• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 712
  • Last Modified:

a question about TTL

Hello,

TTL default value is 255 right? and everytime a router reaches the next hope, it gets minus 1 which means 255 254 253 etc ...... i was wondering what about if the destination router is 1000 hop away from the source router ??? knowing that TTL default is 255 how can this affect the data transmitting ? for example when you ping google.com i can see TTL = 52, is that mean i'm 52 hop away from google servers? so if there is a server in a 300 hop, what would happen?
0
World05
Asked:
World05
  • 9
  • 9
  • 5
  • +6
4 Solutions
 
PapertripCommented:
The max TTL value is 255 since it is an 8-bit field.  That doesn't mean that the machine you are pinging from is using that value however... it could be 32, 64, 128, 255, etc.

i can see TTL = 52, is that mean i'm 52 hop away from google servers?
No, it means that if TTL is set to 64 for example, that you are 12 routers away.
0
 
World05Author Commented:
Papertrip:

That doesn't mean that the machine you are pinging from is using that value

what you mean with "using that value"?

You still didn't answer my question.

And i didn't understand what you just said about :"No, it means that if TTL is set to 64 for example, that you are 12 routers away."  
0
 
PapertripCommented:
As in the machine you are using does not have to use a TTL of 255, this can be changed like I said.  I doubt you are 203 routers away from google, which is what the result would be if the machine you were using had a TTL value of 255.  Odds are it is set to 64 and you are only 12 routers away.

What OS are you using?

I just checked from a FreeBSD box and from my Windows 7 box, and the TTL is set to 64 for both.  This value is configurable in most, if not all, OS's.

In regards to the what if there are 300 routers between you and the destination, once it reaches the 255th router, the packet will drop from the wire and your ping will timeout.  The odds of there being >255 routers between you and a destination are pretty slim, unless there is a routing loop, which is exactly why TTL was implemented in the first place.

0
Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

 
World05Author Commented:
I'm running Win XP.


Pinging www.l.google.com [74.125.39.147] with 32 bytes of data:

Reply from 74.125.39.147: bytes=32 time=333ms TTL=52
Reply from 74.125.39.147: bytes=32 time=340ms TTL=52
Reply from 74.125.39.147: bytes=32 time=259ms TTL=52
Reply from 74.125.39.147: bytes=32 time=268ms TTL=52

Ping statistics for 74.125.39.147:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 259ms, Maximum = 340ms, Average = 300ms



TTL is 52. I don't know where you got this 12 router hop you are talking about !!! and TTL is something deals with routers not machines, and i can't configure it in my computer.... i'm still confused about your answers
0
 
World05Author Commented:
Listen I have a CCNA, and i read a chapter about TTL, in everytime you reach a router it decrement by 1, if my destination is 3 hop away, the TTL would be 253

Router 1 : 255
Router 2 : 254
Router 3 : 254
0
 
PapertripCommented:
TTL is 52. I don't know where you got this 12 router hop you are talking about !!!

64-52 :)  You were right about the TTL getting decremented, so you just take the local servers TTL value and count from there.

and TTL is something deals with routers not machines
Well technically it does have to do with the machine that is sending the packets, because that is where the TTL field is added into the packet.

An easy way to test is check the TTL from a ping to your gateway.

Here is a link to change the default value in XP.
0
 
PapertripCommented:
Listen I have a CCNA, and i read a chapter about TTL, in everytime you reach a router it decrement by 1, if my destination is 3 hop away, the TTL would be 253

Yes, it would be if the TTL field in the headers starts at 255.
0
 
World05Author Commented:
i'll wait for other experts to confirm this, since you just joined EE :) thank you anyway
0
 
PapertripCommented:
I don't know how much clear I can make this.  There is a default value set by the host, start from there and use subtraction.  Ping your gateway and check the value there, or check the registry entry.

From Microsoft docs for ping in XP:

-i TTL : Specifies the value of the TTL field in the IP header for Echo Request messages sent. The default is the default TTL value for the host. For Windows XP hosts, this is typically 128. The maximum TTL is 255.
0
 
World05Author Commented:
Why the TTL is not 255 as default? this is what makes me confused
0
 
PapertripCommented:
Not sure how many more ways I can give the exact same answer...

max TTL = 255
default ttl = host specific

If you want the default TTL to be 255 from your XP machine, follow the instructions in the link I provided.
0
 
SouljaCommented:
Papertrip is correct. The TTL that you are seeing is the TTL after the number of hops it took for you to get to google is subtracted from what Google has set for their TTL. In Google's case they have it set to 64.

Additionally, TTL does refer to hops, but what you have to understand it that the hops doesn't necessarily mean that is how many routers it went though. It just means the number of hops, some hops are actual  BGP autonomous systems that don't propogate the TTL.

