Directory
Introduction
- Understanding the Operating System (OS)
- Manual Overview
Getting started
- System requirements
- Gaining access & main functions
Admin
- General administration
- Administer accounts
- Administer devices
Using firefly: Organizations
Organization Overview
- Favorite Devices
- Suborganization
- User
Device Classes
- Add a device class and define the parser
- Edit a device class
- Organization Devices
- Organization Statistics
Organization Settings
- General
- Add or delete a suborganization
- Users
- API Keys
- Sinks
- Limits of an organization
- Organization Multicast Groups
Organization Gateways
- Cisco gateway Basic Station setup
- System logs
Using firefly: Devices
Devices - Overview
- Mark a device as a favorite
- interpret recent messages
- Device properties
- Send packet to device
- Devices - Graphs
- Devices - Statistics
- Devices - Settings extendibility
- Add a device by OTAA
- Add a device by ABP
Frequency plans
- EU868
- US915
- AU915
- AS923
- IN865
- KR920
- CN470
Network server addresses
Copyright
1. Introduction
This manual helps the user to understand and to navigate through DIGIMONDO’s cloud platform firefly.
1.1. Understanding the Operating System (OS)
The firefly software is DIGIMONDO’s complete solution for a professional operation of a LoRaWAN network. It is a carrier-grade network Operating System (OS) built on Elixir/Erlang, and designed to meet Germany’s high standards regarding data security and data privacy. It ensures that the data of the device is transferred to its destination (end-user) in a smart, safe and efficient way:
- Reduced traffic between gateways and backend.
- Custom compression of data to achieve 70% less traffic and save battery life.
- All components containerized for fast auto-scaling.
- Microservice architecture for easy maintainability and extendability.
- All user interfaces build as single page app with live updates and reporting possibilities.
The operating system consists of the following components:
Network server (NS) for LoRaWAN 1.0: firefly includes a LoRaWAN-compatible network server for secure, scalable and reliable operation of connected terminal devices. The Network Server receives packages including meta data from the Gateway (GW) and sends downlinks to the GWs. Therefore, it verifies the MIC (Message Integrity Code to identify the sender) and controls the duty-cycle. The NS checks the frame counter of the mote (FCNT) and routes packages to the correct Application Server (AS). It handles Join Requests with the AS and adapts the optimal data rate for the device (ADR). It sends downlinks when they can be received (depending on the device classes). It also provides an easy way of monitoring and billing objects.
The Application Server (AS) receives the payload (data package) from the NS and decodes it. It sends downlinks to the NS and provides data via different APIs. The standardized interfaces of the multi- client Application Server (AS) and Join Server are REST, MQTT and CoAP. The AS manages the end devices (connects end devices via OTAA or ABP; name and rename end devices; defines groups of end devices; key distribution and key management; detailed debugging statistics; Gateway downlink creator), it processes the data (modifiable Payload-Parser; customizable data processing and data visualization; live packet viewer) and manages the users (create and manage hierarchic organizations and suborganizations; create and manage user and user groups, manage user specific access rights, limit the amount of end devices, limit API-Keys und API-query rates).
Join Server (JS) LoRaWAN 1.1. The Join Server manages keys and users. It knows all devices by its Join EUI (AppEUI) and decides if devices are allowed to join. It calculates the session keys. The network session key is sent to the NS and the application session key is transferred to the AS.
Further information about the LoRaWAN technology can be found in Semtechs LoRaWAN specifications.
1.2. Manual Overview
This manual starts with instructions how to gain access to firefly (chapter 2) and how to administer the main functions (chapter 3). Though firefly’s crucial functionalities are covered in chapter 4 and 5.
Firefly is mainly divided in two parts that are always interlinked:
- Organizations: This section provides information about: How to add suborganizations, edit organizations, manage users, device classes or devices within an organization.
- Devices: This section provides information about: How to add devices (OTAA, ABP), interpret payloads and device details.
Both parts, Organizations (chapter 4) and Devices (chapter 5) are structured in subchapters:
- Overview
- Devices (for Organizations) or Graphs (for devices)
- Statistics
- Settings
The user can easily jump between the different chapters and sections ((sub)organizations, device classes, devices and users). The HOME
or house symbol in the upper left corner will always direct the user back to the starting page showing the favorite devices and the organizations. Form here the user can navigate through firefly.
Behind the home
symbol, names of suborganizations and/or device (classes) will appear, this gives the user an indication where in the firefly tree they are working.
2. Getting Started
2.1. System requirements
- A working internet connection.
- The firefly is compatible with browsers such as Firefox, Google Chrome and Safari.
- JavaScript, cookies and websockets to be activated additionally to run firefly.
2.2. Gaining access & main functions
To create a firefly account, please contact info@digimondo.de or visit DIGIMONDO. The link and password will be sent to the user.
There is one main navigation tool on the top of the screen which enables the user to change general settings. Additionally the back
arrow in the browser helps to navigate through firefly.
- house symbol (on the upper left) by clicking it, the user will always be directed back to the starting page showing the favorite devices and their organizations. Form here the user can navigate through firefly.
Firefly is an interlinked software and the user can easily jump between (sub)organizations, device classes, devices and users (in the respective organization).
Behind the house
symbol, names of suborganizations and/or device (classes) will appear, to always give the user an indication where in the firefly tree they are working.
user name (on the upper right) by clicking it, different functions appear:
edit profile
: Email; Prename; Surname; Company; Address - can be changed and confirmed by clicking the buttonsubmit
. A confirmation of the changes will appear sayingaccount updated successfully
.change password
: old password, new password and a confirmation of the new password can be filled in the specific fields. A confirmation of the changes will appear showingaccount updated successfully
.log out
: the user will leave firefly and be logged out.admin this option will appear if you are an admin. Admin users have the possibility to administer
devices
,accounts
, andgeneral settings
.
3. Admin
Accounts that are administrators in the root organization (ID -1) have access to the admin menu on the top right.
3.1. General administration
Among other things this section allows administrators to change the look of some visual elements of firefly.
Landing page logo and Login page logo are visible to all (logged out) visitors to the web site. Footer logo is the small logo on the bottom right of every page, visible only for logged in users. To change one or more of these logos, click on Choose file (or equivalent, depending on browser) and select a new logo. Custom logos should be similar in size to the default logos, they will not be trimmed on upload or display. By clicking on Set branding the custom logos are uploaded and should immediately be visible. Colors on the login page can also be customized.
