Inspect a Bluetooth connection, analyze GAP and GATT packets
In this exercise, we will be sniffing the packets in a Bluetooth LE connection between your Nordic device and your phone. This exercise will help you apply what you learned in Lesson 3 about connection establishment and connection parameters to what actually happens over the Bluetooth LE link.
We will be using the application we made in Lesson 3 Exercise 2 for this exercise.
Note that this is the same firmware as the solution to exercise 2 found in lesson3/blefund_less3_exer2_solution.
1. Build and flash the application on your board.
LED1 on your board should be blinking, indicating that your board is advertising.
2. Filter only the device packets from Nordic_Peripheral.
In Wireshark, run the sniffer again and open the Device drop-down list to select Nordic_Peripheral. If you only see the name from the previous exercise (Nordic_Beacon), you may need to close Wireshark, and open it again.
If there are too many devices, you can use the RSSI filter as we did in the previous exercise.
After you select Nordic_Peripheral, you should only see the packets from this device, in this case, the device address is cd:f6:1b:aa:5f. Here we can see mainly advertising packets (ADV_IND), and some scan requests (SCAN_REQ) and scan response (SCAN_RESP) from the same advertiser.
Make sure that the “Automatic Scroll” function is enabled to see the latest packets
3. Establish a Bluetooth LE connection
Launch nRF Connect for Mobile and connect to the Nordic_Peripheral device, just like we have done several times previously.
When the connection is established, you should be able to see this from the nRF Sniffer in Wireshark.
Notice a large number of packets being exchanged between the peers at a high speed. Most of them are empty PDU packets.
Note
If you don’t see any empty PDU packets, the sniffer may have missed the connection. This happens if the sniffer fails to capture the connection request packet to follow the connection. Try to connect again, by disconnecting the peripheral from the nRF Connect application, and initiating the connection again.
4. Inspect the connection parameter update request packet.
Find a packet with the Info: “Connection Parameter Update Request”, from the L2CAP protocol, see below.
It might be a good idea to turn off “Auto Scroll” to easier navigate through all the captured packets.
Expand Buetooth L2CAP Protocol and Command: Connection Parameter Update Request to find the request minimum and maximum connection interval of 800 (1000 ms) which is what we requested in Lesson 3 Exercise 2.
5. Inspect the connection update indication packet (LL_CONNECTION_UPDATE_IND).
Right after the request, you can see the LL_CONNECT_UPDATE_IND packet from the phone. This packet dictates the new updated connection parameters according to what was requested by the peripheral.
Inspecting LL_CONNECT_UPDATE_IND will show you the new connection parameters. In this case, we see the connection interval of 800 (1000ms) and the connection timeout of 400 (4 seconds). This corresponds to what was requested in the code. Also, notice the Instant value of 177. This value tells the peers at which connection event the new parameters will take effect.
As we can see from the Delta time column of the packets after this, the new connection interval of 1000 ms takes effect at Event number 177.
6. Apply a filter to filter out the empty data packets.
The majority of the packets you see in the Live Capture are just empty PDU packets that are sent to keep-alive the connection between the peers. The central sends a packet at the beginning of the connection event and the peripheral responds with a packet as an Acknowledge. When they don’t have anything to send, they simply send Empty PDU packets that only contain a data header and no payload. Without these packets being sent and acknowledged, the connection times out after the connection supervision timeout.
However, these Empty PDU packets make it difficult to inspect the communication, especially when you need to find a certain meaningful packet. The best way of solving this is to create a filter to hide these Empty PDUs.
Let’s apply the filter by selecting an Empty PDU. Then in the Packet Details window, expand Data Header and right-click where it says Length: 0. Then click Apply as a Filter > Not Selected.
Alternatively, you can write the filter manually in the “Apply a display filter” text box in the top left corner. To filter out packets with empty length you can enter the following filter command: !(btle.data_header.length == 0)
After the filter has been applied, you will only see the packets that actually have data payload
7. Inspect the communication when connected.
Now that all the empty packets are filtered out, let’s inspect the packet exchanges when two devices are connected.
The following image shows the anatomy of a connection between the phone and the “Nordic_Peripheral” where we enable notification on the button characteristic via the phone and then press and release the button a few times:
Try to reproduce a similar capture log, by subscribing to notifications from the Button Characterstic in nRF Connect for Mobile, like we have done in previous exercises.
Let’s inspect some of the other packets in the connection lifecycle.
7.1 Inspect the connection request, CONNECT_IND.
The connection request is sent from your phone to the device, when you select Connect in nRF Connect for Mobile. This is where we will find the the initial connection parameters, like the connection interval and the connection supervision timeout.
Here we can see that we get an initial connection interval of 30 ms, which explains the delta time between the empty PDU packet we saw in a previous step. And a connection supervision timeout of 5000 ms.
