NanoVNA: Low-cost handheld 4GHz vector network analyzer
nanorfe.comMake sure you read the "beware of clones" section carefully. There are some real shysters out there. Even the official UK reseller of the "lesser" sub 1GHz NanoVNA has been caught shipping cloned crap that doesn't even pass self test or work properly on multiple occasions.
On to more optimistic things: these are really good. My neighbour is fairly deaf and has her television obnoxiously loud watching snooker until gone midnight. I asked her politely to turn it down before and was told to fuck off. So as it's on digital terrestrial broadcast TV and we have a shared antenna, I looked up the channel and frequency and set up a fairly narrow band sweep across it and connected the NanoVNA to my TV feed line. She got fed up after about 5 minutes of it cutting out every couple of seconds and turned her TV off.
That's not what I bought it for but that has been my favourite use so far. I originally purchased it to test some 70cm HT antennas.
The clone thing is more controversial than it appears at first. What actually happened was more like this:
1) The original NanoVNA developer publishes the design and quits the field.
2) OwoComm redesigns it for wider coverage, making extensive changes and substantial improvements. She releases the design under the GPL.
3) Some people in China start building clones such as the SAA-2N and making useful improvements of their own. They sell these clones at ridiculously low prices, which are only slightly profitable if at all.
4) OwoComm goes nonlinear and attacks the cloners with everything she has. (Un)fortunately she doesn't have much, because the GPL contains no anti-dumping provisions and the cloners did nothing to violate the extremely liberal license she used.
5) OwoComm does the only thing that makes sense, and returns to the drawing board to create an improved design of her own. Unfortunately the newer designs are closed, due to her previous negative experience with cloners.
It's more complicated than this, in that some of the recent clones have been accused of violating the GPL by failing to release their modified sources. But OwoComm has also not reacted in the most professional manner. The clone vendor hugen, in particular, has added quite a bit of value to the product and (as far as I can tell) has behaved in good faith, but he has been at the top of OwoComm's (s)hit list since the SAA-2N's release.
Kind of a bummer, because these are all some very talented engineers who have, collectively, delivered some amazing hardware to lots of people who would otherwise have been unable to afford anything like it. It's also true that there have been a lot of complete garbage clones released, but the one I mentioned is not one of them. It's a legitimately incredible piece of hardware. Painting all of the clones with the same brush does not capture the reality of the situation.
Be careful, this isn't something you should talk about/admit in public at all. Feds really don't like it when people mess around licensed bands.
That's on a shared antenna so no significant broadcast going on, just interfering on the local coax. Never heard of antennas being shared between homes before like that but if it is what he says then it'd be too low power to matter outside of what's directly connected.
Interfering with her reception of broadcast TV is what is illegal. It doesn't need to impact more than one person. Cable is a different matter, you could try for civil damages but I see that as unlikely to get anywhere.
That said, being too loud is interfering with someone's life, so personally seems fair.
>Interfering with her reception of broadcast TV is what is illegal. It doesn't need to impact more than one person.
That's not illegal, also this was in the U.K. Governments regulate the airwaves, that authority ends at the antenna. As the original poster already stated in a separate comment, he never transmitted anything that would have meaningfully broadcasted any interference on a licensed frequency band. This is no different than cable, especially considering back in the day cable networks were created to distribute broadcast channels from big antennas at their head end.
This was after weeks of problems and disturbed sleep for a family of 4 and multiple neighbours. And she eventually got a written warning from the local council noise control officer. The immediate thing that follows that is an antisocial behaviour order, usually applied to violent teenagers and the like.
Being respectful of your neighbours is a little understood concept for some people and age and/or disability doesn't exclude your social responsibility to others.
it's about -8dBm into the feed, which is quite lossy so basically nothing and the antenna is a yagi so directional with little gain as it's receive optimised. It mostly just overloads the AGC and preamp on the front end of the other television pushing the signal below the noise floor.
We have Ofcom here. I have dealt with them before on behalf of someone else.
They didn’t even do anything to someone we located and identified and collected evidence for who was jamming amateur radio repeaters.
The advice to "beware of clones" is good advice that applies to the HackRF SDR as well. Despite HackRF being open source, it doesn't mean all clones are good clones.
https://greatscottgadgets.com/2021/12-07-testing-a-hackrf-cl...
Do you realize you just admitted to a crime?
I try and commit at least one every day :)
Committing them is one thing, admitting to them in open fora is another.
as a crime it may a be a small one. As a totally lacking empathy a*hole who denied a hearing impacted grandma her favorite show he is definitely a big one though.
