IP

Introduction^[1]

A MOTOTRBO system uses Internet Protocol to send voice and data between radios. A MOTOTRBO radio, for example, has an IP (IPv4) address made up of the CAI number and Radio ID.

Physical interfaces on MOTOTRBO equipment

In general, MOTOTRBO repeaters have three interfaces:

1. The Ethernet interface – This is via the RJ45 Ethernet connector on the back of the repeater.
2. The RF Air Interface – As you guessed, this is done via the transmitter and receiver generally using the ETSI DMR standard.
3. The USB interface from the programming socket or accessory connector.

Similarly, MOTOTRBO radios have three or four interfaces:

1. RF Air Interface.
2. USB interface.
3. Bluetooth – in some models.
4. WiFi – in some models.

Data can originate from radios (text; telemetry; presence and GPS) or from repeaters (control messages; handshakes, arbitration etc.). The majority of traffic on a most MOTOTRBO radio system will be voice.

Conventional means that the user - rather than the system - selects the channel on which any calls are processed and in order for the parties to communicate with one another, they need to be on the same channel (timeslot).

A talkgroup call is a multiway voice call between two or more radio users. In order to talk part in a talkgroup call, all parties need to have the talkgroup number provisioned in their radios. The talkgroup call will, by default, use an IP address of 225 plus the talkgroup ID. When transmitting to the talkgroup, the radio will include this IP address in the packet header as the destination IP. The source IP address will be that of the transmitting radio.

A private call is a two-way call between two parties. It is not possible for other radio users to join this call type. The transmitting radio sends the other party's radio ID in the header. The IP address in this case is, 12 plus the radio ID.

MOTOTRBO overwhelmingly uses unicast UDP/IP to transfer voice and data between radios and repeaters. Voice is compressed and encoded using the AMBE+2 vocoder from DVSI Inc.

IP Site Connect

There are several possible system topologies that include conventional and trunked operation. One of these topologies is known as IP Site Connect – this allows two ore more conventional repeaters to be linked via some form of IP connection.

An IP Site Connect system requires sufficient IP bandwidth to pass voice and data between repeaters. Generally, a stable round-trip latency of less than around 700ms has been found to work satisfactorily but the design target must always be 90ms^{[Notes 1]}. Multicast. is not used on the IP backhaul.

An IP Site Connect system will consist of one Master Repeater and up to 15 (or more) Peer Repeaters. It is possible to have two or more Master Repeaters collocated on the same RF site, serving two or more IP Site Connect networks sharing the same IP backhaul and serving the same radios.

MOTOTRBO repeaters utilize a proxy discovery mechanism to learn about the network. All peers devices initially communicate with the Master and then learn of the rest of the system. When a Peer joins the Master, the Master will inform the newly joined Peer about all other peers on the network, and then informs the other Peers about this newly joined Peer. This mechanism allows all of the Peers in the network to communicate directly with one another.

The information shared between the Master and Peers consists of the IP address and port used by all Peers in the system and is retrieved by the Master from the messaging the Peer sends when requesting to join the system. Therefore the address/port that the Master sees with respect to a Peer must be the same address/port that any device in the system can use to contact that Peer.

Static IP addresses for repeaters tends to be the preferred IP plan for most radio networks, though it is possible to use DHCP at least on peer repeaters. DHCP requires there to be a DHCP server on the network. If DHCP is used, it is advisable to use a very long lease time since a DHCP refresh may interrupt communications to that repeater for a short period.

In newer model repeaters, such as the SLR series, it is possible to use DNS. This requires a DNS server to be present on the network, or at least accessible by all repeaters. If DNS is used, even the Master repeater (or the Router which serves the Master) can use DHCP.

It is possible to deploy a MOTOTRBO system with an IP backhaul that uses VPN; NAT and/or VLANs. If a Firewall is used anywhere between any system component, one or more UDP ports will need to be opened for specific IP addresses.