7.2 Inspect the PHY request, LL_PHY_REQ.
The packet LL_PHY_REQ is the request from the peripheral to use 2M PHY radio mode, where the peripheral informs that it prefers to use the LE 2M PHY (left image). We can also see the response from the central in LL_PHY_UPDATE_IND, indicating that LE 2M PHY shall be used (right image).
Note
The actual packets exchanged depend on whether the central or peripheral initiates the procedure. If the procedure is initiated by the central, which is what happened in this case, it sends an LL_PHY_REQ and the peripheral responds with an LL_PHY_RESP, before the central sends the LL_PHY_UPDATE_IND. If the procedure is initiated by the peripheral, it sends an LL_PHY_REQ and the central responds directly with an LL_PHY_UPDATE_IND.
7.3 Inspect the write request to the CCCD to enable notifications
Find the packet that sends a write request with the handle of the CCCD attribute (0x0013). Upon inspection, notice that it is setting the notification bit to true, to enable notifications from this characteristic.
7.4 Inspect the notifications when the button is pressed and when it’s released
You may notice many consecutive “Rcvd Handle Value Notification” packets from the ATT layer in the capture log.
The handle of the notification value attribute is 0x0012. It’s very common in the attribute table that the value attribute is located right above the CCCD attribute 0x0013. Also notice that the value of the characteristic when the button is pressed is 0x01 and when the button is released is 0x00. This is how the app on the phone detects whether to display “Button Pressed” or “Button Released”.
This marks the end of this exercise. You should be able to start using the sniffer to inspect other exercises. For example, the screenshot below is from the capture log of Lesson 4 Exercise 3, where we use NUS service to send UART data from the computer to the phone. In this case, we have typed “Nordic Academy” into a serial terminal and can now see the notification that contains this data being sent to the phone:
Nordic Developer Academy Privacy Policy
1. Introduction
In this Privacy Policy you will find information on Nordic Semiconductor ASA (“Nordic Semiconductor”) processes your personal data when you use the Nordic Developer Academy.
References to “we” and “us” in this document refers to Nordic Semiconductor.
2. Our processing of personal data when you use the Nordic Developer Academy
2.1 Nordic Developer Academy
Nordic Semiconductor processes personal data in order to provide you with the features and functionality of the Nordic Developer Academy. Creating a user account is optional, but required if you want to track you progress and view your completed courses and obtained certificates. If you choose to create a user account, we will process the following categories of personal data:
Email
Name
Password (encrypted)
Course progression (e.g. which course you have completely or partly completed)
Certificate information, which consists of name of completed course and the validity of the certificate
Course results
During your use of the Nordic Developer Academy, you may also be asked if you want to provide feedback. If you choose to respond to any such surveys, we will also process the personal data in your responses in that survey.
The legal basis for this processing is GDPR article 6 (1) b. The processing is necessary for Nordic Semiconductor to provide the Nordic Developer Academy under the Terms of Service.
2.2 Analytics
If you consent to analytics, Nordic Semiconductor will use Google Analytics to obtain statistics about how the Nordic Developer Academy is used. This includes collecting information on for example what pages are viewed, the duration of the visit, the way in which the pages are maneuvered, what links are clicked, technical information about your equipment. The information is used to learn how Nordic Developer Academy is used and how the user experience can be further developed.
2.2 Newsletter
You can consent to receive newsletters from Nordic from within the Nordic Developer Academy. How your personal data is processed when you sign up for our newsletters is described in the Nordic Semiconductor Privacy Policy.
3. Retention period
We will store your personal data for as long you use the Nordic Developer Academy. If our systems register that you have not used your account for 36 months, your account will be deleted.
4. Additional information
Additional information on how we process personal data can be found in the Nordic Semiconductor Privacy Policy and Cookie Policy.
Nordic Developer Academy Terms of Service
1. Introduction
These terms and conditions (“Terms of Use”) apply to the use of the Nordic Developer Academy, provided by Nordic Semiconductor ASA, org. nr. 966 011 726, a public limited liability company registered in Norway (“Nordic Semiconductor”).
Nordic Developer Academy allows the user to take technical courses related to Nordic Semiconductor products, software and services, and obtain a certificate certifying completion of these courses. By completing the registration process for the Nordic Developer Academy, you are agreeing to be bound by these Terms of Use.
These Terms of Use are applicable as long as you have a user account giving you access to Nordic Developer Academy.
2. Access to and use of Nordic Developer Academy
Upon acceptance of these Terms of Use you are granted a non-exclusive right of access to, and use of Nordic Developer Academy, as it is provided to you at any time. Nordic Semiconductor provides Nordic Developer Academy to you free of charge, subject to the provisions of these Terms of Use and the Nordic Developer Academy Privacy Policy.