Reset branding deletes all custom logos and custom color settings, default logos and colors will be enabled again.
3.2. Administer Accounts
All listed firefly accounts will be sorted by the most recent change at the top. Email, password changed, prename and surname are shown.
By clicking the combination of command + F
(macOS) or STRG + F
(windows) the administrator can search for specific user accounts (e.g. by typing the name in the box that appears on STRG + F).
The administrator has the possibility to click on…
reset
to send a password reset email to the user. In that email, the user can click on reset password
to change it.
invite
to (re-)invite a user by email to firefly saying “You have been invited to create an account at DIGIMONDO firefly register
”.
impersonate
to browse as the impersonated user and see their account from their persepective. “You’re now browsing as 41” will be blended in. To leave the user’s perspective, click on the user name in the top row and then click back to admin user
.
show
to show the email, prename, surname, company and address of the user. In the menu option, the chapters profile
and password
appear and by clicking more information becomes visible.
edit
to show the email, prename, surname, company and address of the user. In the menu option, the chapters profile
and password
appear and by clicking more information becomes visible and can be changed.
delete
a user. The administrator needs to confirm the deletion by clicking OK
in the pop-up window asking “are you sure?”, after which a message - “account deletion successful” will be blended in and the account is not listed any longer.
3.3. Administer Devices
All firefly devices listed will be sorted by ID. ID, name, mode (Activation By Personalization (ABP), Over The Air Activation (OTAA)), address and EUI (Extended Unique Identifier) are shown.
By clicking the combination of command + F
(for macOS) or Cntrl + F
(windows) the administrator can search for specific devices.
The administrator has the possibility to click on
show
to show the device and its details. Please refer to chapter 5.1. Device - Overview for more details.
edit
to open the device details in settings
. Several changes can be applied. Please refer to chapter 5.4. Device - Settings, for more details.
delete
to delete a device. The administrator needs to confirm the deletion by clicking OK
in the pop-up window asking, “are you sure?”
4. Using firefly: Organizations
In general: Firefly is an interlinked software and the user can easily jump between (sub)organizations, device classes, devices and users (in the respective organization).
Behind the house
symbol, names of suborganizations and/or device (classes) will appear, to always give the user an indication where in the firefly tree they are working.
Organizations can be companies, cities, projects, etc. On the first screen, the number of the user’s (sub)organizations is displayed.
- The user can search (sub)organizations by writing a name in the
search
toolbar. The name has to be filled in completely to ensure a valid search result. - The user can click on a (sub)organization to get an overview of the (sub)organization with more information and the possibility to edit it.
An organization is divided into seven chapters, displayed in the upper menu:
- Overview
- Devices
- Applications
- Device Classes
- Multicast Groups
- Statistics
- Settings
4.1. Organization Overview
The organization overview is divided by four squares showing the number of favorite devices, suborganizations, users and device classes. Additionally, there are several settings in the upper menu:
4.1.1. Favorite Devices
On the first screen, the number of the user’s favorite devices are displayed. The user can search devices by writing a name in the search
toolbar. The name has to be filled in completely to ensure a valid search result. The search functions apply for all devices (not just the favorite devices).
The user can click on one device of its choice or select to show all
. Please refer to chapter 5 Devices for more explanations.
4.1.2. Suborganizations
- The user can search suborganizations by writing a name in the
search
toolbar. The name has to be filled in completely to ensure a valid search result. - The user can click on a suborganization to see a tree of following sub-suborganizations. The line behind the home symbol (upper menu) gives an indication on which level of the organization-tree the user currently is.
- The user can click on
edit
to edit the selected suborganization. Please check chapter 4.4. Settings to find out how to edit a suborganization.
4.1.3. User
The number of users is shown in that square. In order to write an email to the registered user, the administrator needs to click on the displayed email address.
By clicking edit
, all accounts in that organization can be edited.
Please refer to 4.1.4. Settings to manage users of an (sub)organization.
4.1.4. Device Classes
In the section device classes, all device classes of a (sub)organization are shown. A device class is a (in firefly) defined category for several devices. It includes a “parser” which is necessary to decrypt messages (the payload) of all devices within that device class.
The user can:
- add a new device class by clicking the green button
add
. - edit a device class by clicking the equivalent name of the device class.
4.1.4.1. Add a device class and define the parser
Usually the device class specifications are indicated in the product. The user fills in the following fields:
name
: name of the new device class. Numbers and letters are allowed.parser
: The parser is defined by an amount of [bits] (https://en.wikipedia.org/wiki/Bit). Each bit needs to be defined by a specific data type ([boolean] (https://en.wikipedia.org/wiki/Boolean_data_type), integer ** , float ** ) and a target variable.
boolean*: binary values (e.g. true and false).
integer**: The payload is interpreted based 2. Little
endien reads the data from right to left. If Little
is not checked, the data is read from left to right; that is called “big endien”.
If the box Signed
is checked, it describes that the first bit is interpreted as an algebraic sign (math. +/-). [One’s compliment] (https://en.wikipedia.org/wiki/Ones%27_complement) and Two’s compliment are mathematical operations on binary numbers.
float*: numbers with usually as a string of digits.
target variable: the name of the target variable (e.g. temperature)
After typing in the data for first row, the user can add another row by clicking the plus
or deleting it by clicking minus
.
Example:
bit
8; integer
; frame type
bit
32; integer
; meterID
bit
32; integer
; absolute index
bit
16; integer
; temperature
calculate
: The user clicks on theplus
button to start defining its calculation by filling in theformula
andtarget variable
. A formula can be a calculation which refers to the target variable defined in the parser.
Example:
formula
: temperature / 100 target variable
: temperature
formula
: battery target variable
: battery
types
: The user clicks on theplus
button to start defining its types referring to the target variables listed in the parser. The (graphical) visualization of the payload is defined here. Types can be:- Automatic
- Checkbox
- Progress bar that supports values between 0 and 1.
- Coordinates. The variable needs to be a JSON object with values for latitude and longitude.
- Number, optional with a suffix (e.g. °C)
- commands like hide.
test
: the user can test if the definitions work by pasting an example payload (encoded as hex) into theExample payload
field and clicking theparse
button.visibility
defines in which (sub)organizations the device will be shown. The user can select:- parent organization
- parent and suborganization
- everyone (public)
If the visibility is defined as public, every user with the role “device admin” and “organizational admin” can see the device class.