What this means is that if you send a packet at enter a certain ISP's Autonomous system, their could be several router in that autonomous system that the packet travels through, but the TTL does not decrement by 1 until it exits the automous system. It could have had 50 hops through the AS, but only decrement by 1.

0
 
bgilsingCommented:
Paper trip is 100% right. Not sure why there is doubt as the explanation is perfectly clear to me when reading the solution. There are not that many routers between you and most destinations on the Internet typically 32 hops or less will get you anywhere. Unless there is a routing loop as discussed before.
0
 
World05Author Commented:
Yahoo's TTL, Google's TTL, Facebook's TTLs : is these TTLs configured randomly? why Google choose 64, and yahoo choose 70 etc ... What is the trick? and thank you Soulja, i thought that when the data is traveling through BGP routers AS, the TTL would change,
0
 
SouljaCommented:
" i thought that when the data is traveling through BGP routers AS, the TTL would change,"

You are right, it can change at each router's hop in the BGP AS, but many ISP's disable TTL propagation in there AS's so that customers only see the hops entering and exiting their AS. It's up the ISP whether they do this or not.
0
 
World05Author Commented:
Soulja: in this case, i think ISP must disable ttl propagation, imagine i'm sending you data that travels through 500 routers to reach you, i'm sure that it will be timed out before it reaches you, don't you think this?
0
 
SouljaCommented:
If you are sending data that has to travel through 500 routers then it's just bad design. ISP's usually disable this so that customers cannot see into their network with tracerts.
0
 
World05Author Commented:
Soulja: thanks for your answer, i think it's clear now, did you try it before? i mean did you work with an ISP and disabled ttl propagation? how to do this on GNS3 ? as a lab, any idea? i'm preparing for CCNP
0
 
Don JohnstonInstructorCommented:
Decrementing the TTL should not be disabled. If it is and a routing loop occurs, the packet will loop forever.  The starting TTL value is determined by the application. Most of the times 32 or 64 are used as initial values.

I don't think I've ever run into a destination that was more than 32 hops away.

It's possible that far into the future, the 255 hop limit could become a problem. But we are far from that point since even IPv6 has an 8-bit TTL field.
0
 
SouljaCommented:
We currently disable TTL propagation for our corporate customers in our MPLS VPN's.

Here's a good explanation:

http://packetlife.net/blog/2008/dec/22/disabling-mpls-ttl-propagation.
0
 
Mohammed RahmanCommented:
I tried to explain the TTL and its operation in the file attached. However, there are 3 points that I myself was not clear about. You can go through the document and let others do the same. Hope the explanation clears all the doubts that World05 and I have....

TTL-explained.doc
0
 
rochey2009Commented:
Hi,

Different operating systems will using a different initial TTL setting. Some use 64, 128 etc. If the remote system starts with an initial TTL of 64 and there are 4 routers between you and the remote system, each router will decrement the TTL as the packet passes through each router. When the packet gets to you, it will have a TTL of 60.

Here is a list of the initial TTL's for each operating system:

http://www.binbert.com/blog/2009/12/default-time-to-live-ttl-values/

0
 
PapertripCommented:
At this point we now have like 8 people all confirming my original answer (all 5 versions of it).

Is that enough confirmation for you World05 ?
0
 
Mohammed RahmanCommented:
EE Users.

Can some one please have a look at my post mody2579: and explain. Thanks.
0
 
PapertripCommented:
@World05

Has your question been answered?
0
 
Don JohnstonInstructorCommented:
You in a hurry or something?  ;-)
0
 
PapertripCommented:
Haha no no :p

I'm just making sure World05's question has been adequately answered.  Just a concerned expert ;)  Is it a faux pas to follow up to questions you have answered?
0
 
Don JohnstonInstructorCommented:
>  Is it a faux pas to follow up to questions you have answered?

No. It just doesn't do much good. >:-(

 And every commenter gets an email about a new comment.
0
 
Mohammed RahmanCommented:
Hi World05.. did u get any sort of clarity by looking at the sheet attached... mody2579
0
 
CSorgCommented:
Mmmm Papertrip, since you dont have any eyes, I cant really trust your answer!

Haha, fun reading this thread.
0
 
World05Author Commented:
@mody2579: i can't download the file you attached, can anybody confirm me if you can download it?
0
 
CSorgCommented:
0
 
Mohammed RahmanCommented:
TTL Explained attached....  
TTL-explained.doc
0
 
Feroz AhmedSenior Network EngineerCommented:
Hi,

TTL is also defined in Router configuration and can be made modified as well the range is from 0 to 255.i.e 256.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

  • 9
  • 9
  • 5
  • +6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now