For reference, the local council noise control officer eventually gave her a written warning. She's the asshole for knowingly not being respectful of multiple neighbours' basic requirements for sleep. Even when I approached her nicely about it, after taking her bins out for 5 years, the response was "fuck off" and the door slammed in my face.
Sometimes the only way to deal with an asshole is serve them their own medicine.
And in no way does age or disability excuse poor behaviour. I know that as a parent of a disabled child with mental health issues...
There's that.
There's probably a market for a sub $1 "smart chip" that can be added to a design. Something that can be factory programmed with a unique serial number. To keep from being cloned, verification operation wouldn't be as simple as reading out the number. Instead, the chip would respond with some sort of hash. Similar to how Apple secures their SOCs.
The security wouldn't need to be perfect. Even something simple would be sufficient to deter an unscrupulous reseller.
There are a bunch of options out there for doing this. Many ICs have built in key storage, but there are a few that are separate. There are some pros to using on micro key management, but one of the big cons is that many times the auth can be bypassed if you can overwrite or glitch the firmware.
If I were concerned about counterfeit things, in an application like this, you would pre program each one with a unique key and everything would be tied to it. Firmware upgrades need to be validated, to download, you would need the key, run the software, key needs to sign something back… etc.
https://octopart.com/atsha204a-sshda-t-microchip-77761819?r=...
But the original would have to see it coming and put this in the design, AND maintain a registry of all the valid chip serials. No hobbyist wants that headache.
What if I buy one real device and clone the serial number? This has been solved more than a decade ago but it requires hardware with secure storage to maintain a private key. Some centralized service holds the public key and can verify the device by asking it to sign something with the private key. This is basically every cell phone, quality IoT device, etc. The private key is installed in the factory, maybe provided by a secure connection back to the centralized service. Hardware features lock that key in place preventing it from being read out without a ton of work (connections are literally burned open with overcurrent inside the IC).
Since the key is unique to the device, it can easily be disavowed in the central database if a device does become compromised. Anything less than this is probably a few hours from being completely broken. And this scheme can be broken by non-state actors, especially if the private key storage is naively or poorly implemented. Many MCUs have multiple levels of readout protection and it can be easy to misconfigure. A single mistake in memory mapping could expose information on external interfaces. And then you’re trying to do all of this in China, on the cheap. Pack a lunch.
Did you read the datasheet or are you responding to your imagination?
Anyway, there's a litany of similar devices to fill whatever requirements you wish. SIM cards, for instance, are available in WSON8 MFF2 chips that you can directly solder to a board.
Why are you so rude? I am a hardware engineer and I’m explaining how you establish trust with hardware devices. This information isn’t contained in a single data sheet, it spans an entire global supply chain.
A SIM card is just one way to do exactly what I described. It’s expensive and probable not a good choice for small, cheap devices. Not to mention brings along a whole host of associated security complexity.
1$ in component price is like 4$ in device sales price. It needs more to be in the 5 cents range.
They make ‘em for secure key storage. The kind of drm scheme you’re describing, though, is not going to be too challenging for someone to subvert who’s already willing to use any of a number of methods to have firmware read off a protected chip.
It's not DRM but serial or secret registry. It allows you to voluntarily check the product you've received against a known list of vendor produced products to allow you to detect a counterfeit.
With the customer as a willing participant such things are hard to subvert.
There are inexpensive RFID tags with anti-counterfeiting features meant for retail goods, since that's become an increasing problem. They're primarily intended for retailer use since ordinary people don't have a RFID reader but since RFID readers are getting cheaper all the time, there is talk about consumers being able to authenticate their goods as well sometime in the future.
One challenge - authenticity checks need to be done end-to-end(where we that end may be)
If you had such a chip, who would check it for authenticity? That check would need to be well secured, so likely not the ARM firmware on the nanovna itself.
Possibly not nanoVNA-saver: the unscrupulous supplier might just include an unlabeled CDR with patched software.
They have this, people just don't use them. A lot of MCUs have the functionality built in now.
I love my NanoVNA. I used it to tune my 6 band fan dipole. That took a lot of tuning! It works fantastically, and I've made contacts from the UK to Australia with it.
I've also used it for measuring the resonance frequency of tuned circuits and even as an RF signal generator.
Every radio amateur should have one! In fact if you are into any sort of radio it is useful. I also used mine to investigate the quality of various WiFi antennas to see if they were resonant in the right places.