4.1.4.2. Edit a device class
By clicking a device class in the organizational overview, all devices of that device class will be shown in the overview.
The user can decide as to which “organizations” should be able to use the user’s device class. By default, this is set to parent and suborganizations. The user can limit this to just Parent organizations or can make it visible to anybody on firefly.
Fixed device classes are not being editable by users with the role of device admin.
If the user clicks on a specific device he will be redirected to the device and its details (please refer to chapter 5.1 device overview).
In the upper menu, the user can click on
map
to see all devices of the selected device class on a map. If the device classs does not include GPS, the map function will show the following error: “To show your devices on a map you need to output your GPS data to the following fields:
gps.latitude
gps.longitude
Once the user has set this up correctly, devices will show up on this map.”
settings
In the settings of the device class the parser is specified. The user can edit the parser by clicking the specific fields he/she wants to change and confirming the changes with submit
.
How to define a parser is described in the prefixed chapter 4.1.4.1. Add a device class and define the parser
4.2. Organization - Devices
All devices of an organization are shown by clicking show all
in the favorite devices square or by clicking devices
in the top menu.
All devices will be listed by name, activation (ABP; OTAA); EUI; address. That view does not list devices of suborganizations.
At the bottom of the list new devices can be added by clicking Over The Air Activation (OTAA)
or Activation By Personalization (ABP)
on the green and grey respectively indicating boxes. Please check chapter 5.5. add a device by OTAA and 5.6. add a device by ABP for more information.
4.3. Organization - Statistics
By clicking statistics
in the upper menu, the user gets a graphical and tabular overview of the sent packages and bytes within the organization in the last month(s). The total number of packages and data (in MB) and the average packet-size (in Byte) is displayed.
The user can scroll over the graph with the mouse or the touchpad. According to the position (e.g. January 2017), the number of packages/bytes will be displayed next to the graph (e.g. January 1 2017, 396.885). The position is indicated by a small green ball.
The user can switch between packages
and bytes
by clicking the blue boxes at the top right corner of the graph. Additionally, the user can switch between graph
and table
by clicking the referring blue box at the top right corner. Only packets sent within the last 24 hours are shown there.
Furthermore, the statistics are updated in real-time on a list below the graph. Recent packages are blend in at the top of the list with the name of the device in the green box. Additionally, the date and time, the spreading factor and the (decoded) payload are shown. In case the decrypted payload is too long, it can be read completely by moving the slider to the right (at the bottom of the list).
4.4. Organization - Settings
The user can change the settings of an organization and its suborganizations if they have organization admin rights (compare chapter 3. admin).
4.4.1. General
Name
can be filled in. Numbers and letters are possible.
Visible organizations per level
can be defined (optional) by a formula that calculates the maximum visible organizations in the tree for each level.
Available variables are:
level
from 1 to n, recursion levelroot_children
amount of children the root organization haschildren
amount of children of the current parent organization Default: 10 / level
Changes are saved by clicking save
.
Organizations can be deleted by clicking the red box delete
at the bottom of the page. If the user deletes that organization all suborganizations will be lost forever, the data cannot be retrieved. The user cannot delete an organization if devices are allocated to that organization. Before deleting an organization, devices and users must be deleted.
4.4.2. Add or delete a suborganization
Suborganizations with children (other suborganizations) have a green plus
next to the name. By clicking plus
, the suborganization tree will be made visible. Non-parental suborganizations are indicated with a green flag next to the name.
Suborganizations can be added by clicking the green box add a suborganization
, adding a name and confirming it with save
.
Non-parental suborganizations can be deleted by clicking the red paper bin
.
4.4.3. Users
The administrator can:
add a user by filling in the
email
-field and define the role of the user in the drop-down menu:Read only; for giving the user only the rights to read the data. Device admin; to enable the user to administer devices, but no organizations. Organization admin; to give the user full rights.
change the role of the user by selecting it from the drop-down menu.
delete a user by selecting
kick
orleave
at a specific user. The user will no longer have access to the organization, which does not mean that his/her firefly account is deleted. The user might have other roles in other suborganizations though. If the user had only one role in the organization from which they were kicked out of, they can still log-in to firefly, but will not see any information. suborganizations Changes need to be saved by clickingsave
.
4.4.4. API Keys
API keys are necessary for defining interfaces to other software components. API keys are credentials and used for identification. In this section, the administrator can add, change and delete API keys. Every organization has a limit of API keys that can be used.
The API keys within the organization are listed by name, API Keys, Valid until, Limits and Actions. By clicking the red
paper bin or the green
validity pencil, the API key can be either deleted or changed.
At the bottom of the page a new API key can be added by clicking add API key
:
The user needs to fill in the Name
field, any combination of letters and numbers is allowed.
The API rate limiting
needs to be defined; meaning the number (e.g. 50) of requests per time unit (in milliseconds) needs to be filled in the field.
An API key can also have a validity date so that the API is disconnected automatically at a specific time and date. By defining the validity date the user needs to click on the green edit button and select the equivalent drop down menu.
If the owner should be able to change the API key, the box must be checked. The owner is the administrator of the suborganisations. Sometimes owners should not edit the API keys because they can be customers with limited admin rights.
Changes need to be confirmed by clicking save
.
4.4.5. Sinks
In that chapter, the user can see active sinks
, create new sinks
and read through the documentation
by clicking the equivalent box.
Webhooks allow you to build or set up integrations which subscribe to certain events on firefly. When one of those events is triggered, we’ll send a HTTP
POST
or GET
payload to the webhook’s configured URL
. Webhooks can be used to trigger external logic and processes.
Each webhook can be installed on an organization. Once installed, they will be triggered each time one or more subscribed events occurs on that organization or devices attached to it.
There is also a possibility to opt-in for all present and future events by using the wildcard event. While this should be used sparingly, you can use this to make sure no change goes unnoticed.
You can create any number of webhooks for each event on each installation target (specific organization).
Events When configuring a webhook, you can choose which events you would like to receive payloads for. Only subscribing to the specific events you plan on handling is useful for limiting the number of HTTP requests to your server.
Each event corresponds to a certain set of actions that can happen to your organization and/or devices. For example, if you subscribe to the up_ packet_received event you’ll receive detailed payloads every time an up packet is received by the device.
The specific events are avaiable when the user clicks on documentation
.
