Packet Data Setup
Transport Modes
| Mode | Description | Root Required |
|---|---|---|
| FOU | Foo-over-UDP tunnel to remote Linux box | No (on 1xBTS side) |
| FOU-TCP | FOU payloads carried through the TCP relay path | No (on 1xBTS side) |
| TUN | Kernel TUN device on the PDSN/runtime host | Yes |
FOU is recommended — offloads IP routing and NAT to a separate machine.
PDSN Configuration
FOU (Recommended)
{ "packet": { "transport": "fou", "fou_remote": "192.168.1.100:17010", "fou_local_port": 17011 } }
| Field | Description |
|---|---|
transport | "fou" for FOU tunneling |
fou_remote | Remote Linux FOU endpoint (IP:port) |
fou_local_port | Local UDP port for return traffic |
FOU-TCP with Docker Compose
The compose stack includes a fou-nat gateway container and a speedtest
container. fou-nat runs the FOU-TCP relay, NAT, Unbound DNS, and an nginx
proxy to the speed test.
Mobile packet-data clients can open:
http://speed/http://speed.local.1xbts.org/
The default PDSN config advertises 10.55.0.1 as DNS so these names resolve on
the packet-data link. Set UNBOUND_FORWARD_ADDRS to choose upstream DNS servers
for other domains.
Use docker compose up -d --build after pulling updates so Compose rebuilds
images that copy local files, including fou-nat and speedtest.
TUN
{ "packet": { "transport": "tun" } }
Creates a kernel TUN device per session with automatic IP config and NAT rules. Requires root.
FOU Remote Setup
On the Linux box handling IP routing (replace <pdsn_ip> with the PDSN/runtime host IP):
sudo modprobe fou
sudo ip fou add port 17010 ipproto 4
sudo ip link add fou0 type ipip \
remote <pdsn_ip> local <linux_ip> \
encap fou encap-dport 17011 encap-sport 17010
sudo ip addr add 10.55.0.1/24 dev fou0
sudo ip link set fou0 up
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -t nat -A POSTROUTING -s 10.55.0.0/24 -o eth0 -j MASQUERADE
Verify
sudo ip fou show
ip addr show fou0
sudo tcpdump -i fou0 -n
sudo iptables -t nat -L -n -v | grep 10.55.0
Teardown
sudo ip link del fou0
sudo ip fou del port 17010
sudo iptables -t nat -D POSTROUTING -s 10.55.0.0/24 -o eth0 -j MASQUERADE
IP Pool
| Parameter | Default |
|---|---|
| Subnet | 10.55.0.0/24 |
| Gateway | 10.55.0.1 |
| Mobile pool | 10.55.0.2 – 10.55.0.254 (253 addresses) |
| Primary DNS | 10.55.0.1 |
| Secondary DNS | 10.55.0.1 |
Lowest available address assigned per device/session key. Open PPP sessions are
cached by IMSI/ESN across packet traffic-channel changes, and the cached session
keeps its mobile IP reserved until pdsn.ppp_session_timeout_secs expires. The
default timeout is 1800 seconds. Expired cached sessions are reaped periodically
and release their reserved IPs.
Override packet.primary_dns and packet.secondary_dns in pdsn.json if
mobiles should use external DNS directly instead of the gateway resolver.
Data Path
Uplink: Mobile → PPP/HDLC → RLP → MuxPDU → BTS → Abis bearer → BSC → A8 → PCF → A10 → PDSN PPP/IPCP → FOU/TUN/FOU-TCP → NAT/internet
Downlink: Internet/NAT → FOU/TUN/FOU-TCP → PDSN → A10 → PCF → A8 → BSC → Abis bearer → BTS → RLP/MuxPDU → mobile
Throughput
| Config | Forward Channel | RLP Payload Capacity |
|---|---|---|
| SO7 / RC1 | 9.6 kbps FCH | ~6-7 kbps effective IP |
| SO33 / RC3 | 9.6 kbps FCH | ~6-7 kbps effective IP |
| SO33 / RC3 + F-SCH | 19.2 kbps | 16.0 kbps before PPP/IP overhead |
| SO33 / RC3 + F-SCH | 38.4 kbps | 32.0 kbps before PPP/IP overhead |
| SO33 / RC3 + F-SCH | 76.8 kbps | 64.0 kbps before PPP/IP overhead |
| SO33 / RC3 + F-SCH | 153.6 kbps | 134.4 kbps before PPP/IP overhead |
Troubleshooting
| Symptom | Check |
|---|---|
| No data session | SO7/SO33 in supported service options |
| RLP sync fails | Traffic channel assignment, RC compatibility |
| F-SCH not active | enable_f_sch, supported f_sch_rate_bps, and ESCAM acceptance in logs |
| LCP timeout | PPP negotiation in message log |
| No IP assigned | IPCP in dashboard, pool exhaustion |
| No internet | FOU tunnel up, NAT rules, IP forwarding |
| One-way traffic | fou_local_port matches remote encap-dport |
| Packet loss | Firewall rules on FOU UDP path |