Detailed explanation of BLE air packet format - and BLE Link layer protocol analysis

Others 2022-04-22 16:08:37 views: 0

How many air packet formats does BLE have? What are the common PDU commands? What is the difference between PDU and MTU? What is DLE? How does BLE implement retransmission? What is the principle of BLE ACK mechanism? Hope this article can help you answer the above questions.

 

Although the BLE air packet (packet) involves the BLE protocol stack link layer, L2CAP, SMP and ATT and other layers, the link layer is most closely related to the air packet format. Mastering the BLE packet format, it is easy to understand the BLE link layer protocol. The working principle, so the article is named "Detailed explanation of BLE air packet format - and BLE link layer protocol analysis"

BLE Packet format

The BLE link layer (link layer) defines only one packet (air packet) format, as follows:

And the first two bytes of PDU (protocol data unit, protocol data unit) are fixed as LL header (1 byte long) and payload length (1 byte long, also known as data length), that is, the above Packet can be expanded as :

 

The preamble (preamble frame) is 1 byte. According to the first Bit of the Access Address, there are two values: 0x55 or 0xAA (pure PHY layer behavior), as shown below:

The Access Address is used to indicate the receiver ID or air packet identity. As shown above, BLE has only one packet format. According to the Access Address, there are two types of packets: broadcast packets and data packets:

  • The Access Address of the broadcast packet is fixed as 0x8E89BED6 , and the broadcast packet can only be transmitted on the broadcast channel (channel), that is, it can only be transmitted on the 37/38/39 channel . Broadcast packets are sent to all nearby observers (scanners).
  • The packet Access Address is a 32 -bit random value generated by the Initiator. The data packet is actually the abbreviation of the air packet on the data channel. The data packet is only transmitted on the data channel , that is, the remaining 37 channels except 37/38/39 (BLE occupies a total of 40 channels). Each time a connection is established, the Access address is regenerated. Data packets are used for connection communication, that is, for communication between master and slave.

The CRC is 24bit, and the initial vector is:

 

Bluetooth broadcast package

Bluetooth broadcast packet, full name Bluetooth broadcast channel (channel) air packet, that is, the air packet transmitted on the Bluetooth broadcast channel (37/38/39 channel (channel)), is one of two types of air packets, and its specific format is as follows shown:

 

The Advertising Header is the aforementioned LL header, with a length of one byte, and the definition of each bit is as follows:

 

  • The PDU Type is 3bit, and the specific definition is as follows. It can be seen that the scanning PDU and the connection initiation PDU are both broadcast packets.

 

       Note: CONNECT_REQ can also be written as CONNECT_IND

  • TxAdd/RxAdd, each occupying 1 bit, represents the Bluetooth MAC address type represented by the subsequent Device Address field, the value 0 represents the Public address, and the value 1 represents the Random address.

Payload length is defined as follows, so the maximum length of the broadcast packet PDU is 37 bytes.

 

Device Address , a mandatory field in the broadcast packet, commonly known as the Bluetooth MAC address , if it is a broadcast packet, it is the MAC address of the advertiser; if it is a scan packet or a connection request packet, it is the MAC address of the scanner. The Bluetooth device address is 6 bytes , so the longest advertising data is: 37-6 = 31B , which is why the advertising packet data can only be up to 31 bytes . As mentioned earlier, there are two types of device address: public and random, which are defined as follows:

 

There are three types of Random device address, which are defined as follows:

  

I will write another article to elaborate on Advertising data , so I won't introduce it here.

Note: The above broadcast package is in the Bluetooth 4.x format. In addition to the above format (remember: Bluetooth 5 is compatible with Bluetooth 4.x!), the Bluetooth 5.0 broadcast package has some new definitions, which I will write in the future. An article on Bluetooth 5 broadcasting is devoted to the Bluetooth 5 extension broadcasting package.

Bluetooth data channel air packet (packet)

Corresponding to the Bluetooth broadcast packet, the Bluetooth data packet is another BLE packet. The Bluetooth data packet is the abbreviation of the Bluetooth data channel air packet, which means that the air packet is only transmitted on the Bluetooth data channel, that is, the other 37 channels except 37/38/39. In terms of format, Bluetooth data packets are divided into two types: empty packets and ordinary data packets. The format of empty packets is as follows.

 

As can be seen from the figure, the entire payload of the empty package is empty, hence the name empty package.                      

The normal packet format is as follows:

 

The Data header , the aforementioned LL header, is defined in the data packet as follows:

 

  • LLID (2bits), link layer ID, classify LL PDU: LL data PDU and LL control PDU. That is to say, ordinary data channel air packets include two types of LL data packets and LL control packets, and the specific definitions are as follows. Please pay attention to distinguish the difference between data channel packet (data channel air packet) and LL data packet (LL data packet). As shown above, data channel packet includes LL data packet and LL control packet, and LL data packet is only one part of data channel packet. kind. When there is no contextual ambiguity, we refer to them collectively as "packets".