Add a new webhook by clicking create new sink
:
A webhook is a method of changing or improving firefly’s behavior with custom callbacks.
name
, webhook URL
and content type
(either “application/json” or “application/x-www-form-urlencoded” need to be selected. application/json with a HTTP POST is recommended, because using URL encoding is a less secure method of data synchronization. Unlike HTTP Post, data will be submitted as a query string, potentially exposing it in log files and to other services.
Also, the user needs to be aware of potential length limitations of URL strings. firefly can not guarantee a maximum length, since that value depends on the data the user’s device permits.
Finally, the user needs to select triggers for events by checking the equivalent boxes described below and save the webhook by clicking save new webhook
.
By clicking on documentation, the user will get more information about sinks, events, payloads (including content types/encodings and delivery headers).
4.4.6. Limits of an Organization
In that chapter, the user can define limits for the number of devices and / or for the number of API keys by writing the required number in the boxes. If a limit is reached, no new item can be created. E.g. max 100 devices can be created in a suborganization. Update Limits
saves the changes.
4.5 Organization - Multicast Groups
Multicast groups allow the sending of downlink packets to multiple devices at once. Requirements are that the device is configured with and listening on a multicast (sometimes called broadcast) address and knows the corresponding multicast group network- and application session keys.
Add multicast group
Multicast groups are listed and can be created in organizations using the Multicast Groups link on any organization page’s navigation menu.
Please note, we currently only support class C multicast groups.
Adding devices to multicast groups
Adding devices to a multicast group can be done in the device’s settings. The multicast group field there is a multiple select input field, which means more than one group can be selected. Depending on OS/browser selecting and unselecting specific groups can be done using ctrl or cmd and click. After selecting one or more multicast groups and submitting the changes, the multicast group(s) will appear in a Multicast Groups box on the left side of the device overview page and the device will appear in the multicast group’s Devices page.
Multicast group properties
The multicast group overview page is similar to the device overview page. On the left in the Properties box the group’s address, application session key, network session key and current frame counter are displayed.
Directly below the Send packet to group box also has the same functionality as a (class C) device, except for the optional Gateway IDs field, where multiple gateways can be written in a comma-separated list.
Recent messages
On the right of the multicast group overview page the list of recent packets contains the latest successfully sent downlink packets to this group. The multicast down packet structure is a little different from ordinary device downlink packets. Instead of a single gateway entry in the rx_data
object here there is a list of gateways used when sending this down packet. More detailed information about the structure of the multicast down packet can be found in the API docs.
Send packet to multicast group
Sending packets to a multicast group works the same as sending packets to a (class C) device.
If the optional Gateway IDs field is left empty, the network server will try to determine the minimum set of gateways needed to reach all devices in the multicast group based on recent uplink packets. If the field is not empty, the network server will try to send the downlink packet to the given gateways only.
In case of downlink packets seemingly stuck in the queue/outbox, the most common reason is that the networkserver has insufficient uplink data from the devices to determine the right gateway to send the downlink packet to. Or if gateway IDs were given the network server may not know (have no connection to) the given gateway because it has not received any uplink packets over it yet.
4.6 Organization - Gateways
Version 1.21.0 of firefly introduced support for the Basic Station packet forwarder (LNS protocol). This WebSocket-based protocol allows authentication of gateways. In firefly only the authentication mode TLS Server Authentication and Client Token is implemented. Therefore before using Basic Station-based gateways, they have to be added in firefly in the Gateways menu. Adding gateways is only necessary if they are using the Basic Station packet forwarder. Gateways using the standard UDP-based Semtech packet forwarder do not need to be added in firefly.
To connect gateways to the network server over TLS, they might need to be configured with the network server’s CA certificate. In case of firefly’s cloud version fireflyiot.com
this CA certificate can be obtained from Let’s Encrypt: https://letsencrypt.org/certs/isrg-root-x1-cross-signed.pem
4.6.1 Cisco gateway Basic Station setup
In firefly:
- Go to organizations -> Gateways -> Add gateway
Create EUI (e.g. from gateway’s hardware address), has to be unique system-wide
- Hardware address example: on gateway:
show interfaces
, MAC address:6E:67:A2:07:0E:B0:94:1F
-> EUI:6E67A2070EB0941F
- Hardware address example: on gateway:
Enter an auth token or generate random token
- Example:
44F72B5CB61CFD4FC5803DD982CD52C0
- Example:
On gateway:
- Install firmware updates (if available)
- Configure and test network connection
Configure ntp
configure terminal ntp server address pool.ntp.org exit
Configure GPS
configure terminal gps ubx enable exit
Check radio status, enable if off
show radio # look for "radio status" no radio off # enables radio
Prepare auth files:
- Format a USB drive/stick as FAT32
Create files on drive
serverca.crt
: Server CA certificate (PEM format)- E.g. for fireflyiot.com use Let’s Encrypt CA Root: https://letsencrypt.org/certs/isrg-root-x1-cross-signed.pem
gw.crt
: emptygw.key
(example):Authorization: 44F72B5CB61CFD4FC5803DD982CD52C0
- Auth token same as configured in firefly above
- Lines have to be CRNL terminated (Windows line endings)
- See also https://doc.sm.tc/station/authmodes.html#tls-server-authentication-and-client-token
On gateway setup auth files and LNS config:
- Connect using Cisco console USB cable
screen /dev/tty.usbserial-A50285BI 115200
Gateway>enable Gateway#usb enable Gateway#common-pack-forwarder cert install gw usb:gw.crt usb:gw.key Gateway#common-pack-forwarder cert install srv usb:serverca.crt Gateway#configure terminal Gateway(config)#common-packet-forwarder profile Gateway(config-cpf-profile)#ipaddr ns.fireflyiot.com port 443 Gateway(config-cpf-profile)#auth-mode client-server Gateway(config-cpf-profile)#gps enable GPS enabled successfully Gateway(config-cpf-profile)#gatewayid 6E67A2070EB0941F Gateway(config-cpf-profile)#tls-sni enable Gateway(config-cpf-profile)#cpf enable common-packet-forwarder has been enabled and is running Gateway(config-cpf-profile)#exit Restarting CPF to apply changes... Done. Gateway(config)#exit *Sep 25 12:35:06: Configured from console by console copy running-config startup-config
Debugging on gateway
- Enable logging:
debug cpf
- Show logs:
show common-packet-forwarder log name trace 100
4.7 Organization - System logs
The history of logged events for an organization and its child organziations can be accessed via the “System Logs”. The search will return all results partcially matching the entered search-term. The timerange to be applied for the search can be configured by the “From” and “To” field.