To access select features of Nordic Developer Academy, you need to create a user account. You are solely responsible for the security associated with your user account, including always keeping your login details safe.
You will able to receive an electronic certificate from Nordic Developer Academy upon completion of courses. By issuing you such a certificate, Nordic Semiconductor certifies that you have completed the applicable course, but does not provide any further warrants or endorsements for any particular skills or professional qualifications.
Nordic Semiconductor will continuously develop Nordic Developer Academy with new features and functionality, but reserves the right to remove or alter any existing functions without notice.
3. Acceptable use
You undertake that you will use Nordic Developer Academy in accordance with applicable law and regulations, and in accordance with these Terms of Use. You must not modify, adapt, or hack Nordic Developer Academy or modify another website so as to falsely imply that it is associated with Nordic Developer Academy, Nordic Semiconductor, or any other Nordic Semiconductor product, software or service.
You agree not to reproduce, duplicate, copy, sell, resell or in any other way exploit any portion of Nordic Developer Academy, use of Nordic Developer Academy, or access to Nordic Developer Academy without the express written permission by Nordic Semiconductor. You must not upload, post, host, or transmit unsolicited email, SMS, or \”spam\” messages.
You are responsible for ensuring that the information you post and the content you share does not;
contain false, misleading or otherwise erroneous information
infringe someone else’s copyrights or other intellectual property rights
contain sensitive personal data or
contain information that might be received as offensive or insulting.
Such information may be removed without prior notice.
Nordic Semiconductor reserves the right to at any time determine whether a use of Nordic Developer Academy is in violation of its requirements for acceptable use.
Violation of the at any time applicable requirements for acceptable use may result in termination of your account. We will take reasonable steps to notify you and state the reason for termination in such cases.
4. Routines for planned maintenance
Certain types of maintenance may imply a stop or reduction in availability of Nordic Developer Academy. Nordic Semiconductor does not warrant any level of service availability but will provide its best effort to limit the impact of any planned maintenance on the availability of Nordic Developer Academy.
5. Intellectual property rights
Nordic Semiconductor retains all rights to all elements of Nordic Developer Academy. This includes, but is not limited to, the concept, design, trademarks, know-how, trade secrets, copyrights and all other intellectual property rights.
Nordic Semiconductor receives all rights to all content uploaded or created in Nordic Developer Academy. You do not receive any license or usage rights to Nordic Developer Academy beyond what is explicitly stated in this Agreement.
6. Liability and damages
Nothing within these Terms of Use is intended to limit your statutory data privacy rights as a data subject, as described in the Nordic Developer Academy Privacy Policy. You acknowledge that errors might occur from time to time and waive any right to claim for compensation as a result of errors in Nordic Developer Academy. When an error occurs, you shall notify Nordic Semiconductor of the error and provide a description of the error situation.
You agree to indemnify Nordic Semiconductor for any loss, including indirect loss, arising out of or in connection with your use of Nordic Developer Academy or violations of these Terms of Use. Nordic Semiconductor shall not be held liable for, and does not warrant that (i) Nordic Developer Academy will meet your specific requirements, (ii) Nordic Developer Academy will be uninterrupted, timely, secure, or error-free, (iii) the results that may be obtained from the use of Nordic Developer Academy will be accurate or reliable, (iv) the quality of any products, services, information, or other material purchased or obtained by you through Nordic Developer Academy will meet your expectations, or that (v) any errors in Nordic Developer Academy will be corrected.
You accept that this is a service provided to you without any payment and hence you accept that Nordic Semiconductor will not be held responsible, or liable, for any breaches of these Terms of Use or any loss connected to your use of Nordic Developer Academy. Unless otherwise follows from mandatory law, Nordic Semiconductor will not accept any such responsibility or liability.
7. Change of terms
Nordic Semiconductor may update and change the Terms of Use from time to time. Nordic Semiconductor will seek to notify you about significant changes before such changes come into force and give you a possibility to evaluate the effects of proposed changes. Continued use of Nordic Developer Academy after any such changes shall constitute your acceptance of such changes. You can review the current version of the Terms of Use at any time at https://academy.nordicsemi.com/terms-of-service/
8. Transfer of rights
Nordic Semiconductor is entitled to transfer its rights and obligation pursuant to these Terms of Use to a third party as part of a merger or acquisition process, or as a result of other organizational changes.
9. Third Party Services
To the extent Nordic Developer Academy facilitates access to services provided by a third party, you agree to comply with the terms governing such third party services. Nordic Semiconductor shall not be held liable for any errors, omissions, inaccuracies, etc. related to such third party services.
10. Dispute resolution
The Terms of Use and any other legally binding agreement between yourself and Nordic Semiconductor shall be subject to Norwegian law and Norwegian courts’ exclusive jurisdiction.