More on IP

Since most, if not all, of the IP traffic will be passed across private networks, there is no need to be concerned about IPv6. In any case most IPv6 networks will support dual stack which allows the coexistence of IPv4 devices.

When setting up a repeater for IP Site Connect operation, one needs to know five pieces of information about the IP network:

1. The repeaters own IP address and UDP port (if this is not the Master Repeater)
2. The IP address of the Gateway (if a Router is used)
3. The subnet mask
4. The UDP port and the IP address of the Master Repeater.

There are two ways of allocating IP addresses: either through Static IP addressing (you define it) or via Dynamic IP addressing (the DHCP handles this). I prefer to use static IP addresses when the repeaters are not using a shared network where only dynamic IP addresses are allowed. If this cannot be avoided, I then look at using VLANs to segregate the networks.

If the repeaters connect with each other via the internet, a static IP address is a definite security risk. More often than not this is not allowed or expensive to get. Here, the best solution would be to use VPN. Most prosumer-and-above Routers support VPN. These Routers also have basic Firewall functionality that will allow you to lock down everything except what is needed to provide radio service.

An example of a network where no DHCP is needed, could be a Wireless Broadband network you have installed yourself using Cambium Point to Point links and the network is not shared with other services (i.e. this is your own IP backbone).

If no DHCP server exists then static IP addressing must be used on all devices. This means that no matter if the repeater is a Master or Peer, the IP address used must be predefined. A couple of A3 sheets of paper; a clutch pencil and eraser is an excellent starting point for this ad other aspects of your design.

If the network is being piggybacked on an existing network, where there already is a DHCP server, then the peer repeaters can use DHCP for IP address allocation. This of course only applies to IP Site Connect and (Single Site) Capacity Plus where everything is on the same LAN.

Capacity Max; Multisite Capacity Plus systems, and IP Site Connect systems which use the internet (or any other medium), need routers on the sites and the configuration thereof is a little different. I will discuss Multisite Capacity Plus and Capacity Max further on.

DNS

The Master repeater can also be configured with a dynamically assigned IPv4 address as long as this address is associated with a static DNS address. Anytime the IPv4 address for a Master changes, the DNS server must be updated with the new address. The DNS Server is utilized by all of the IP Site Connect devices, must have an IPv4 address for the Master. If the IPv4 address becomes invalid on the DNS Server, the IP Site Connect devices will not be able to establish a link with the wide area system. Once the IPv4 address for the Master is valid again on the DNS Server, the devices will be able to link to the wide area system again. It is the job of the entity assigning the IPv4 address to the Master to also update the DNS Server with the updated IPv4 address.

DNS is not available on the DR3000 or MTR3000. SLR series repeaters may require a firmware update to support this.

UDP

MOTOTRBO uses UDP to transfer voice and data between sites. UDP is very well suited for this, in that it is simple to implement (in terms of hardware); allows packets to arrive in a different order than they were sent and avoids the need for retries (as is the case with TCP). UDP is nothing new to us: well-known services such as Skype; Remote Desktop; IP Telephony and IPTV all use UDP in one way or another. Like all other protocols, UDP also requires us to define a port number (also referred to as a socket). This port number is specified in the repeater codeplug and in the router and / or firewall.

Port

The IP address of a networked device provides a means of delivering data to it. This IP address is also used when that device needs to send data to another device. This works well on a device to device level.

The port provides a second level of addressing within an IP based system where a specific application at a specific IP can be addressed. For example, a PC connected to the internet uses IP address 140.101.16.142 however web pages are received using TCP port 1080 and emails sent on port 25. The IP address talks to the box whereas the port addresses the application in that box.

With the exception of IP Remote programming, MOTOTRBO exclusively uses UDP for all communications between sites and repeaters. By default, MOTOTRBO uses port 50000 and above for voice and data. Some data, such as location and battery management, use UDP ports in the 4000 range.

IP Remote Programming will always use TCP to deliver the codeplug updates to the repeater. The port number used is also in the 50000 range but this can be changed in Radio Management.