5. Using firefly: Devices
On the first screen after logging in, the number of favorite the user’s devices are displayed.
All devices will be listed by name, activation (OTAA, ABP), EUI and address. That view does not list devices of suborganizations.
Searching a specific device:
The user can search for devices as well as the statistics view for organizations and devices.
The device search is integrated into the organization device list, allowing the user to filter devices within an organization (even recursively).
The search supports Lucene Queries. The following fields are available and can be typed in the field term
:
name, tags, EUI, address, activation (otaa or abp), abp (bool), otaa (bool), description, device_class, organization, created, updated, class (a, c).
Here are some interesting queries that are possible:
created:(>now-30d) - All devices that have been added in the last 30 days
address:33 - All devices that have an address starting with 33
+otaa:true -address:[ TO ] - All OTAA devices that have never joined the network The statistics page of both devices and organizations also has been revamped, it now features a graph over packets or bytes (only up packets for now). The same data is available with the added Statistics API.
The results can be sorted descending
or ascending
and 10, 25, 50 or 100 devices can be listed per page. The user has to select the specifics in the dropdown menu.
Adding a device:
At the bottom of the list, new devices can be added by added by Over The Air Activation (OTAA)
or Activation By Personalization (ABP)
by clicking the green and grey boxes respectively. Please refer to chapter 5.5. and 5.6.
By clicking on a specific device in the list, the user is redirected to firefly’s device section which is divided into four subchapters, displayed in the upper dark grey menu:
- Overview
- Graphs
- Statistics
- Settings
5.1. Device - Overview
On selecting the device option in the upper dark grey section, list of devices are displayed. Select either one of the listed device, the specific window for this device opens. The Device Overview is divided into three areas. The two boxes on the left (properties and send packet to device) and the steadily updating table on the right with the device’s name as a title:
5.1.1. Mark a device as a favorite
On clicking the star icon on the top right corner of this window, the device is marked as a favourite.
5.1.2. interpret recent messages
by analyzing the table on the right:
- The up- or down- arrows indicate if the message is a uplink from the device to the gateway (arrow facing up), or if it is a downlink from the gateway to the device (arrow facing down).
- The clock columns indicates the date and time of the last message sent.
- The Framecounter (FCNT) is implemented to avoid replay attacks. (Messages that are sent again are going to be ignored.) strengths , the displayed value in the field Frame Counter is incremented.
- The Payload is the actual information of the packet. It needs to be decrypted. To decrypt a payload of a specific device, the user needs to select an existing or define a new device class. By setting up a new device class, the user must define the parser (compare chapter 4.1.4.1. Add a device class and define the parser).
- Freq indicates the frequency a data packet was sent or received along in Megahertz. The values spread around 868MHz.
- The power level graph visualizes the [receive signal strength indicator] (https://en.wikipedia.org/wiki/Received_signal_strength_indication) in dBm (dezibel Milliwatt). It is a logarithmic indication of the abbreviation of the sending/receiving signal. 1 mW is 0 dBm, values over 1 mW are positive dBm-values, values below 1 mW are negative dBm-values. If the data packet is received from several gateways, the best value will be shown. The closer the value to zero, the better the signal to noise ratio. LoRa RSSI values usually vary between -125 and -137 dBm.
- SNR or LSNR is the abreviation for LoRa signal to noise ratio and indicates the level of a LoRa signal to the level of background noise in dBm.
- SF is the abreviation for Spreading Factor. The spreading factor is the ratio between chip- and symbol rate. A high spreading factor (e.g. 12) is accompanied by a high range (e.g. 20km), long “time on air” (e.g. 2,5 seconds and a low data transmission rate (bit/s). A low spreading factor (e.g.7) is accompanied with a lower range, shorter “time on air” (e.g. 100ms) and a higher data transmission rate (bit/s). The time on air can be calculated if spreading factor and the package size are known.
- BW indicates the used bandwidth a signal was sent along in kHz (e.g. 125kHz).
- The check mark in the last column indicates that a packet was acknowledged by the other party (gateway or device). The hourglass shows that the sensor or gateway is waiting for an acknowledgement of the other party that the packet was received. The user can check the box
confirmed
(device overview) if the gateway should wait for a confirmation from the device.
The user can click on the red highlighted word payload
in order to see more details.
- The date and time of the received package will be shown.
- the UUID ( Universally Unique Identifier is a 16-Byte-number to identify information. It is hexadecimal and divided in 5 groups: e.g. 123e8400-e29b-11d4-a716-446655440000.
- The Application Payload and its size (in bytes)
- The Raw LoRaWAN Payload and its size (in bytes)
- The decrypted payload (if possible) together with the transmission details of the data (Port, SF, BW, FCNT, ToTal Size of the packet(in bytes), Frequency, Gateways, RSSI, LSNR the device was communicating with.
The user can get even more detailed information in programming language by clicking the blue box show raw
.
Additionally to the information mentioned above, the user gets information of
- the packet information (the time, UID, SF etc.)
- the server data (gateways communicating with the device; time stamps, gateway EUI, etc..
- the raw payload (port, payload, parsing information
- organizational details (ID, MICpasses, acknowledgements, etc….)
- parsing information (variables).
This is an example how to read the payload in raw:
"type": "up_packets"
to indicate up- or down-links.
