Every message that travels over BLE — whether it is a temperature reading from a sensor, a heart rate notification, or a connection setup handshake — ultimately gets turned into radio waves by the Physical Layer. The diagram below shows where it sits.

All instructions from the Link Layer above flow down to the Physical Layer, which executes them over the air. The Physical Layer has no knowledge of what the data means — it just moves bits reliably and efficiently.

BLE, like classic Bluetooth, operates in the 2.4 GHz ISM band. ISM stands for Industrial, Scientific, and Medical — a range of radio frequencies that international agreements have kept licence-free so anyone can use them without paying spectrum fees or applying for a government licence.

The downside of a free, globally-available band is that many technologies share it. In a typical home or office you will find: Wi-Fi (802.11 b/g/n), classic Bluetooth, BLE, ZigBee, baby monitors, cordless phones, wireless video senders, and microwave ovens (which leak 2.4 GHz radiation as a side effect of heating food). All of these can interfere with each other.

BLE handles this interference using frequency hopping — the radio continuously moves between different frequencies according to a predetermined pattern known to both communicating devices. Even if one frequency is corrupted by a nearby microwave oven, the next transmission is on a different frequency that is likely clear.

BLE divides the 2.4 GHz band into exactly 40 channels, each 2 MHz wide. They are numbered 0 to 39. The centre frequency of each channel is calculated with a simple formula:

Comparing BLE to classic BR/EDR: BR/EDR uses 79 channels with 1 MHz spacing while BLE uses 40 channels with 2 MHz spacing. The wider 2 MHz gap between BLE channels means each channel is more resilient to narrowband interference, since a noise source would need to be wider to affect the full channel.

In classic Bluetooth, every device must include both a transmitter and a receiver. This made sense for the original use cases — phones making calls, laptops transferring files — where data genuinely flows both ways. But many BLE sensor devices only ever need to send data in one direction.

BLE allows a device to implement only the half of the radio it actually needs. This is a hardware-level saving: a transmitter-only device does not contain the receiver circuitry at all, reducing chip size, manufacturing cost, and power draw.

Real-world example — TV remote control: A BLE TV remote sends button-press commands to the TV. The remote never needs to receive anything back from the TV — it just fires commands. This device can be built with transmitter circuitry only. No receiver. The result is a cheaper, simpler device that uses barely any battery power when idle.

This is in sharp contrast to classic Bluetooth, where building a transmitter-only device was not possible within the specification.

/* Checking BLE radio capabilities via BlueZ HCI */
/* LE Read Local Supported Features command reveals TX/RX capabilities */

#include <bluetooth/hci.h>
#include <bluetooth/hci_lib.h>

/* Send LE Read Local Supported Features */
/* OGF=0x08 (LE Controller), OCF=0x0003 */
void check_le_features(int hci_dev_id)
{
    int sock = hci_open_dev(hci_dev_id);
    uint8_t features[8];

    /* Feature bit 5 = LE 2M PHY support (BT 5.0+)    */
    /* Feature bit 6 = LE Coded PHY support (BT 5.0+)  */
    /* Feature bit 0 = LE Encryption                   */
    hci_le_read_local_supported_features(sock, features, 1000);

    /* Also check controller type from hciconfig output */
    /* "Type: LE" = LE only, "Type: BR/EDR" = classic  */
    /* hciconfig hci0 -a | grep Type                    */

    close(sock);
}

The BLE specification defines the transmitter output power range as 0.01 mW (−20 dBm) at the minimum up to 10 mW (+10 dBm) at the maximum. This is not a fixed level — the device is allowed to change output power dynamically during operation.

Dynamic power control is a key power-saving technique. If the receiving device is very close (say, 1 metre away), there is no need to blast the signal at full power. The transmitter can step down to a lower power level, save energy, and reduce interference with nearby devices. Conversely, if communication starts degrading, the power can step up to recover the link.

/* Reading TX power level on a BLE connection via BlueZ HCI */
/* HCI command: Read Transmit Power Level */
/* OGF=0x03 (Host Controller & Baseband), OCF=0x002D */

#include <bluetooth/hci.h>
#include <bluetooth/hci_lib.h>

int read_tx_power(int sock, uint16_t handle)
{
    read_tx_power_level_rp rp;

    /* type: 0x00 = current power level, 0x01 = maximum */
    struct {
        uint16_t handle;
        uint8_t  type;
    } __attribute__((packed)) cp = { htobs(handle), 0x00 };

    if (hci_send_req(sock, OGF_HOST_CTL,
                     OCF_READ_TRANSMIT_POWER_LEVEL,
                     sizeof(cp), &cp,
                     sizeof(rp), &rp, 1000) < 0)
        return -1;

    /* rp.level is a signed int8 in dBm, range -30 to +20 */
    printf("Current TX power: %d dBm\n", rp.level);
    return rp.level;
}

Based on the output power range defined above, BLE devices can cover distances from roughly 30 metres to 100 metres. This is not a fixed number because range depends on multiple real-world factors:

The 30–100 m range is more than enough for the vast majority of BLE use cases — a smartwatch on your wrist, a sensor on a factory floor, a beacon in a retail display. For longer ranges, Bluetooth 5.0 introduced coded PHY modes that extend range to 200–400 m at the cost of lower data rate.

BLE uses GFSK (Gaussian Frequency Shift Keying) to convert digital bits into radio waves. The key parameters are:

GFSK is covered in full detail in Part 2, which explains how modulation works from first principles — what a carrier signal is, why frequency modulation is more noise-resistant than amplitude modulation, and what the Gaussian filter adds to plain FSK.