Having this device in college when I was doing E&M would have been an absolute game changer. The closest thing that existed was an MFJ antenna tuner for Ham Radio that only measured S11 at one frequency, and cost around $500. The next step up was to buy used equipment, which was four figures or more. Having something that goes to 1 GHz, does both S11 and S21, and only costs $50? Unreal.
Having used a modern VNA, the NanoVNA would feel cramped now... but still: E&M would have been so much easier to understand with one of these, and a few labs.
It’s utterly depressing watching people fish out cash for an MFJ tuner these days. They still sell the things and they still command a stupid price for a thoroughly inferior device.
The two guys I know who still own them only do so because they are Sinophobes and MFJ stuff is (terribly) assembled in the US still.
Indeed.
MFJ in the amateur radio community is called "Mighty Fine Junk" fairly often. I have purchased some things from MFJ, but I notice that I now avoid doing so unless I'm desperate.
no one confuses gear from MFJ with "high quality". cheap stuff, that whets your appetite for the good stuff.
and yes, i have an MFJ tuner and the 20 meter QRP rig they sell. it is a ford or a chevy, not a lexus or a mercedes. (both items were received with parts loose and had to have some re-assembly).
Ha ha, I had to use a slotted line.
Also see the TinySA https://www.tinysa.org/wiki/ and DSO Nano: https://www.seeedstudio.com/DSO-Nano-v3.html to complete your mini homebrew electronics and radio lab.
A coworker was just showing me his the other night. We pitted it against a much more expensive network analyzer to see how it did and it was quite impressive, especially considering the price and size, and was definitely serviceable for amateur and student use. It's a seriously exciting device.
I find incredible a product like this is in the market, where the minimal price to pay for a similar professional device is around $4000, maybe a couple thousands for lower end models.
Of course the accuracy of this device might be a lot less than those professional devices, but when you are a ham amateur hobbyist who want to know if some transceiver, antenna, cables, or other devices are working good, you get a lot of "device" for such a low price.
In ELI5 terms:
What is a VNA?
What are some exemplary, common things I could do with it?
A Network Analyzer is an instrument to analyze the performance of a network of electronic components. Vector means that it analyzes phase as well.
It can tell you the effective Resistance, Inductance and Capacitance of the network at various frequencies. This is useful for tuning radio antennas or filters, or identifying bad cables or connectors.
You can precisely measure the length of a cable from one end (by measuring the time for the signal to reflect).
You can use it as a signal generator to illegally jam your neighbors TV signal, as another commenter here noted.
Not many common uses for it unless you think amateur radio is common.
Thanks!
While mastax's explanation is correct, it's not really "like you're 5."
These low end VNAs have two connectors. A signal comes out of connector 1 and goes to connector 2. What happens to that signal is measured, including the change in amplitude (up or down) and phase shift (left or right.) Also, whatever signal bounces back to connector 1 is measured for amplitude and phase.
With that you can tune antennas, characterize filters, measure attenuators and amplifiers, measure distances on transmission lines, measure resonators, capacitors and inductors and some other stuff.
That's about as simple as it can be explained without resorting to baby talk.
>That's about as simple as it can be explained without resorting to baby talk.
Can't say I'm not interested in what that would sound like.
who's a good wittle antenna? Dats wight! You are! You a good wittle antenna!
Ooh yes, you are a good widdle antenna except when I make a noise like eeeEEE and then you are a very bad little antenna right there in the middle. Bad antenna! Very bad antenna!
I'd like to add a few practical examples
- a LC filter might look like this https://www.qsl.net/kp4md/lpfilter2.jpg, by poking the turns of the coil, you change the frequency and width; with a real-time display on a VNA you can fine-tune a filter with a bit of practice (I't maybe better to have linear, not toroid, coils for this)
- a ceramic filter might look like this http://www.pro-line.co.kr/base/img/_proline/product/Ceramic_.... We were recently optimizing filters in our radar and I said something like "this filter is cool but it's about 30 MHz (0.5%) too low" and our RF wizard said "no problem we will sand off a tiny bit on one end" [changing the shape and thus the resonant frequency]. Again you observe the characteristics of the filter and poke it and tune it to your needs.
