https://www.slideshare.net/ramlakshmiram/bluetooth-mobileip
Operating RF spectrum 2.4 - 2.482 Ghz
Number of channel - 79
Channel width - 1Mhz
Modulation - Gausian phase Shift keying
Class od Devices
- Class 1 range 100 meters
- Class 2 range 10 meteres
- Class 3
Medium Access -
Master and slave roles are used. Max 7 slaves can be connected with single master. All slaves are synchronized with clock of the master.
Adaptive Frequency hopping is used to hop from one channel to another channel among all the 79 available channels.
Communication between master and slave is half duplex. Duration of single slot is 625 usec. packets are transmitted in 1,3, or 5 time slots.
Master transmits in even slots and slave in odd slots. Slave always listen for packets during even slots.
At single point of time master can communicate with only one slave.
3 different Physicals channels are used for 3 main procedures used in Bluetooth operation
1. Inquiry scan Channel - It uses generic inquiry acces code at the start of each packet transimmited.
There are some reserved generic access codes used during inquiry procedure. Inquiry scan channel hoppes at slower rate.
Inquiry scanning device listens for Inquiry request packets on inquiry scan channels. Device discovering other nearby devices sends req packet on inquiry scan channels.
2. Page scan channel -
The page scan channel uses an access code derived from the scanning
device’s Bluetooth device address to identify communications on the channel.
The page scan channel uses a slower hopping rate than the hop rate of the
basic and adapted piconet channels. The hop selection algorithm uses the
Bluetooth device clock of the scanning device as an input.
A device using its page scan channel remains passive until it receives a page
request from another Bluetooth device. This is identified by the page scan
channel access code. The two devices will then follow the page procedure to
form a connection. Following a successful conclusion of the page procedure
both devices switch to the basic piconet channel that is characterized by
having the paging device as master.
In order for a device to connect to another Bluetooth device it uses the page
scan channel of the target device in order to send page requests. If the paging
device does not know the phase of the target device’s page scan channel it
therefore does not know the current hop frequency of the target device. The
paging device transmits page requests on each of the page scan hop
frequencies and listens for a page response. This is done at a faster hop rate,
3. Basic Piconet channel
The basic piconet channel is characterized by a pseudo-random sequence
hopping through the PHY channels. The hopping sequence is unique for the
piconet and is determined by the Bluetooth device address of the master. The
phase in the hopping sequence is determined by the Bluetooth clock of the
master. All Bluetooth devices participating in the piconet are time- and hopsynchronized
to the channel.
The channel is divided into time slots where each slot corresponds to an PHY
hop frequency. Consecutive hops correspond to different PHY hop frequencies.
The time slots are numbered according to the Bluetooth clock of the piconet
master. Packets are transmitted by Bluetooth devices participating in the piconet
aligned to start at a slot boundary. Each packet starts with the channel access
code, which is derived from the Bluetooth device address of the piconet master.
On the basic piconet channel the master controls access to the channel. The
master starts its transmission in even-numbered time slots only. Packets
transmitted by the master are aligned with the slot start and define the piconet
timing. Packets transmitted by the master may occupy up to five time slots
depending on the packet type.
Bluetooth Packet Types:
ID Packet: The identity or ID packet consists of the device access code (DAC) or inquiry access code (IAC).
NULL Packet: The NULL packet has no payload and consists of the channel access code and packet header only. Its total (fixed) length is 126 bits. The NULL packet may be used to return link information to the source regarding the success of the previous transmission (ARQN), or the status of the RX buffer (FLOW). The NULL packet may not have to be acknowledged.
POll Packet: This packet can be used by the master in a piconet to poll the slaves. Slaves shall not transmit the POLL packet. it requires a confirmation from the recipient. Upon reception of a POLL packet the slave shall respond with a packet even when the slave does not have any information to send .
FHS Packet The FHS packet is a special control packet containing, among other things, the Bluetooth device address and the clock of the sender. The FHS packet is used for frequency hop synchronization before the piconet channel has been established,
With an automatic repeat request scheme, DM packets, DH packets, the data field of DV packets, and EV packets shall be transmitted until acknowledgement of a successful reception is returned by the destination (or timeout is exceeded). The acknowledgement information shall be included in the header of the return packet. The ARQ scheme is only used on the payload in the packet and only on packets that have a CRC. The packet header and the synchronous data payload of HV and DV packets are not protected by the ARQ scheme
----
eSCO (extended synchronous connection orientated) links
Key facts:
eSCO links were added in version 1.2 of the Bluetooth specification.
Following a request from either the master or slave device, the master may establish an eSCO link to that device.
eSCO packets are always transmitted in predetermined time slots: the regular interval between eSCO packets is specified when the link is established.
eSCO packets can be 1 or 3 slots in length.
eSCO packets to/from a specific slave are acknowledged, and may be retransmitted if not acknowledged.
eSCO packets
The packet type is determined by the TYPE code in the header:
0000 NULL No payload. Used for acknowledgements or flow control.
0001 POLL No payload. Used by the master to poll slaves. Requires acknowledgement.
0111 EV3 Extended Voice (no error correction), 1 slot: maximum 30 data bytes plus a 16-bit CRC.
1100 EV4 Extended Voice (2/3 rate FEC), 3 slots: maximum 120 data bytes plus a 16-bit CRC.
1101 EV5 Extended Voice (no error correction), 3 slots: maximum 180 data bytes plus a 16-bit CRC.-
------------
Blueatooth baseband frame formates:
http://www.ques10.com/p/2706/explain-the-frame-format-in-bluetooth-technology-1/
SSP - Expained - https://www.ellisys.com/technology/een_bt07.pdf
F( Private Key A, Public Key B) = F( Private Key B, Public Key A).
Link Key is generated out of this.
L2CAP - Explained - https://www.amd.e-technik.uni-rostock.de/ma/gol/lectures/wirlec/bluetooth_info/l2cap.html
