Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


TTL and Operating System

Posted on 2005-03-04
Medium Priority
Last Modified: 2013-12-06
Why do different operating system use different TTL in their ICMP packets? I couldnt find any good article about it?
anyone knows the reason or knows of a good article?
Question by:entrance80
  • 3
  • 2
LVL 12

Accepted Solution

GinEric earned 150 total points
ID: 13464960
Time To Live [TTL] is determined by the network routers for an ICMP packet.  At each router [hop] the TTL is decremented by 1.  It's really a best guess at how long it will take to reach the destination and get an ACK in return.  Its initial value is determined by some algorithim that also tries to guess at the time.  For Operating Systems, its really a matter of personal preferences by the OS authors, for the network, its mostly what the Cisco routers consider, from experience, what good values are.  The whole idea was not to have the TTL value set in stone.

If a value is consistently too short, the algorithim will try to increase it little by little, and if that doesn't work, it may just give up with destination unreachable while it reconsiders its guess.  If its too long, unreassembled packets and endless loop packets will just keep circling the Internet looking for a place to land clogging the routers on the way.

So the algorithim method of determining TTL allows for all Operating Systems and all routers to adjust to network conditions.

A good Operating System plays well with the others on the network.  A bad Operating System just issues TTL's as it sees fit.  The mostly Cisco routers on the Internet use their algorithims to detect good and bad behaving Operating Systems as the source and destination hosts between network connections and can, if necessary, shut off this "circling" traffic at the source, the place where the bad TTL's are coming from.

It's really a technical and very theoretical issue which you can find at:


all over the site by doing a search.

Operating Systems, per se, have little to do with TTL, which is handled by TCP/IP mostly.  Proprietary TCP/IP versions, such as Microsoft's TCP/IP, can, and often do, behave badly.

But it's not really the Operating System's job to handle TTL, it's the job of TCP/IP and the interim routing devices.

Looking up TCP/IP and/or Routing [as in Cisco Routers] will get you much better information on Time To Live [TTL].
LVL 11

Expert Comment

ID: 13466459
TTL stands for Time to live. It's a counter-measure for avoiding infinite loops (for example). Every time a packet "hits" a router, the TTL value is decremented. When it reaches 0 (zero) the packet is discarded.

Imagine you have a setup like this:

             R1 --------- R2
                \            /
                  \        /  
                    \    /

Can you get the idea on how nice TTL works?!

LVL 12

Expert Comment

ID: 13467666
I like the drawing, they say a picture is worth a thousand words; I feel I've been outdone by a pictograph at a fast food chain!

LVL 11

Expert Comment

ID: 13467816
LVL 12

Expert Comment

ID: 13639179
Thank you entrance80

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question