 

Link layer supports the following control PDUs:

 

  • NESN/SN , NESN and SN each occupy 1 bit. The full name of SN is sequence number, which indicates the currently sent packet number. NESN, next expected sequence number, used to inform the other party of the number of the next expected packet. The link layer uses SN to tell the other party whether the packet is a new packet or a retransmission packet, and uses NESN to tell the other party that the packet you sent me before has been received (equivalent to the role of ACK), and I am now looking forward to the next new packet. , so BLE does not have a special ACK packet, it realizes the dual functions of ACK and retransmission through NESN/SN. Please refer to the following table, and carefully figure out how NESN and SN are encoded to complete the ACK and retransmission functions at the same time.

air packet number

Transmission direction

NESN

SN

NESN

SN

#1

M -> S

1

0

 

 

#2

S -> M

1

1

 

 

#3

M -> S

0

1

1

0

#4

S -> M

0

0

1

1

Let's analyze the #3 data packet. #3 is sent by the master to the slave. How are the NESN and SN of #3 determined? In fact, the NESN and SN of #3 are determined by comparing the values ​​of NESN/SN of #1 and #2. After the Master transmits #1, it will record the NESN and SN of #1 package, that is, the NESNꞌ on the right side of the table. and SNꞌ. Then the Master will compare the SNꞌ with #2's NESN, and the two are not equal, indicating that the slave has received the #1 packet and expects the master to send a new packet to it. At this time, the Master will increase the SNꞌ by 1 to form #3 The SN of the packet indicates that the data packet is a new packet, and then sent; the two are equal, indicating that the slave did not receive the #1 packet, and the master needs to retransmit at this time. The master will also compare the NESNꞌ with the SN of #2, the two are equal, indicating that the #2 package is a new package, and then the master will increase the NESNꞌ by 1 to form the NESN of the #3 package and send it out, telling the slave that I have received #2 Packed and expect your next packet; the two are not equal, indicating that the #2 packet is a retransmission packet. Note: You can find a rule from the above table, that is, two adjacent data packets in the same direction, their NESN and SN are opposite to the NESN and SN of the other packet, such as #3 NESN = #1, #3 SN = #1, also the respective NESN and SN of #2 and #4 are opposite to each other.

We can use the following flowchart to describe the above process.

  

  • MD (1bit), more data, is used to indicate to the other party that I still have data packets to transmit, please continue to open the radio frequency window to prepare to receive. For example, a Nordic nRF51822 connection interval can send 6 packets or more packets (that is, a connection event contains multiple data packet interactions), which is implemented by MD. Taking the notify command as an example, the device (Server) notifies the first data packet and sets the MD to 1. After the client (such as a mobile phone) receives the notify command, it knows that the server still has data packets to transmit, and the mobile phone can continue to send An empty packet is sent to the device to let the device send the second notify command, as shown below. Note: Master is a mobile phone (Client), and Slave is a device (Server).

 

Payload Length or Data Length , BT4.0/4.1 is defined as follows, which is the root cause that a Bluetooth 4.0/4.1 packet can only transmit 20 bytes.

 

After BT4.2, the payload length 8 bits are all used to indicate the length. In this case, the payload size can be up to 251 bytes (255 – MIC size). After the BLE connection is established, the data length can be dynamically changed (the default is 27 bytes). This feature is called Data Length Extension (DLE ) . DLE is implemented through Link layer commands: LL_LENGTH_REQ and LL_LENGTH_RSP.

L2CAP length , 2-byte length, indicates the length of the following information payload, the maximum length of the information payload is not only limited by the L2CAP length field, but also limited by the MTU. MTU, Maximum Transmission Unit, is the maximum data length that the ATT layer and the L2CAP layer can interact with, or the maximum length that the Client and Server can interact with.

To sum up, two length fields are defined in the Bluetooth spec: LL data length and L2CAP length, and the ATT layer also defines an MTU to limit the maximum length of the ATT PDU. LL data length can be changed dynamically through LL_LENGTH_REQ and LL_LENGTH_RSP, MTU size can be changed through Exchange MTU Request and Exchange MTU Response to be mentioned later, and L2CAP length cannot be changed dynamically, that is to say, it cannot exceed 65535.

L2CAP CID , 2 bytes long, the ID of the logical channel, BLE uses a fixed channel number, defined as follows:

 

There are only three PDU commands supported by the BLE L2CAP Signaling Channel :

  • Command reject
  • Connection parameter update request, update connection parameters, such as minimum connection interval, maximum connection interval, slave latency, etc.
  • Connection parameter update response, accept or reject the above request

Security Manager Protocol (SMP ) is used to implement pairing and key distribution. SMP supports the following PDU commands:

 

Attribute Protocol (ATT ) is the application layer we often use. The application data follows the ATT command. ATT supports the following command list:

 

 

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325127332&siteId=291194637
Recommended
Ranking
vue project automated build tools 1.0, support for multi-page build
JDBC add, update, delete data
SpringCloud combat service in response to the decline tutorial series (Chapter IV)
A segmentation fault (core dumped) error occurs when C+11 compiles and calls the PCL library
Django achieve websocket
Go语言并发之道--笔记1
Three-tier structure and application
Zhejiang data structure after-school exercise practice two 7-2 Reversing Linked List (25 points)
Front-end interview brushing day9 (updated daily high-frequency inspection points for front-end interviews)
The difference between the shell of the single and double quote
Daily
More
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)

Code World

© 2018 codetd.com