OTAP uses UDP but has a layer CRC error correction mechanism to ensure the codeplug update is received complete and without error.

Port Forwarding

Port Forwarding (sometimes called Port Mapping) is a method by which the address and/or port number of a packet, arriving on one connection of a Router, is translated to new destination. This may include accepting such packets via a packet filter.

A Router which supports Port Forwarding may also do this by means of a routing table. The destination may be a predetermined network port on a device within a LAN, based on the port number on which the packet was received at the Router, from the originating device.

Port Forwarding is used to permit communications by external devices with services (e.g. MOTOTRBO UDP) provided within a LAN behind a Router.

Capacity Max uses OSPF to manage intersite traffic.

The OSI and TCP/IP Conceptual Models and MOTOTRBO

Open Systems Interconnection Model

The Internet (TCP/IP) Model

Routers in an IP Site Connect System

In an IP Site Connect network, a Router is used to connect multiple sites via another medium. Some examples of this include: connecting sites via the Inernet (ADSL) or connecting sites using Fiber-Optic.

In principle, any Router can be used with MOTOTRBO. Consumer grade equipment tends to be less reliable and results in more service calls due to network outages and other unusual problems.

For IP Site Connect, there are four noteworthy settings in any Router^{[Notes 2]}:

1. The WAN connection method and IP addressing. How will the Router will connect to the internet and/or to the other sites. If connecting via the internet, the connection and corresponding details will be provided by an Internet Service Provider (ISP). It might be that the ISP provides their own preconfigured hardware.
2. The LAN IP address. This is the IP address of the Router on the LAN. It is also the gateway IP address according to the Repeaters at this location.
3. Port Forwarding or NAT Rules. IP Site Connect generally uses Port forwarding when used with a Router. This is generally required on all sites and ensures anything coming in from the WAN (or LAN) is forwarded to the correct device.
4. DHCP and LAN addresses. The Master repeater may need a Static IP Address. Devices which do not require a Static IP Address can use a Dynamic IP Address. This Dynamic IP Address is assigned by the Router using DHCP.

An example of IP Site Connect

The below diagram shows a MOTOTRBO IP Site Connect network with two sites and two repeaters on each site.

Here, Peer 1 is linked to Master 1 and Peer 2 is linked to Master 2. The connection is via two Routers and a shared network (WAN). The Routers use Static IP addresses on their WAN Ports. They also use DHCP to give IP Addresses to the Peer repeaters.

The two Masters are able to use the same WAN IP in this case, because Router 1 uses Port Forwarding. UDP traffic from Peer 1 is on port 50001 and is forwarded to 192.168.0.2 on Router 1. UDP traffic from Peer 2 is on port 50002 and is forwarded to 192.168.0.3 on Router 2. The two IPSC links are differentiated by means of the port number.

Capacity Plus

NAT Loopback

As of release 2.2, NAT Loopback is no longer a requirement for the Routers used in a Capacity Plus system. Nat loopback is also seen as a security risk, especially on public/shared networks!

A router which supports NAT Loopback is only needed in a Capacity Plus system, if the firmware in the repeaters is older than R02.20.02 or if a RDAC PC is using the same LAN as the Repeaters. Packets, from the Repeaters within the same site, which are destined for the Master, need to be directed to the router and forwarded to the Master repeater. Even the Master repeater needs to use the router - that is why the Master IP address field is not greyed out when Link Type is set to Master.

Consider the above Linked Capacity Plus system. Here we have two sites, with three repeaters on each site. The Router on Site 1 is configured with port forwarding and NAT loopback such that any TCP or UDP traffic on port 50000 is sent to the Master repeater at 192.168.0.2. The IP Address (192.168.0.2) of the Master is static.

The Router on Site 2 should also have port forwarding enabled. All the peers on all of the sites, can use Dynamic IP Addressing (although I prefer to use static IP addresses). The DHCP server within Routers 1 and 2 are configured to allocate IP addresses in the range of 192.168.0.3 to 192.168.0.200.

