 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion Groups General General TopicsGSMBluetoothProviders AlltelATT WirelessCingularFidoNextelSprint PCST-MobileVerizonManufacturers EricssonNokiaMotorolaCountry Specific Australian GroupUK GroupRelated Topics PocketPCPalmMore Topics ... |
Cellular Phone Forum / General / GSM / September 2006preferred gsm network
Dear All, I'm currently working on an application that uses a GPRS module. When the device is roaming abroad, I would like to insure that it connects to one of the preferred networks that is stored on the SIM card. If I send the following command to the module: AT+COPS=? +COPS: (2,"UK VODAFONE","","23415") +COPS: (3,"UK O2","","23410") OK I get the list of networks that my GPRS module is able to pick up. My home network is Vodafone UK. If I send the following command, I get the list of my preferred networks, that is stored on my SIM card: AT+CRSM=176,28464,0,0,103 +CRSM: 144,0,02F80112F41062F22072F21022F20102F25062F81002F4402F81002F61042F08005F53056F51006F22012F60772F62072F81062F01022F61035F01064F00032F81042F5014F92032F21002F81054F40042F82092F30412F90172F42072F43025F53082F620FF OK Is it normal that my home network Vodafone UK doesn't appear in this list? Otherwise if the MNC of a given network is 0, should this come up as 0 or 00 in the above list? Thanks in advance for your help, Regards, Alan > Dear All, > [quoted text clipped - 20 lines] > > +CRSM: 144,0,02F80112F41062F22072F21022F20102F25062F81002F4402F81002F61042F08005F53056F51006F22012F60772F62072F81062F01022F61035F01064F00032F81042F5014F92032F21002F81054F40042F82092F30412F90172F42072F43025F53082F620FF > OK > > Is it normal that my home network Vodafone UK doesn't appear > in this list? I think that's normal. The home PLMN has priority over the preferred PLMN list, and the home PLMN is embedded within the IMSI (the first 5 digits of IMSI for a 5-digit PLMN). This is read from the EF_IMSI file (28423/6F07), rather than from EF_PLMNsel (28464/6F30). > Otherwise if the MNC of a given network is 0, should this come > up as 0 or 00 in the above list? I believe it should be represented as "00". GSM 11.11, clause 10.3.4 clearly specifies that each PLMN in the "+CRSM: " result has 3 bytes (6 semi-octets). John Hi John, Thank you for your post. I've another question: Is there any command I can send a command to find out how long the list of preferred networks is? The reason I'm asking, is that I've noticed that the length of the list is operator dependent. What is the average list length? Thanks in advance for your help, Regards, Alan > > Dear All, > > [quoted text clipped - 42 lines] > > John > I've another question: Is there any command I can send a > command to find out how long the list of preferred networks > is? Not that I've found and been able to get working. But GSM 11.11 says: "If the length of the response data is not known beforehand, then its correct length may be obtained by applying the first command and interpreting the status words. SW1 shall be '9F' and SW2 shall give the total length of the data." If I've understood GSM 11.11 correctly, then perhaps: AT+CRSM=176,28464,0,0,0 or AT+CRSM=164,28464,0,0,0 should return the length as above. The only device I've got which supports "AT+CRSM" is a Siemens S55 handset, and it responds as follows: AT+CRSM=176,28464,0,0,0 +CRSM: 103,0 OK AT+CRSM=164,28464,0,0,0 ERROR note that the returned value of 103 for SW1 means "incorrect P3". > The reason I'm asking, is that I've noticed that the length of > the list is operator dependent. What is the average list > length? The length is SIM dependant, with all unused entries stuffed with "FFFFFF". The SIM I'm testing now contains 15 entries, with 6 used. I find that I can edit the list. I changed the first entry from my home network (Optus Australia in this case) to your Vodafone UK as follows: AT+CRSM=176,28464,0,0,3 +CRSM: 144,0,05F520 OK AT+CRSM=214,28464,0,0,3,32F451 +CRSM: 144,0 OK AT+CRSM=176,28464,0,0,3 +CRSM: 144,0,32F451 OK Interestingly, I also note that I can overwrite any of the 4 forbidden networks in the same manner. To change the 2nd entry to Vodafone UK for example, the command is: AT+CRSM=214,28539,0,3,3,32F451 As I understand it, the preferred PLMN list is just that - the preferred networks in order of preference. Once they've been tried, the device will roam onto any other network