The above is called S21 parameter of the filter. Basically "what goes through and what not" (depending on frequency). https://en.wikipedia.org/wiki/Scattering_parameters
- when you are chaining amplifiers, there is a problem with reflected power - the next stage input will not eat everything, a part of the signal will bounce back, and this will create standing waves https://en.wikipedia.org/wiki/Standing_wave_ratio and either the voltage is rising and something will get destroyed or this will create a resonance in your system and it will oscillate. You can either use isolator https://en.wikipedia.org/wiki/Isolator_(microwave) (a device that allows energy to pass in one direction, and eats it in the other), but that's clumsy and expensive, or you can tune the amplifier/the board. You take a little piece of copper (like a 1x2mm chip 50um thick or so) on a wooden/plastic stick (so it's non-conductive) and try to put it in various places on the microstrip leading to the amplifier. You basically have a 0.01pF capacitor and you are trying to add it to the transmission line so the reflected wave will get exactly attenuated. When you are happy with the position, you solder it down. You can also tune amplifier output power/gain with this technique, I imagine this works by providing the output driver a "buffer" that it can use to temporarily store energy. (the RF wizard tried to teach me this skill, but it apparently needs a lot of practice)
- you can also tune waveguide devices - antennas, circulators etc. - with a device called waveguide stub tuner! https://www.4semi.com/clientresources/768/774/42/77442/19606... It's a piece of waveguide with screws and you can screw them in and out and shape the inner cavity. I have tuned our antenna with this: the antenna has reflection loss (i.e., how much signal reflects back instead of getting radiated into the environment) about -20dB by default (that means that 1% of the power you send into it reflects back). This is very bad for powerful transmitters - for example with our 1.3kW transmitter, about 13W come back and this will fry your sensitive receiver. With the tuner, I can easily get to -30dB (0.1% comes back), so about 1W comes back and this is easy to handle (most low-loss input parts max out at a few Watts).
You can also reflect the reflected power :) with a T/R switch - a cavity filled with neon or similar gas, optionally pre-ionized with a small radioactive source. When the power comes through, it will ignite a discharge (like in a neon lamp), and this will partially eat the energy and partially reflect it. However, buying them is extremely expensive if they are not already in stock, as someone needs to manufacture it for you for your specific frequency/waveguide size, and building them myself is something… not impossible, but I think I have enough of other problems :)
For any of these you technically don't need a VNA as you are not measuring phases, only amplitudes. You only need a scalar network analyzer. However, AIUI, the phase information can be used by some clever algorithms to compensate for various errors - so scalar instruments are not very precise.
In 2016 a low end, non-pro 100 KHz - 4 GHz VNA cost me $430. I thought that was a game changing deal back then: being able to buy a new working VNA for under $1000. While the NanoVNA's aren't even quite the quality of even my lowend pocketVNA they do give you a qualitative picture of what's going on for $50. That's a real game changer.
Whats the difference between the pro and normal version (apart fr 100$}.
It is shown in the specifications table. It looks like the Plus4 Pro has higher sweep rates (600 pts/sec) vs 200-400 on the Plus4, as well as a 10dB lower noise floor for the same amount of averaging. It seems that 6 dB comes from a tighter measurement bandwidth on the Plus4 Pro. Oddly enough, the accuracy is not stated in the spec table for any of the models. If they are the same (are they?), then it looks like you can save $100 if you can live with waiting longer to get a measurement result.
Thanks, didnt find that on mobile.
It's a shame there are not very many devices working in audio range (sub 100khz). You still have to scout eBay for a device from the 80s-90s and they are still expensive as hell.
Many people use quality audio cards plus software to do this.
http://kokkinizita.linuxaudio.org/linuxaudio/
Look for Jaaa, near the end of the page.
Also interesting, although semi-unknown:
Dynamic analyzers are really cool. I'd like one. Too bad they go for silly prices.
Yeah, the niche seems to be filled by software and either sound cards or equivalent USB acquisition hardware.
I was using one of these to prototype a wireless fencing system, it was a real godsend. The refresh rate wasn't good enough but it showed the concept worked good enough that I'm aiming to get a prototype together.
So does it do 4 billion measurements per second, or 8 to accurately measure a 4GHz signal?
What the frequency range means in vector network analyzers is that the device is capable of generating a pure tone up to 4 GHz or so, and it's internal transmission lines and parts are spec'd to not be too lossy up there. A VNA generates a pure signal of a known power, puts it out the port 1 and looks how much of that power (at that freq) is reflected back by the device attached to that port (and how much makes it to port 2 (vs frequency) if it's a two port device).
It is not doing any sampling or receiving really. And concepts like instantaneous bandwidth don't matter much.
You don't need to sample at the Nyquist rate (i.e. 2x the intended measured frequency) to detect the presence of a particular signal but instead can just measure the overall power within a narrow frequency band of interest. Practically speaking this is done by mixing the sweep frequency down to at or around DC and then either directly measuring the power or sampling at a much lower rate and computing the power digitally.