192.168.0.201 is reserved for the Rest Channel IP Address – which is also static and common to all repeaters. I will discuss the Rest Channel IP Address separately.

These two LANs can use the same IP Address range because they are separated by two routers.

The WAN can be anything. In this case, it's just a direct CAT5 cable connection and since there is no Internet Service provider or DHCP server here, I have made up my own Static IP Addresses: 10.0.0.1 for Site 1 and 10.0.0.2 for Site 2. You would probably do the same if you were installing PTP links or Fiber-Optic.

Let's assume for one moment, that we have just switched on Peer 3 on Site 2 and Peer 2 on site 1. They are configured to register themselves with the Master repeater (this is defined in the CPS). They will do this using UDP/IP.

According to Peer 3 (Site 2), the Master repeater has IP Address 10.0.0.1. Therefore, to send its packet to this address, it needs to go through the Gateway - since 10.0.0.1 is not within the range defined by the Subnet Mask (this is set in the CPS and Router). The Gateway in this case is the Router (Site 2 Router).

The registration packet goes off to 10.0.0.1 via the Gateway (follow the green line) and arrives at the WAN port of the other Router: Site 1 Router. Since this Router has Port Forwarding enabled, and since the registration packet arrives on UDP port 50000, the Router automatically forwards this to 192.168.0.2 - the Master Router.

Now, when Peer 2, on Site 1 powers up, it also connects to the Master, at the same IP Address: 10.0.0.1, but since the Router (Site 1 Router) has NAT Loopback, the packet is redirected to the Master. If NAT Loopback was not there, the repeater would simply not connect to the network. Follow the red line above.

Remember that the Master is only needed for registering (adding) repeaters to the network. If the Master fails, the system will continue to operate abeit the reduced number of channels on one site. If this is an issue, another repeater can be used to act as a standby Master (a subject of a forthcoming post).

During normal operation, UDP traffic from the other sites on port 50000 will automatically be forwarded to the Master because of the port forwarding setting in the Router on Site 1. Traffic on other ports will be forwarded as per the information contained in the respective packet headers - that is any traffic not on port 50000 will be directed to the peer on that site.

No port forwarding is needed for the peers since the information required to send UDP traffic between them is exchanged when they power up and when their lease is renewed. The lease is renewed whenever the DHCP gives out a new IP address - this IP address is only allocated for a limited period defined in the Router.

Capacity Plus Rest Channel IP Address

In a Capacity Plus system, whenever a repeater becomes a Rest Channel, it generates two IP Addresses for itself. One IP Address acts as a destination for Arbitration (TR-A-RT) packets from the other repeaters.

The (normal) IP Address given to the repeater by the DHCP server - or Statically assigned - is retained while this is happening. In other words, there are two IP addresses to set: the IP address for all traffic and a second, Rest Channel IP address, which is only used while the repeater is a rest channel.

The UDP Port for the Rest Channel should be different: I use 55000.

QoS

In a Router, UDP packets on the ports used by the repeaters, need to have high priority in the Router.

Read more about QoS here.

Firewalls

There is no issue with operating a MOTOTRBO repeater or system within a network with a Firewall. The only requirement is that a specific port (default is UDP port 50000) be opened on the firewall. Alternatively, an already open port on the Firewall can be used for MOTOTRBO traffic.

Remember that if Remote IP Programming is ticked, the Master UDP Port (both in the CPS) is used for both programming the repeaters and for UDP traffic. Remote IP Programming uses TCP so therefore the Firewall must be opened to both TCP and UDP traffic if you intend using this feature.

Remote IP Programming allows the programming of (32Mb memory) repeaters via an IP connection, rather than connecting to the repeater directly.

TCP

TCP/IP is only used for IP Remote Programming of a repeater an IPSC Cap Plus and Cap Max networks - since it inherently supports packet retry which is important when writing codeplugs. The repeaters also have their own mechanisms to retry and recover from packet losses when being written to over IP.

Notes

References