37 45 35 00 00 00 8e 2f e2
Advertising / AA 8e89bed6 (valid)/ 29 bytes
Channel Index: 37
Type: ADV_IND
AdvA: f0:a6:d5:4f:60:0b (random)
AdvData: 13 09 46 41 47 20 56 65 6c 6f 6d 61 74 69 63 20 45 37 45 35 00 00 00
Type 09 (Complete Local Name)
*** Velomatic E7E5
Early return due to 0 length
Data: 0b 60 4f d5 a6 f0 13 09 46 41 47 20 56 65 6c 6f 6d 61 74 69 63 20 45 37 45 35 00 00 00
CRC: 8e 2f e2
systime=1439550612 freq=2402 addr=8e89bed6 delta_t=49.167 ms
40 1d 0b 60 4f d5 a6 f0 13 09 46 41 47 20 56 65 6c 6f 6d 61 74 69 63 20 45 37 45 35 00 00 00 8e 2f e2
Advertising / AA 8e89bed6 (valid)/ 29 bytes
Channel Index: 37
Type: ADV_IND
AdvA: f0:a6:d5:4f:60:0b (random)
AdvData: 13 09 46 41 47 20 56 65 6c 6f 6d 61 74 69 63 20 45 37 45 35 00 00 00
Type 09 (Complete Local Name)
*** Velomatic E7E5
Early return due to 0 length
Data: 0b 60 4f d5 a6 f0 13 09 46 41 47 20 56 65 6c 6f 6d 61 74 69 63 20 45 37 45 35 00 00 00
CRC: 8e 2f e2
And this are the packets from the open source implementation
systime=1439552002 freq=2402 addr=8e89bed6 delta_t=56.005 ms
40 16 0b 60 4f d5 a6 f0 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65 a6 f7 e5
Advertising / AA 8e89bed6 (valid)/ 22 bytes
Channel Index: 37
Type: ADV_IND
AdvA: f0:a6:d5:4f:60:0b (random)
AdvData: 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65
Type 01 (Flags)
00000110
Type 09 (Complete Local Name)
Temperature
Data: 0b 60 4f d5 a6 f0 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65
CRC: a6 f7 e5
systime=1439552002 freq=2402 addr=8e89bed6 delta_t=52.005 ms
40 16 0b 60 4f d5 a6 f0 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65 a6 f7 e5
Advertising / AA 8e89bed6 (valid)/ 22 bytes
Channel Index: 37
Type: ADV_IND
AdvA: f0:a6:d5:4f:60:0b (random)
AdvData: 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65
Type 01 (Flags)
00000110
Type 09 (Complete Local Name)
Temperature
Data: 0b 60 4f d5 a6 f0 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65
CRC: a6 f7 e5
Any thought?
Kind regards, Torsten
Edit: Here is the logfile from the Nrf Sniffer Console: log.txt
Edit: I've disassembled both advertising packages, to find the difference:
40 16 header: ADV_IND, random address, length: 0x16
0b 60 4f d5 a6 f0 advertisers address: f0:0b:60:4f:d5:a6
02 01 06 AD Structure 1; length 2: «Flags» LE General Discoverable Mode + BR/EDR Not Supported.
0c 09 AD Structure 2; length 12: «Complete Local Name»
54 65 6d 70 65 72 61 74 T e m p e r a t
75 72 65 u r e
a6 f7 e5 checksum
40 1d header: ADV_IND, random address, length: 0x1d
0b 60 4f d5 a6 f0 advertisers address: f0:0b:60:4f:d5:a6
13 09 AD Structure 2; length 19: «Complete Local Name»
46 41 47 20 56 65 6c 6f *** Velo
6d 61 74 69 63 20 45 37 matic E7
45 35 00 E5 + trailing 0
00 00 Non-significant part; could be ommited
8e 2f e2 checksum
The first contains two AD structures; while the second contains only one. I think most notable is, that the second advertising packages contains two additional zeros behind the last AD struct.
I was interpreting the specs:
Only the significant part of the Advertising or Scan Response data needs to be sent over the air."
as: trailing zero length packages at the end are not needed. There is an additional sentence stateing:
If the Length field is set to zero, then the Data field has zero octets. This shall only occur to allow an early termination of the Advertising or Scan Response data.
I will do a test, to see if the sniffer would find the first packages if there are additional zeros at the end and I will look, if I can find some more details in the test specs to whether a "terminating" AD structure is required.
Edit: I've found an example in "Supplement to the Bluetooth Core Specification V5/V6", that ends with an empty AD and states: "Not transmitted over the air". Other examples do not end with an empty AD.
Edit: I've added two additional zeros at the end of the advertising data, now the data is visible to the nordic sniffer:
systime=1440666510 freq=2402 addr=8e89bed6 delta_t=52.012 ms
40 18 0b 60 4f d5 a6 f0 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65 00 00 4b f2 84
Advertising / AA 8e89bed6 (valid)/ 24 bytes
Channel Index: 37
Type: ADV_IND
AdvA: f0:a6:d5:4f:60:0b (random)
AdvData: 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65 00 00
Type 01 (Flags)
00000110
Type 09 (Complete Local Name)
Temperature
Early return due to 0 length
Data: 0b 60 4f d5 a6 f0 02 01 06 0c 09 54 65 6d 70 65 72 61 74 75 72 65 00 00
CRC: 4b f2 84
Edit: With the last test, I was advertising only on one channel, when I advertise on all 3 channels, I can see the packages in the NRF-Sniffer :-)
