Important changes to forums and questions

All forums and questions are now archived. To start a new conversation or read the latest updates go to forums.mbed.com.

One minute to understand BLE MTU data package

Topic last updated 18 Oct 2019, by Pekka Saavalainen. 1 reply
cherry park
11 Dec 2017

1.Profile

  • MTU: ATT Maximum Transmission Unit (MTU) is the maximum length of an ATT packet. The ATT MTU is defined by the L2CAP and can be anywhere between 23 and infinity. The implementation of the Bluetooth stack is the key factor of determining the ATT MTU on both client and peripheral. A generic ATT packet has the following structure:

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/170918002748097b531234be3d.png[/img]

MTU exchange happens after master and slave device build up connection, refer: "One minute to understand BLE connection data package"

http://www.viewtool.com/forum/vi ... &extra=page%3D1

Below is the comparison of few of major wireless protocol (units: bytes) ************ Ethernet:1500 IEEE 802.3/802.2: 1492 X.25: 576 BLE: 23 (for BLE4.0/4.1), 251 (for BLE4.2) => that's why wifi could be used to transfer video,traditional bluetooth(BT) could be used to transfer audio, and BLE only could be used to transfer control data. **************

  • MTU exchange command: is ATT command
  • MTU exchange procedure see below:

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180029b3c7c93cc5b8572a.png[/img]

  • MTU tow commands(“MTU request”and“MTU response”)description in detail(see“4”)

2.Keyword: Hollong BLE Sniffer, BLE Data Analyzer,BLE Data Capture

3.Preparation before capturing BLE data

  • Hardware:One BLE device (as slave device) and one master device(such as lightblue or redwoods app in iOS or Android); One HOLLONG BLE SNIFFER
  • Software:Hollong BLE sniffer and protocol analyzer download link:

http://www.viewtool.com/index.ph ... hollong-4-0-4-1-ble

4. MTU REQEUST Complete data (marked by blue color)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180035779a121c6a8778a3.png[/img]

1) Access Address: 0xaf9a8c69 Fixed 4 bytes,specified by CONNECT_REQ(see:http://www.viewtool.com/forum/vi ... &extra=page%3D1)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180033144e751d8b50fe54.png[/img]

2) Header Info  Data Header: 0x0706 000. .... = RFU: 0 ...0 .... = More Data: False .... 0... = Sequence Number: 0 .... .1.. = Next Expected Sequence Number: 1 .... ..10 = LLID: Start of an L2CAP message or a complete L2CAP message with no fragmentation (0x2) 000. .... = RFU: 0 ...0 0111 = Length: 7

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/170918003491c7572abed0f3ec.png[/img]

 3) L2CAP Length In BLE protocol layer,All of GAP,GATT and SMP use L2CAP channel to transfer command to LINK LAYER,L2CAP packing need to specify L2CAP length and channel ID Length: 3

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180035ae2bfe9d688b3347.png[/img]

4) L2CAP CID:channel ID CID: Attribute Protocol (0x0004)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180034b5af81e2bd6f7ce2.png[/img]

5) ATT command standard:

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180030578f4b1172870959.png[/img]

actual data package: Opcode: Exchange MTU Request (0x02) 0... .... = Authentication Signature: False .0.. .... = Command: False ..00 0010 = Method: Exchange MTU Request (0x02)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/17091800350f532761387f8503.png[/img]

6) MTU value (requested) Client Rx MTU: 185

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180034de6ac1eaaa103fd3.png[/img]

7) CRC

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180033da78e5af3f3b9e7a.png[/img]

5. MTU RESPONSE completed data package:

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/170918003823b1d90cfd626450.png[/img]

1) Access Address: 0xaf9a8c69 Fixed 4 bytes,specified by CONNECT_REQ(see:http://www.viewtool.com/forum/vi ... &extra=page%3D1)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/17091800382afaa000ddbc1eb7.png[/img]

2) Header Info  Data Header: 0x0706 000. .... = RFU: 0 ...0 .... = More Data: False .... 0... = Sequence Number: 0 .... .1.. = Next Expected Sequence Number: 1 .... ..10 = LLID: Start of an L2CAP message or a complete L2CAP message with no fragmentation (0x2) 000. .... = RFU: 0 ...0 0111 = Length: 7

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/170918003823c709448fa2b519.png[/img]

3). L2CAP length same as MTU request. Length: 3

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/17091800383491114f1ac9165f.png[/img]

4).L2CAP CID: channel ID same as MTU request. CID: Attribute Protocol (0x0004)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/170918003856db7b97c94c0975.png[/img]

5). ATT command standard:

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/170918003014935e1c900ca6e2.png[/img]

For this example: Opcode: Exchange MTU Response (0x03) 0... .... = Authentication Signature: False .0.. .... = Command: False ..00 0011 = Method: Exchange MTU Response (0x03)

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180038979c25a1fa04dc4e.png[/img]

6) MTU value Server Rx MTU: 23

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/17091800384d0d949879d8841a.png[/img]

7)CRC CRC: 0xf4767e [Expert Info (Note/Checksum): CRC unchecked, not all data available]

[img]http://www.viewtool.com/forum_bak(20171017)/attachments/month_1709/1709180038972cea8bd39dcaaa.png[/img] For more information,please visit viewtool:http://www.viewtool.com/index.php/en/

Pekka Saavalainen
18 Oct 2019

Close this topic.