I don't think this is true, otherwise I could see the power on wifi bands with my 2.4ghz rtl-sdr device, instead of only up to 1200mhz.
If you remove the front-end RF filter from your SDR, you can indeed pick up 2.4 GHz with it using harmonics of the ADC clock frequency. But the rest of the signal processing pipeline may be too narrow to receive much energy from a broadband WiFi signal, and what you do receive will probably just look like noise in any event.
You could probably observe the leakage from a nearby microwave oven without much difficulty, though -- in fact, that is likely to be possible even without modifying the RF filter.
Basically, Nyquist applies to the modulation bandwidth, not the carrier frequency.
I'm having a hard time with this. Let's say i have an audio file in audacity at 8000hz samplerate. Can i mix in a 15khz sine wave? is there any way to represent a 15khz sine wave with 8000hz of spectrum?
I understand harmonics, but those generally don't work backward, do they? The phrase "subharmonic" comes to mind but i don't know when that actually applies. Does anyone have a link of an explanation?
If this were the case i could tune any of my radios to a subharmonic of an FMBC station and see/hear something, but i generally do not. I have a pure ADC laying around somewhere (for o-scoping), how can i prove this to myself experimentally?
Here's one way to think about it, using an audio example. Let's say you are recording with a sound card whose ADC is clocked at 8K samples/second. You play a 15 kHz tone into the input jack. What gets recorded?
The answer is normally nothing at all. To satisfy Nyquist, your sound card uses a lowpass filter in front of its ADC with a cutoff frequency of 4 kHz. (In reality it has to be designed to cut off a bit lower since perfect filters don't exist, but never mind that.) The 15 kHz tone is so far out of band that it doesn't show up in the recording at all.
Now assume you grab a soldering iron and remove the lowpass filter from your sound card (again oversimplifying somewhat.) The line-in jack is now connected directly to the ADC input. What happens now? The 15 kHz tone will show up as an alias near some multiple of the clock frequency.
The TL;DR explanation is that each multiple of the clock frequency including the 0th has two so-called "Nyquist zones" associated with it, one above the clock and the other below it. The zone below DC is inaccessible when working with real signals, so we call the upper half of the DC zone from 0-4 kHz the "first Nyquist zone." This is where audio recording normally has to take place, since the frequency response of an audio signal chain (or an oscilloscope for that matter) needs to approach DC.
The second Nyquist zone runs from 4 kHz to 8 kHz, the third from 8 kHz to 12 kHz, the fourth from 12 kHz to 16 kHz, and so on. The latter zone is where the 15 kHz input will show up. It is 1 kHz below that clock multiple, so a 1 kHz tone is what will be recorded. When this happens accidentally, it's called "aliasing," and when done on purpose it's called "undersampling."
The key point behind the Nyquist theorem is that given an 8 ks/s recording made without an antialiasing filter in front of the ADC, there is no way to distinguish a 15 kHz input tone from a 1 kHz one. This can be awesome if you are building radios or test equipment, since it means you don't have to spend thousands of dollars on exotic ADCs and deal with the resulting firehose of data when all you wanted was to receive a narrowband signal at a high carrier frequency. It is not so awesome if you are trying to record audio from a mic or other source that isn't band-limited, though, because the higher frequencies will sound awful when they undergo aliasing.
I understand harmonics, but those generally don't work backward, do they? The phrase "subharmonic" comes to mind but i don't know when that actually applies. Does anyone have a link of an explanation?
A subharmonic is not an alias, and vice versa. It's a vaguely-defined term that doesn't correspond to any aspect of sampling theory. Subharmonics don't usually show up in audio contexts, but you run into the term in RF work where a frequency multiplier stage exhibits some leakage of the fundamental signal.
Thanks, i didn't know that about aliasing.
Your rtl-sdr is _sampling_ at a mere ~3Mhz.
Much like a VNA, your rtl-sdr is down-converting from (say) 1.2Mhz to somewhere around DC. This is limited not by your sample rate but by the oscillator your rtl-sdr is mixing into your received signal and the general frequency profile of all the analogue bits in between.
Who you're responding to is correct.
I ended up buying a xaxavna which work similarly but seems to have better measurements
So what's the deal with the name "NanoVNA" being applied to like a dozen unrelated projects now?
It's become a well known generic name like rtl-sdr or kleenex. It basically just means "low end hacky VNA" now. But yeah, confusing.
The vector analyzer is the only one I know of...