Solved

a question about TTL

Posted on 2011-09-11
35
686 Views
Last Modified: 2012-06-21
Hello,

TTL default value is 255 right? and everytime a router reaches the next hope, it gets minus 1 which means 255 254 253 etc ...... i was wondering what about if the destination router is 1000 hop away from the source router ??? knowing that TTL default is 255 how can this affect the data transmitting ? for example when you ping google.com i can see TTL = 52, is that mean i'm 52 hop away from google servers? so if there is a server in a 300 hop, what would happen?
0
Comment
Question by:World05
  • 9
  • 9
  • 5
  • +6
35 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 125 total points
ID: 36519287
The max TTL value is 255 since it is an 8-bit field.  That doesn't mean that the machine you are pinging from is using that value however... it could be 32, 64, 128, 255, etc.

i can see TTL = 52, is that mean i'm 52 hop away from google servers?
No, it means that if TTL is set to 64 for example, that you are 12 routers away.
0
 

Author Comment

by:World05
ID: 36519295
Papertrip:

That doesn't mean that the machine you are pinging from is using that value

what you mean with "using that value"?

You still didn't answer my question.

And i didn't understand what you just said about :"No, it means that if TTL is set to 64 for example, that you are 12 routers away."  
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36519317
As in the machine you are using does not have to use a TTL of 255, this can be changed like I said.  I doubt you are 203 routers away from google, which is what the result would be if the machine you were using had a TTL value of 255.  Odds are it is set to 64 and you are only 12 routers away.

What OS are you using?

I just checked from a FreeBSD box and from my Windows 7 box, and the TTL is set to 64 for both.  This value is configurable in most, if not all, OS's.

In regards to the what if there are 300 routers between you and the destination, once it reaches the 255th router, the packet will drop from the wire and your ping will timeout.  The odds of there being >255 routers between you and a destination are pretty slim, unless there is a routing loop, which is exactly why TTL was implemented in the first place.

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:World05
ID: 36519325
I'm running Win XP.


Pinging www.l.google.com [74.125.39.147] with 32 bytes of data:

Reply from 74.125.39.147: bytes=32 time=333ms TTL=52
Reply from 74.125.39.147: bytes=32 time=340ms TTL=52
Reply from 74.125.39.147: bytes=32 time=259ms TTL=52
Reply from 74.125.39.147: bytes=32 time=268ms TTL=52

Ping statistics for 74.125.39.147:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 259ms, Maximum = 340ms, Average = 300ms



TTL is 52. I don't know where you got this 12 router hop you are talking about !!! and TTL is something deals with routers not machines, and i can't configure it in my computer.... i'm still confused about your answers
0
 

Author Comment

by:World05
ID: 36519336
Listen I have a CCNA, and i read a chapter about TTL, in everytime you reach a router it decrement by 1, if my destination is 3 hop away, the TTL would be 253

Router 1 : 255
Router 2 : 254
Router 3 : 254
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36519340
TTL is 52. I don't know where you got this 12 router hop you are talking about !!!

64-52 :)  You were right about the TTL getting decremented, so you just take the local servers TTL value and count from there.

and TTL is something deals with routers not machines
Well technically it does have to do with the machine that is sending the packets, because that is where the TTL field is added into the packet.

An easy way to test is check the TTL from a ping to your gateway.

Here is a link to change the default value in XP.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36519342
Listen I have a CCNA, and i read a chapter about TTL, in everytime you reach a router it decrement by 1, if my destination is 3 hop away, the TTL would be 253

Yes, it would be if the TTL field in the headers starts at 255.
0
 

Author Comment

by:World05
ID: 36519349
i'll wait for other experts to confirm this, since you just joined EE :) thank you anyway
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36519372
I don't know how much clear I can make this.  There is a default value set by the host, start from there and use subtraction.  Ping your gateway and check the value there, or check the registry entry.

From Microsoft docs for ping in XP:

-i TTL : Specifies the value of the TTL field in the IP header for Echo Request messages sent. The default is the default TTL value for the host. For Windows XP hosts, this is typically 128. The maximum TTL is 255.
0
 

Author Comment

by:World05
ID: 36519376
Why the TTL is not 255 as default? this is what makes me confused
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36519384
Not sure how many more ways I can give the exact same answer...

max TTL = 255
default ttl = host specific

If you want the default TTL to be 255 from your XP machine, follow the instructions in the link I provided.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36519396
Papertrip is correct. The TTL that you are seeing is the TTL after the number of hops it took for you to get to google is subtracted from what Google has set for their TTL. In Google's case they have it set to 64.

Additionally, TTL does refer to hops, but what you have to understand it that the hops doesn't necessarily mean that is how many routers it went though. It just means the number of hops, some hops are actual  BGP autonomous systems that don't propogate the TTL.

What this means is that if you send a packet at enter a certain ISP's Autonomous system, their could be several router in that autonomous system that the packet travels through, but the TTL does not decrement by 1 until it exits the automous system. It could have had 50 hops through the AS, but only decrement by 1.