which accepts it. Networks which are tried and refused get automatically rotated through the forbidden networks list. I haven't had a good look at these commands before, and hope I'm not just telling you things you already know. John I wrote: >> I've another question: Is there any command I can send a >> command to find out how long the list of preferred networks >> is? > > Not that I've found and been able to get working. I believe I've discovered a way to read the length on my Siemens phone at least. I'd be interested to see if it works for you. I've issued a "status" query for the EF_PLMNsel file, and interpreted the result. This is the command and response: AT+CRSM=242,28464,0,0,0 +CRSM: 144,0,0000002D6F30040111F0FF01020000 The response is interpreted as per GSM 11.11, clause 9.2.1 (response data for status query on an EF - elementary file). The first 2 octets ("0000") are RFU (reserved for future use). The next 2 octets ("002D") are the file length. Then there's 2 octets for file ID ("6F30" hex = 28464 decimal), followed by other data which doesn't interest us for the moment. The length 2D hex is 45 decimal, and is the number of octets in the file. Each PLMN uses 3 octets, so my EF+PLMNsel file has room for 15 PLMNs. As your SIM appears to hold 150 PLMNs, I'd expect you to get a result beginning: +CRSM: 144,0,000001C26F30 John I wrote: > As your SIM appears to hold 150 PLMNs, I'd expect you to get a > result beginning: > > +CRSM: 144,0,000001C26F30 Sorry, that should read 50 PLMNs and +CRSM: 144,0,000000966F30 John Good morning, Thank you once again for your post. I'd noticed the corruption that you'd mentionned, but I just thought that I'd a 1 digit MNC. I did out a list of my MCC and MNCs by ensuring that the 3rd character was always an F: 02F801 12F410 62F220 72F210 22F201 02F250 62F810 02F440 22F80 02F610 42F080 05F530 56F510 06F220 12F607 72F620 72F810 62F010 22F610 35F010 64F000 32F810 42F40 14F920 32F210 02F810 54F400 42F820 92F304 12F901 72F420 72F430 25F530 82F620 Is it not correct to do this? I was then able to look up the corresponding networks on the internet. I've also tried to determine the length of the list of preferred networks, by using the command that you suggested: AT+CRSM=242,28464,0,0,0 +CRSM: 144,0,000021FE7F10020000FFFF010C91010C0600838A838A OK The response doesn't seem to match up to yours. Thanks in advance for your comments. Regards, Alan > I wrote: > [quoted text clipped - 8 lines] > > John > I've also tried to determine the length of the list of > preferred networks, by using the command that you suggested: [quoted text clipped - 5 lines] > > The response doesn't seem to match up to yours. Bad luck. Your device is returning the length (21FE/8702) of the DF_TELECOM "Dedicated File" 7F10/32528. A DF is a "functional grouping of files consisting of itself and all those files which contain this DF in their parental hierarchy" (GSM 11.11, clause 6.3 through 6.6). The DF_TELECOM file includes the EF_PLMNsel file (6F30/28464) and many other elementary files. At this point, I'm not aware of any other means of teasing out the length of EF_PLMNsel only. John > Good morning, > [quoted text clipped - 40 lines] > Is it not correct to do this? I was then able to look up the > corresponding networks on the internet. It's true that 2-digit MNCs (those outside North America at present) will always have semi-octet number 3 of 6 set to "F" in this PLMN list. What we don't know is which character is missing, let alone what its value is. Using "x" to represent the missing character, we don't know whether 22F80 02F610 in your list is actually 22Fx80 02F610 or 22F8x0 02F610 through to 22F800 2xF610 What GSM device are you using? And are you using a serial (RS232) connection to it to conduct this dialog? This looks like serial buffer overflow, and we should be able to eliminate the character loss by tweaking the serial parameters if this is the case. If you're losing characters here, you'll likely be losing others in any dialog involving responses of comparable length. John I wrote: > What we don't know is which character is missing, let alone > what its value is. But we should be able to find out by reading just those two PLMNs with AT+CRSM=176,28464,0,24,6 in this case. And assuming I'm right about the character loss arising because of the length of the returned string, you could kill