Do not run OpenBTS in a band that is normally used for a public cellular service in your area, because you risk disruption of service in a public network, even if you are not directly interfering with the radio transmissions.

This is a criminal act in most countries, and a much more serious offense than a simple violation of radio spectrum regulaions.

It also incurs serious personal civil liability risk, since some neighbor's phone might attach to your system while trying to place a SOS call.

Authority contact information

  • France: ARCEP
  • Germany: Bundesnetzagentur:
    For more information about the frequency assignment in Germany contact the branch office next to your location. A list can be found here (See section "Frequenzzuteilung")
  • New Zealand: Ministry of Economic Development's Radio Spectrum Management home page: They also have a chart of the radio spectrum allocations.

Faraday cage

Running OpenBTS in a Faraday cage is a safe way not to disrupt public cellular service.

  • Shielded test enclosures can be configured with appropriate bulkhead connectors (e.g. N-type, SMA, etc.) to allow connection of an antenna (internal to the enclosure) to a USRP's SMA connector. Phones can then be tested inside the enclosure, and setup to either auto-answer, or controlled via a serial port pass-through with the GSM AT commands (e.g. ATA, ATH to answer/hang-up)
Shielded test enclosure manufacturers/vendors: (Please add vendors/manufacturers for other parts of the world - this is not an endorsement of the listed vendors)
Forensic shielded pouches

(vendor list of forensic shielded pouches)

OpenBTS configuration

This is work in progress. The following configuration is not guaranteed to be safe regarding infrigements with public cellular service.

  • GSM.Band: using a different band than the one used in your country is not an adequate safeguard, because most gsm handsets out there today are mostly tri- or quad-band, even using a band that's not normaly used locally, won't protect you from a handset trying to use your basestation (for example to do an SOS call).
  • GSM.MCC and GSM.MNC: use 001/01 or with some other set of identity parameters that have been designated for use by test networks in your country. Do not use the same MCC and MNC as any of your local public network operators, even if you are in a different band. That is spoofing and it can lead to serious legal problems.
    List of MCC/MNC on Wikipedia
  • GSM.RACH.AC 0x400: indicate no support for SOS calls, however, many phones ignore that bit and will attempt SOS calls anyway, so it is not an adequate safeguard.
  • GSM.ARFCN: check both uplink and downlink frequencies are unoccupied (e.g use [But this is not sufficient to make it safe].
  • Control.OpenRegistration: remove open registration to forbid unknown devices from registering to your network.