"data":
compare section above; the time, UID, SF and further server data like:
size of the packet, Raw payload, Mtype, Modu, MIC (messanger integrity code with the values false/true), mac commands (commands from the gateways to the device),
Gateways RX and details (time stamp, date + time, SRV-RCV time, RSSI, LSNR, gateway EUI, frequencies (around 868MhZ), Fopts, device address in hexadecimal are shown:
"updated_at": "2017-02-17T13:36:01.724194",
"uid": "2a767e29-25fc-4ea3-a78f-a404b3ad2457",
"spreading_factor": 12,
"server_data" (infmillisecondsormation from the gateway): {
"size" (of the data packet): 1 Gateway 9,
"raw" (packet in its raw form without being parsed or decrypted): "gDqfO0GAAAABzOhRxJ92Hyv9MA==",
"mtype" (type of the package, e.g. up- or down (confirmed) package): "confirmed_data_up",
"modu" (modulation that was used. Always Lora in this case): "LORA",
"mic_pass" (message integrity code) : true, (correct mic, mic has passed)
"mac_cmds" (commands from the gateway to the sensor, e.g. spreading factor adaption from 12 to 7): [],
"gwrx": (rx=receiving, tx=transmission): Gateway receiving information[
{
"tmst" (time stamp in seconds): 3244649316,
"time"(time stamp in milliseconds): "2017-02-17T13:35:59.603284Z",
"srv_rcv_time" (server receive time in milliseconds): 1487338560601870,
"rssi": -104,
"lsnr": 5.5,
"gweui" (Gateway identification): "0000024B080E040C"
},
{
"tmst": 3363410132,
"time": "2017-02-17T13:36:00.110270Z",
"srv_rcv_time": 1487338560361486,
"rssi": -115,
"lsnr": -11.2,
"gweui": "0000024B080E0909"
}
],
"freq": 868.5,
"fopts (send additional information for the device - clarified in the LoRaWAN specs)": "",
"dev_addr_hex": "413b9f3a",
"datr" (data rate: spreading factor + bandwidth 125): "SF12BW125",
"codr" (code rate, compare LoRaWAN specs): "4/5"
"raw_payload": "803a9f3b4180000001cce851c49f761f2bfd30",
"port": 1,
"payload_encrypted" (is the payload encrypted): false, (not encrypted, true= encrypted)
"payload": "7c265e540ae8",
"parsed_packet" (additional information to the server data to encrypt the payload): {
"port": 1,
"pending": false,
"mtype (description of type and direction)": "confirmed_data_up",
"mic_pass": true,
"major": 0,
"mac_cmds": [],
"fopts_len": 0,
"fcnt": 0,
"dir" (of up- or downlink) : "up",
"dev_addr_hex": "413b9f3a",
"adrackreq" (is a ADR acknowledgement requested): false (false = no)
"adr" (adaptive data rate compatible): true, (true = yes)
"ack" (acknowledgement): false (no acknowledgment required)
},
"parsed" (in payload described): {
"temperature": 17.897414550781242,
"humidity": 54.619354248046875,
"battery": 3.5913352435530084
},
"organization_id" (ID of an organization within firefly): 44,
"organization" (name and details of organization): {},
"mic_pass": true,
"inserted_at" (when inserted in the data base): "2017-02-17T13:36:01.7242",
"frame_counter": 0,
"device_id": 762,
"device" (name and details of device): {},
"bandwidth": 125,
"ack": false
"created": "2017-02-17T13:36:00.601Z",
"slug" (unique ID that is independent of LoRa to identify a packet: "2a767e29-25fc-4ea3-a78f-a404b3ad2457",
"parsed": {
"temperature": 17.897414550781242,
"humidity": 54.619354248046875,
"battery": 3.5913352435530084
"visibleVariables" (visability of parsed values in firefly) : [
[
{
"type": "number",
"suffix": "°C",
"name": "temperature",
"digits": 2
},
{
"type": "number",
"suffix": "%",
"name": "humidity",
"digits": 2
},
{
"type": "number",
"suffix": "V",
"name": "battery",
"digits": 1
5.1.3. Device properties:
In the device properties
box on the upper left, several device details are listed:
- Activation-Mode: ABP or OTAA (Over The Air Activation) or (Activation By Personalization)
- EUI: “Extended Unique Identifier” to identify a device, the device address is included in the EUI.
- Device Address to identify a device.
- The ApplicationSessionKey which is transferred to the Application Server (AS).
- NetworkSessionKey to communicate with the Network Server (NS). The network session key is sent to the NS.
- The overall Framecounter of the device. It counts the amount of sent packages. The NS checks the frame counter of the mote (FCNT) and routes packages to the correct Application Server (AS). The FCNT avoids replay attacks.
- Device class. A device class in firefly defined category for several devices. The user can click on the name of the device class (indicated in green in order to be redirected to the device class section (4.1.1.4).
5.1.4. Send packet to device
In the box Send packet to device
, the user can send packets from the gateway to the device. The user needs to define…
the port where the information should be sent to. The user can choose between 1 and 223. Different payloads can be send to different ports. A port value of 0 indicates that the FRMPayload contains MAC commands only. Port values are application specific.
the payload the user wants to send. e.g. “beaf”.
The payload encoding should be hexadecimal (base16), base 64 or UTF8.
Confirmed
is checked, if an acknowledgement is requested.The payload is sent by clicking the green button
send
.
If the encoding is not correct, a message in red “error. check your payload and encoding” will appear. If the payload is send, a green check mark will be blended in.
As soon as the payload is sent, it appears in the box Outbox
.
- the time in the queue is shown, it counts the seconds since the user was clicking
send
. - the framecounter counts up.
- the port number is shown.
- there is the possibilty to delete the packet in the outbox. The user needs to click on the red
bin
symbol.
5.2. Devices - Graphs
By clicking graphs
in the upper menu, the user gets a graphical overview of the sent information in the last hours. Different graphs are shown depending on the device class and how it is parsed (compare chapter 4.1.4. device classes).
The user can scroll with the mouse or the touchpad over the graph. According to the position (e.g. 12:00am), the equivalent value will be displayed next to the graph (e.g. January 1 2017, 28 degrees Celsius). The position is indicated by a small green ball.
5.3. Devices - Statistics
By clicking statistics in the upper menu, the user gets a graphical and tabular overview of the sent packages and bytes of the device in the last month(s). The total number of packages and data (in MB) and the average packet-size (in Byte) is displayed.
The user can scroll with the mouse or the touchpad over the graph. According to the position (e.g. January 2017), the number of packages/bytes will be written next to the graph (e.g. January 1 2017, 150). The position is indicated by a small green ball.
The user can switch between packages and bytes by clicking the blue boxes at the top of the graphic. Additionally, the user can switch between graph and table by clicking the referring blue box at the top right corner.
5.4. Devices - Settings
The user can set and change different device parameters:
name
: e.g. “temp+humidity_v1”
description
(e.g. Hamburg’s office, balcony). The description supports marcdown.
tags
can be filled in the box. Tags will be shown on the device overview. For example the tag example
is often used for showcases. Several tags are separated by comma.
The device can be activated either by “Activation by personalization (ABP)” or by “activation over the air (OTAA)”. Depending on the way of activaton, the device settings look different.
