The coding of Information Elemenent IMSI in GTP v1 according to 3GPP 29.060
is as follows:
bits
8765 4321
Octects 1 type=2
2~9 IMSI
The IMSI is TBCD-coded with a fixed length of 8 octets. Bits 8765 of octet
n+1 encodes digit 2n, bits 4321 of octet n+1 encodes digit 2n-1. Unused half
octets shall be coded as binary "1 1 1 1". Digits are packed contiguously with
no internal padding.
So for string in the trace which I captured running on GTPv1 "02 13 20 06 02
22 22 00 F3"
the IMSI was wrongly decoded as 310060202222003, but it should be decoded as
310260202222003
The coding of IMSI in GTPv0 according to GSM 03.60
bits
8765
4321
Octects 1 type=2
2 MCC(digit
2) MCC(digit1)
3
1111
MCC(digit3)
4 MNC(digit
2) MCC(digit1)
5 MSN(digit
2) MSN(digit1)
6 MSN(digit
4) MSN(digit3)
7 MSN(digit
6) MSN(digit5)
8 MSN(digit
8) MSN(digit7)
9 MSN(digit
10) MSN(digit9)
So apparently in the above example, GTPv0 decoding was wrongly used to decode
IMSI in GTPv1 format.
Please feel free to contact me for any questions.
Thanks, JW
