DMR Repeaters

[wheelbarrow]

I suspect most DMR repeaters don't log traffic without a third party software application like TRBOnet /TRBPwatch and I bet most users don't have that.

Any half decent supplier should enable RAS on a TRBO system but many probably don't. I can't really see much need for encryption for many users however. The main reason is laziness and cost to customer (or dealer) I suspect - when you have RAS on a DMR system (I'm talking from a TRBO point of view here) it means possibly firmware updating lots of older radios to enable RAS feature that was only introduced a few years ago (painful and time consuming at around 10mins per radio) and makes servicing radios terminals a bit more troublesome insofar as you can't read a radio to clone into a replacement as reading a radio will not display the encryption or RAS codes. So the lazy dealer has to keep notes of these and that's more effort. So it's easier to not bother with any protection which means he can read a radio that might be faulty, clone it into a replacement and job done.

Adding encryption to a Tier2 system also means you can't mix different brands such as Moto and Hytera as they don't play nicely together with encryption.

I would really hope that any Capacity Plus or Link Cap Plus systems would have RAS enabled as a bare minimum and adding encryption won't be an issue for other brands as Hytera's and all the others can't work on Cap+ or LCap+ anyway.

[bigboyblue]

I will chip in and add :

speaking about Motorola kit (dr3000 repeater), there's no use logs at all, and unless you spend a lot on a specialist application, designed to sniff everything coming from the repeater, then nope, nobody will ever know.

Even if its got a computer connected like trbo.net, this relies on a control station - IE a radio connected to the computer via the usb. Thus, a radio will only be programmed to rx on that group code, and therefore will never open up for anyone who has added some radios onto the repeater, as long as they are on a different group code.

Realistically, the only way someone will notice is when they start to get channel bonks - or someone stupidly puts in the same group code, so they can hear the traffic.


Recently decommissioned shopwatch system - capacity plus, 3 repeaters, sat on top of a council tower block. No ras, no encryption, and city wide footprint. Nobody ever would notice - with 5 voice paths, and only one talkgroup in use by the legitimate owners, then in theory, half the radio users in the city could migrate onto the system, and there wouldn't be any system degradation.
Now been replaced by a single site system.


A university on the South coast with 2 repeater sites, on 2 campuses, in 2 different towns approx. 10 miles away. Linked IP site connect. No ras, no encryption. Could in effect have yourself a free multi site radio network.

Another university on the south coast - 5 system IP site connect. Lots of footprint across the entire city. No ras, no encryption.

Proves that installers are lazy. RAS and encryption have now been around for ages. Takes only 5 mins per radio to upgrade if they need to, and no cost to the dealer. I call it customer service - and the chance for a sales pitch if you get some time at the customers premises. I did them as soon as RAS came out for my customers. Made a lot more profit by going around and handling the radios, as broken ones, damaged and 'oh have you got some accessories' types came out in force.

[radiosification]

Don't you have to buy an EID for RAS on Motorola repeaters?

[kr0ne]

All encryption is end to end on DMR as far as I know.

Told you I was probably talking balls!

Don't know where I got the idea the encryption was keyed on the repeater now........

[zippy]

thanks for the input chaps, just to clarify for a simpleton (me), is a DMR repeater similar to an analogue FM one whereas if I use encryption on my handsets (let's just say simple inversion) then what goes in will come out, so if during the day this business DMR repeater is unencrypted with no restricted access to system, if someone used the same CC, TG and timeslot in the evening, but put encryption on their handsets, would it work or does the repeater need to be told to accept encryption traffic?
I know what im trying to say in my head, I just hope I got it across.

[bigboyblue]

Don't you have to buy an EID for RAS on Motorola repeaters?

Not in the UK / EMEA region. Its all included. Only the Americans seem to have to add the EID for almost everything that comes out from Motorola over there - over here, its free. (Don't tell the Americans that)

[bigboyblue]

All encryption is end to end on DMR as far as I know.

Told you I was probably talking balls!

Don't know where I got the idea the encryption was keyed on the repeater now........

The repeater doesn't even know the key - the only option on the repeater is 'encryption type : none, basic, enhanced'

Its the radios themselves that hold the keys, the repeater will pass anything.

[zippy]

Its the radios themselves that hold the keys, the repeater will pass anything.

Cheers fella, that answered my question too.

[bigboyblue]

thanks for the input chaps, just to clarify for a simpleton (me), is a DMR repeater similar to an analogue FM one whereas if I use encryption on my handsets (let's just say simple inversion) then what goes in will come out, so if during the day this business DMR repeater is unencrypted with no restricted access to system, if someone used the same CC, TG and timeslot in the evening, but put encryption on their handsets, would it work or does the repeater need to be told to accept encryption traffic?
I know what im trying to say in my head, I just hope I got it across.

Yes, in effect, you've got it.

THE FOLLOWING IS ONLY THEORY:

But why would you use the same group codes, giving the repeater owner a chance to wonder what the strange sounds coming out of their radio are. Yep, they couldn't hear the correct / non garbled voice because its got encryption on it, but you've alerted them to someone else being on their repeater.

By simply choosing another group code (and perhaps listening to slot 2 and seeing if there's any traffic at all on it - an awful lot of companies only want one channel, and therefore slot 2 is totally unused), then they will never ever detect you on the repeater.

Without RAS enabled on the repeater, then the repeater will pass traffic on any and all group codes. As long as its the correct freq and colour code, then voila, you are in.

On the last part you mentioned about encryption - the repeater has only 3 settings for encryption : none, basic and enhanced.

Putting encryption through a repeater set to none will sometimes garble the voice coming through, sometimes it works, and sometimes it doesn't. The setting alters the repeater slightly to allow it coming through. In effect though, you wouldn't need encryption if you were on a different group code.

[zippy]

Thanks bigboyblue, google is a wonderful thing but very hard to get specific answers to some 'grey' questions, it's nice being able to quiz people who know what they're talking about here.

Yes, as in my OP, it looks a lazy setup as there's only one TG and one timeslot ever used, and it looks like factory settings if there is such a thing on a DMR repeater, plus I have noticed a couple of users have the same RID, so set up on the cheap methinks.

And they all go home around 6pm and the repeater is still sitting there all night waiting for some traffic

[paulears]

I suspect it's simply misunderstood, that's all. Analogue repeaters have had loads of features available for years now - I run 2 UHF and 1 VHF repeater, all Kenwoods, and one of the first was set up with the Kenwood 5 tone system - mainly, to be honest, because I wanted to experiment with it. The client complained about the beeping noises, so since then it's been running simple CTCSS, although it is set up and licensed with 3 tones - they use just one. I keep an eye on it's performance by using one of the 'spare' tones - as could anyone else, to be honest. With all the options on the digital systems, I'm not sure it's laziness, just a feature unimplemented. If they were having access issues, they'd call the dealer, who would soon work out what was happening, and set additional access limitations. A simple system I set up last week's a good example. I didn't set encryption at all, they have one zone, one group and two channels. Why would I want to make it complicated? Maybe in six months they might want to have more groups or channels, or individual calling? That's where I can make a little more money. It's business.