Device EUI: A worldwide unique identifier for the device. It has 8 bytes (16 hex characters). It can be generated randomly if no device EUI is available by clicking the green button
random
.Device Address: The address the device uses to communicate with the network. It has 4 bytes (8 hex characters). It can be generated randomly if no device EUI is available by clicking the green button
random
.Application Session Key: The AS key is a 16 bytes key used to encrypt the application payload. If left blank, firefly can’t decrypt the application payload but the user will still be able to see the encrypted payload.
If the user wants to activate the device by ABP, the user can supply the address and the session keys themselves. Please note that this should only be used for debugging and the possibility to add devices like that will be removed in the future.
If the user needs random example values, click the random-button next to each field.
All values have to be entered as big endian.
Network Session Key: 16 bytes key used to encrypt the LoRaWAN packet.
Application EUI: The Application EUI is optional. The box “Device is class C capable” needs to be ticked, if the device is permanently awake. The device must support class C if the user checks this, otherwise it won’t receive any down packets.
RX2 Data Rate: In RX2 the user can select the data rate used to send in RX2 window of down packets. The preferred spreading factor and bandwidth can be selected in a dropdown menu. The box “Ignore consecutive packets with equal frame counter” needs to be checked if…. In the default setting, it is not checked.
Device-class: The device class defines how the application payload can be parsed (optional). The user can select a device class by drop-down menu.
Organization: The user can select the organization in which the device should be listed per drop-down menu.
The user needs to confirm the changes of the settings by clicking the green box submit
.
5.5. Add a device by OTAA
All devices of an organization are shown by clicking show all
in the favorite devices square or by clicking devices
in the top menu.
At the bottom of the list, new devices can be added by Over The Air Activation (OTAA)
or Activation By Personalization (ABP)
. The user needs to click on the green box add OTAA device
.
For adding a device over the air, the following fields need to be filled in (compare 4.2.4. settings):
name
: e.g. holleymeter_v1
description
(e.g. Hamburg’s office, balcony). The description supports markdown.
tags
can be filled in the box. Tags will be shown on the device overview. For example the tag example
is often used for showcases. Several tags are separated by comma.
activation
: Here is the possibility to change from ABP to OTAA (compare 4.2.6.). To activate a device over the air, the user needs to provide a unique, 8 bytes long EUI and a 16 bytes long application key that is used to encrypt the join request.
After the device sends a join request, it is automatically assigned to an address and will also receive an application key (for payload encryption) as well as a network key (for MAC header encryption).
If the user needs random example values, click the random-button next to each field. All values have to be entered as big endian.
Device EUI
A worldwide unique identifier for the device. It has 8 bytes (16 hex characters). It can be generated randomly if no device EUI is available by clicking the green button random
.
Application Key
is the key that the device uses for the join-handshake. It has 16 bytes (32 hex characters).
Application EUI
The Application EUI is optional. The box “Device is class C capable” needs to be ticked, if the device is16 bytes permanently awake. The device must support class C if the user checks this, otherwise it won’t receive any down packets.
RX2 Data Rate
: In RX2 the user can select the data rate used to send in RX2 window of down packets. The preferred spreading factor and bandwidth can be selected in a dropdown menu.
The box “Ignore consecutive packets with equal frame counter” needs to be checked if…. In the default setting, it is not checked.
Device-class
: The device class defines how the application payload can be parsed (optional). The user can select a device class by drop-down menu.
By clicking adding another device
, the user can be redirected directly to an interface to add an additional device.
The user needs to confirm the action by clicking the green button submit
.
5.6. Add a device by ABP
All devices of an organization are shown by clicking show all
in the favorite devices square or by clicking devices
in the top menu.
At the bottom of the list, new devices can be added by Over The Air Activation (OTAA)
or Activation By Personalization (ABP)
. The user needs to click on the green box add ABP device
.
For adding a device by personalization, the following fields need to be filled in (compare 4.2.4. settings):
name
: e.g. holleymeter_v1
description
(e.g. Hamburg’s office, balcony). The description supports markdown.
tags
can be filled in the box. Tags will be shown on the device overview. For example, the tag example
is often used for showcases. Several tags are separated by comma.
activation
: Here is the possibility to change from ABP to OTAA (compare 4.2.6.). To activate a device by ABP, the user can supply the address and the session keys himself. Please note that this should only be used for debugging and the possibility to add devices like that will be removed in the future.
If random example values are needed, the user needs to click the random-button next to each field. All values have to be entered as big endian.
After the device sends a join request, it is automatically assigned to an address and will also receive an application key (for payload encryption) as well as a network key (for MAC header encryption).
Device EUI
A worldwide unique identifier for the device. It has 8 bytes (16 hex characters). It can be generated randomly if no device EUI is available by clicking the green button random
.
Device address
: The address the device uses to communicate with the network. It has 4 bytes (8 hex characters). It can be generatedadditional randomly if no device EUI is available by clicking the green button random
.
Application Session Key
- The AS key is a 16 bytes 16 bytes key used to encrypt the application payload.
If left blank, firefly can’t decrypt the application payload but the user will still be able to see the encrypted payload.
If the user wants to activate the device by ABP, the user can supply the address and the session keys themselves. Please note that this should only be used for debugging and the possibility to add devices like that will be removed in the future.
If the user needs random example values, click the random-button next to each field. All values have to be entered as big endian.
Network Session Key:
16 bytes key used to encrypt the LoRaWAN packet.
RX2 Data Rate
: In RX2 the user can select the data rate used to send in RX2 window of down packets. The preferred spreading factor and bandwidth can be selected from the dropdown menu.
The box “Ignore consecutive packets with equal frame counter” needs to be checked if…. In the default setting, it is not checked.
Device-class
: The device class defines how the application payload can be parsed (optional). The user can select a device class by drop-down menu.
By clicking adding another device
, the user can be redirected directly to an interface to add an additional device.
The user needs to confirm the action by clicking the green button submit
.
6. Frequency plans
All of these frequency plans are based on the default plans used in Multitech gateways.