0
 
LVL 26

Assisted Solution

by:Soulja
Soulja earned 125 total points
ID: 36519422
0
 
LVL 2

Expert Comment

by:bgilsing
ID: 36519427
Paper trip is 100% right. Not sure why there is doubt as the explanation is perfectly clear to me when reading the solution. There are not that many routers between you and most destinations on the Internet typically 32 hops or less will get you anywhere. Unless there is a routing loop as discussed before.
0
 

Author Comment

by:World05
ID: 36519455
Yahoo's TTL, Google's TTL, Facebook's TTLs : is these TTLs configured randomly? why Google choose 64, and yahoo choose 70 etc ... What is the trick? and thank you Soulja, i thought that when the data is traveling through BGP routers AS, the TTL would change,
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36519465
" i thought that when the data is traveling through BGP routers AS, the TTL would change,"

You are right, it can change at each router's hop in the BGP AS, but many ISP's disable TTL propagation in there AS's so that customers only see the hops entering and exiting their AS. It's up the ISP whether they do this or not.
0
 

Author Comment

by:World05
ID: 36519522
Soulja: in this case, i think ISP must disable ttl propagation, imagine i'm sending you data that travels through 500 routers to reach you, i'm sure that it will be timed out before it reaches you, don't you think this?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36519581
If you are sending data that has to travel through 500 routers then it's just bad design. ISP's usually disable this so that customers cannot see into their network with tracerts.
0
 

Author Comment

by:World05
ID: 36519641
Soulja: thanks for your answer, i think it's clear now, did you try it before? i mean did you work with an ISP and disabled ttl propagation? how to do this on GNS3 ? as a lab, any idea? i'm preparing for CCNP
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 125 total points
ID: 36519748
Decrementing the TTL should not be disabled. If it is and a routing loop occurs, the packet will loop forever.  The starting TTL value is determined by the application. Most of the times 32 or 64 are used as initial values.

I don't think I've ever run into a destination that was more than 32 hops away.

It's possible that far into the future, the 255 hop limit could become a problem. But we are far from that point since even IPv6 has an 8-bit TTL field.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36519770
We currently disable TTL propagation for our corporate customers in our MPLS VPN's.

Here's a good explanation:

http://packetlife.net/blog/2008/dec/22/disabling-mpls-ttl-propagation.
0
 
LVL 10

Expert Comment

by:Mohammed Rahman
ID: 36520185
I tried to explain the TTL and its operation in the file attached. However, there are 3 points that I myself was not clear about. You can go through the document and let others do the same. Hope the explanation clears all the doubts that World05 and I have....

TTL-explained.doc
0
 
LVL 17

Assisted Solution

by:rochey2009
rochey2009 earned 125 total points
ID: 36524802
Hi,

Different operating systems will using a different initial TTL setting. Some use 64, 128 etc. If the remote system starts with an initial TTL of 64 and there are 4 routers between you and the remote system, each router will decrement the TTL as the packet passes through each router. When the packet gets to you, it will have a TTL of 60.

Here is a list of the initial TTL's for each operating system:

http://www.binbert.com/blog/2009/12/default-time-to-live-ttl-values/

0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36524819
At this point we now have like 8 people all confirming my original answer (all 5 versions of it).

Is that enough confirmation for you World05 ?
0
 
LVL 10

Expert Comment

by:Mohammed Rahman
ID: 36525921
EE Users.

Can some one please have a look at my post mody2579: and explain. Thanks.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36540426
@World05

Has your question been answered?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 36540522
You in a hurry or something?  ;-)
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36540529
Haha no no :p

I'm just making sure World05's question has been adequately answered.  Just a concerned expert ;)  Is it a faux pas to follow up to questions you have answered?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 36542268
>  Is it a faux pas to follow up to questions you have answered?

No. It just doesn't do much good. >:-(

 And every commenter gets an email about a new comment.
0
 
LVL 10

Expert Comment

by:Mohammed Rahman
ID: 36542455
Hi World05.. did u get any sort of clarity by looking at the sheet attached... mody2579
0
 
LVL 7

Expert Comment

by:CSorg
ID: 36557214
Mmmm Papertrip, since you dont have any eyes, I cant really trust your answer!

Haha, fun reading this thread.
0
 

Author Comment

by:World05
ID: 36583156
@mody2579: i can't download the file you attached, can anybody confirm me if you can download it?
0
 
LVL 7

Expert Comment

by:CSorg
ID: 36583322
0
 
LVL 10

Expert Comment

by:Mohammed Rahman
ID: 36584461
TTL Explained attached....  
TTL-explained.doc
0
 
LVL 5

Expert Comment

by:Feroz Ahmed
ID: 36915748
Hi,

TTL is also defined in Router configuration and can be made modified as well the range is from 0 to 255.i.e 256.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question