two birds with one stone, and program a loop to read off each PLMN one-by-one until you get a "103" result to say there's no more. Within a control loop like for (j = 0; j < 9999 && status != 103; j++) just plug variable j's value into AT+CRSM=176,28464,0,j,3 and read off each "status" and PLMN. Bear in mind that a PLMN result of "FFFFFF" doesn't entail there're no active PLMN values behind it. John I wrote: > for (j = 0; j < 9999 && status != 103; j++) I'm thinking too slowly. for (j = 0; j < 9999 && status != 103; j += 3) would work _much_ better, and for (j = 0; j < 9999 && status == 144; j += 3) might be even better still :) John > Otherwise if the MNC of a given network is 0, should this come > up as 0 or 00 in the above list? I notice that your "+CRSM: " result contains corruption. Could this be a RS232 flow control (buffer overflow) problem? To be most useful, the P3 parameter ("103" in "AT+CRSM=176,28464,0,0,103") should be a multiple of 3 (3 bytes/octets per PLMN). I wonder if the corruption would disappear if you used a P3 value of 102 or 105 instead. John Thank you once again for your helpful post. Based on the results I got below, would I be correct that the biggest number I can put at the end of the CRSM is 150? If I put any bigger, I get an error. Thanks in advance for your help, Regards, Alan AT+CRSM=176,28464,0,0,103 A+CRSM: 144,0,02F80112F41062F22072F21022F20102F25062F81002F44022F81002F61042F08005F53056F51006F22012F60772F62072F81062F01022F61035F01064F00032F81042F45014F92032F21002F81054F40042F82092F30412F90172F42072F43025F53082F620FF AT+CRSM=176,28464,0,0,140 +CRSM: 144,0,02F80112F41062F22072F21022F20102F25062F81002F44022F8102F61042F08005F53056F51006F22012F60772F62072F81062F01022F61035F01064F00032F81042F45014F9202F21002F81054F40042F82092F30412F90172F42072F43025F53082F620FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF OK AT+CRSM=176,28464,0,0,150 +CRSM: 144,0,02F80112F41062F22072F21022F20102F25062F81002F4402F81002F61042F08005F53056F51006F22012F60772F62072F81062F01022F61035F01064F00032F81042F4514F92032F21002F81054F40042F82092F30412F90172F42072F43025F53082F620FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF OK AT+CRSM=176,28464,0,0,160 +CRSM: 103,0 OK AT+CRSM=176,28464,0,0,155 +CRSM: 103,0 > > Otherwise if the MNC of a given network is 0, should this come > > up as 0 or 00 in the above list? [quoted text clipped - 8 lines] > > John > Based on the results I got below, would I be correct that the > biggest number I can put at the end of the CRSM is 150? If I > put any bigger, I get an error. You could try 153. And then 156 and 159 if that works. But my guess is that your SIM has 50 (a nice round number) entries in the EF_PLMNsel file. So P3=150 would be the limit. The SIM I tried had 15 entries. I can verify that, because the Siemens S55 phone lets me read the list on the handset itself. That's how I got absolute confirmation that my AT+CRSM=214,28464,0,0,3,32F451 command changed the first entry successfully. The handset said that the first entry was "Vodafone UK" after that. And I got the SW1=103 error as soon as I exceeded P3=45. I notice that your result list is still corrupt. You've lost 3 semi-octets over the full 300 semi-octets (150 bytes/octets). Numbering your entries, we get: 1 02F801 2 12F410 3 62F220 4 72F210 5 22F201 6 02F250 7 62F810 8 02F440 9 2F8100 corruption evident 10 2F6104 11 2F0800 12 5F5305 13 6F5100 14 6F2201 15 2F6077 16 2F6207 17 2F8106 18 2F0102 19 2F6103 20 5F0106 21 4F0003 22 2F8104 23 2F4514 24 F92032 more corruption 25 F21002 26 F81054 27 F40042 28 F82092 29 F30412 30 F90172 31 F42072 32 F43025 33 F53082 34 F620FF 35 FFFFFF 36 FFFFFF 37 FFFFFF 38 FFFFFF 39 FFFFFF 40 FFFFFF 41 FFFFFF 42 FFFFFF 43 FFFFFF 44 FFFFFF 45 FFFFFF 46 FFFFFF 47 FFFFFF 48 FFFFFF 49 FFFFFF 50 FFF Just to clarify the earlier discussion about the number of characters appearing in the MNC part of the PLMN, the "+CRSM: " result always shows 3 characters each for both MCC and MNC. 3-character MNCs are used in North America, and "F" is used as a filler character for the 2-character MNCs used elsewhere. So for MCC=543 and MNC=21 we have display values of 543 and F21 respectively. And because the pairs of semi-octets get swapped around within each octet in the "+CRSM: " result, the PLMN gets displayed there as "45F312". John |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.