6.1 EU868
Uplink:
- 868.1 MHz (SF7BW125 - SF12BW125)
- 868.3 MHz (SF7BW125 - SF12BW125)
- 868.5 MHz (SF7BW125 - SF12BW125)
- 867.1 MHz (SF7BW125 - SF12BW125)
- 867.3 MHz (SF7BW125 - SF12BW125)
- 867.5 MHz (SF7BW125 - SF12BW125)
- 867.7 MHz (SF7BW125 - SF12BW125)
- 867.9 MHz (SF7BW125 - SF12BW125)
Downlink:
Same as uplink + default RX2 parameters 869.525 MHz (SF12BW125)
6.2 US915
Uplink:
- 902.3 MHz (SF7BW125 - SF10BW125)
- 902.5 MHz (SF7BW125 - SF10BW125)
- 902.7 MHz (SF7BW125 - SF10BW125)
- 902.9 MHz (SF7BW125 - SF10BW125)
- 903.1 MHz (SF7BW125 - SF10BW125)
- 903.3 MHz (SF7BW125 - SF10BW125)
- 903.5 MHz (SF7BW125 - SF10BW125)
- 903.7 MHz (SF7BW125 - SF10BW125)
Downlink:
- 923.3 MHz (SF7BW500 - SF12BW500)
- 923.9 MHz (SF7BW500 - SF12BW500)
- 924.5 MHz (SF7BW500 - SF12BW500)
- 925.1 MHz (SF7BW500 - SF12BW500)
- 925.7 MHz (SF7BW500 - SF12BW500)
- 926.3 MHz (SF7BW500 - SF12BW500)
- 926.9 MHz (SF7BW500 - SF12BW500)
- 927.5 MHz (SF7BW500 - SF12BW500)
- RX2: 923.3 MHz (SF12BW500)
6.3 AU915
Uplink:
- 915.2 MHz (SF7BW125 - SF12BW125)
- 915.4 MHz (SF7BW125 - SF12BW125)
- 915.6 MHz (SF7BW125 - SF12BW125)
- 915.8 MHz (SF7BW125 - SF12BW125)
- 916.0 MHz (SF7BW125 - SF12BW125)
- 916.2 MHz (SF7BW125 - SF12BW125)
- 916.4 MHz (SF7BW125 - SF12BW125)
- 916.6 MHz (SF7BW125 - SF12BW125)
Downlink:
- 923.3 MHz (SF7BW500 - SF12BW500)
- 923.9 MHz (SF7BW500 - SF12BW500)
- 924.5 MHz (SF7BW500 - SF12BW500)
- 925.1 MHz (SF7BW500 - SF12BW500)
- 925.7 MHz (SF7BW500 - SF12BW500)
- 926.3 MHz (SF7BW500 - SF12BW500)
- 926.9 MHz (SF7BW500 - SF12BW500)
- 927.5 MHz (SF7BW500 - SF12BW500)
- RX2: 923.3 MHz (SF12BW500)
6.4 AS923
Uplink:
- 923.2 MHz (SF7BW125 - SF12BW125)
- 923.4 MHz (SF7BW125 - SF12BW125)
- 923.6 MHz (SF7BW125 - SF12BW125)
- 922.2 MHz (SF7BW125 - SF12BW125)
- 922.4 MHz (SF7BW125 - SF12BW125)
- 922.6 MHz (SF7BW125 - SF12BW125)
- 922.8 MHz (SF7BW125 - SF12BW125)
- 923.0 MHz (SF7BW125 - SF12BW125)
Downlink:
Same as uplink + default RX2 parameters 923.2 MHz (SF10BW125)
6.5 IN865
Uplink:
- 865.0625 MHz (SF7BW125 - SF12BW125)
- 865.4025 MHz (SF7BW125 - SF12BW125)
- 865.9850 MHz (SF7BW125 - SF12BW125)
- 865.2325 MHz (SF7BW125 - SF12BW125)
- 866.1850 MHz (SF7BW125 - SF12BW125)
- 866.3850 MHz (SF7BW125 - SF12BW125)
- 866.5850 MHz (SF7BW125 - SF12BW125)
- 866.7850 MHz (SF7BW125 - SF12BW125)
Downlink:
Same as uplink + default RX2 parameters 866.55 MHz (SF10BW125)
6.6 KR920
Uplink:
- 922.1 MHz (SF7BW125 - SF12BW125)
- 922.3 MHz (SF7BW125 - SF12BW125)
- 922.5 MHz (SF7BW125 - SF12BW125)
- 922.7 MHz (SF7BW125 - SF12BW125)
- 922.9 MHz (SF7BW125 - SF12BW125)
- 923.1 MHz (SF7BW125 - SF12BW125)
- 923.3 MHz (SF7BW125 - SF12BW125)
Downlink:
Same as uplink + default RX2 parameters 921.9 MHz (SF12BW125)
6.7 CN470
Uplink:
- 486.3 MHz (SF7BW125 - SF12BW125)
- 486.5 MHz (SF7BW125 - SF12BW125)
- 486.7 MHz (SF7BW125 - SF12BW125)
- 486.9 MHz (SF7BW125 - SF12BW125)
- 487.1 MHz (SF7BW125 - SF12BW125)
- 487.3 MHz (SF7BW125 - SF12BW125)
- 487.5 MHz (SF7BW125 - SF12BW125)
- 487.7 MHz (SF7BW125 - SF12BW125)
Downlink:
- 500.3 MHz (SF7BW125 - SF12BW125)
- 500.5 MHz (SF7BW125 - SF12BW125)
- 500.7 MHz (SF7BW125 - SF12BW125)
- 500.9 MHz (SF7BW125 - SF12BW125)
- 501.1 MHz (SF7BW125 - SF12BW125)
- 501.3 MHz (SF7BW125 - SF12BW125)
- 501.5 MHz (SF7BW125 - SF12BW125)
- 501.7 MHz (SF7BW125 - SF12BW125)
- RX2: 505.3 MHz (SF12BW125)
7. Network server addresses
For configuration of UDP-based Semtech packet forwarder
- Europe/Frankfurt (EU868): server address
fireflyiot.com
, up/down port 1700 - US/West (US915): server address
us1.ns.fireflyiot.com
, up/down port 1700 - South America/Sao Paulo (AU915): server address
br1.ns.fireflyiot.com
, up/down port 1700 - India/Mumbai (IN865): server address
in1.ns.fireflyiot.com
, up/down port 1700 - Asia Pacific/Singapore (AU915): server address
sg1.ns.fireflyiot.com
, up/down port 1700 - Asia Pacific/Hong Kong (CN470): server address
cn1.ns.fireflyiot.com
, up/down port 1700 - Asia Pacific/Seoul (KR920): server address
kr1.ns.fireflyiot.com
, up/down port 1700 - Other regions: contact support for availability
8. Copyright
firefly is Copyright © 2017-2021 DIGIMONDO GmbH. All rights reserved.