Changing the TTL value for incoming (from the ISP) and outgoing (to the ISP) packets

NOTE: Important! The information in this article is for advanced users only.
Starting with KeeneticOS 3.1, the TTL setting is available only from the router's command-line interface (CLI).

Time To Live (TTL) in computer networks is a time limit or the number of iterations or transitions for which a data set (packet) can exist before it disappears. The TTL value can be understood as an upper border for the time of an IP datagram in the network. The TTL field is set by the sender of the datagram and is decremented by each node (e.g., router) along its path, according to the time spent in that device or the processing protocol. If the TTL field becomes zero before the datagram arrives at its destination, the datagram is discarded, and an ICMP packet with code 11 — ICMP Time Exceeded is sent to the sender. Discarding expired packets avoids situations where undelivered datagrams continue to circulate on the Internet forever, overloading the network (e.g., when looped routes are formed due to incorrect routing).

Keenetic routers have the ability to control the TTL value for incoming (from your ISP) and outgoing (to your ISP) packets. By default, if we connect to the router to access the Internet, the TTL value will decrease by 1 when a packet passes through the router for both incoming (WAN>LAN) and outgoing (LAN>WAN) packets.

For example, let's look at network packet dumps in the traffic analyzer program Wireshark (for more information, see the articles Using the built-in network packet capture module and Capturing network packets with Wireshark) and see the TTL changes for the incoming packet (from the ISP).
When connecting directly to the ISP, the TTL is 56 (the dump is taken from the network interface of a PC connected directly to the ISP):

When you connect this PC through the router, this value will decrease and become 55 (the dump is taken from the network interface of the PC connected to the router):

In some cases, this reduction can be critical (for example, some ISPs set TTL=1 for packets going directly to the subscriber to prevent the use of routers in their network).

To control the TTL value for outgoing packets on the selected interface, use the command:

interface {name} ip adjust-ttl send {ttl}

 

{ttl} — the value of the TTL change. Can take values from 1 to 255 inclusive.

For example, if you want the packets going out to the ISP to have the same TTL as if the Windows computer was connected directly to the ISP instead of through the router, run the following command:

interface ISP ip adjust-ttl send 128

 

Starting with KeeneticOS 3.7, to change the TTL parameter of all packets for incoming connections, use the command:

interface {name} ip adjust-ttl recv {ttl}

 

{ttl} — the value of the TTL change. Can take values from 1 to 255 inclusive.

For example, if you want the packets to have TTL=65 for incoming connections on the UsbQmi0 interface, use the following command:

interface UsbQmi0 ip adjust-ttl recv 65

 

To override settings related to changing the TTL on the {name} interface, use the commands:

(config-if)> no ip adjust-ttl recv
(config-if)> no ip adjust-ttl send
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.