North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: BGP TTL check in 12.3(7)T
On 8-apr-04, at 20:37, Blaine Christian wrote:
However, this says a TTL of 254 will be accepted. Now the fact that I can talk to boxes running a slightly older IOS with a TTL of 0 without any problems suggests to me that emitting packets with a TTL of 255 on router A and accepting packets with a TTL of 254 on router B allows for the presence of a router C in the middle. That can't be good.
I suspect they set the limit to 254 because they expected to decrement the
But neither common sense nor observations support this expectation.
The interesting thing is that packets with a TTL of 0 wouldn't ordinarily be seen in the wild. A router won't forward a packet with a TTL of 1 (as this becomes 0 during the forwarding process) and a host that sends out packets with a TTL 0 can only expect to communicate on the local subnet. (So I guess doing all of this with TTL 0 rather than 255 would have been just as effective.)You have an interesting point WRT the TTL 0. Perhaps if you receive a packet with a TTL of 0 that is destined for yourself you should just accept it?
It is not clear to me exactly when you "have" to throw away theAgree.
Yet another interesting aspect: a Cisco won't forward a packet with a TTL of 0:
Minimum Time to Live : 0
Maximum Time to Live : 4
Port Number :
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 188.8.131.52
0 184.108.40.206 8 msec 0 msec 4 msec
1 220.127.116.11) 4 msec 4 msec 4 msec
2 18.104.22.168) 12 msec * 16 msec
So apparently a Cisco checks for TTL <= 1 on ingress when forwarding rather than TTL == 0 on egress. How hard do we have to look before we find a box that doesn't and accepts a packet with a TTL of 0 and then emits this packet with a TTL of 255?
Since I have observed that packets received from some types of routers haveIn the (Free)BSD (4.9) code the TTL decrementing is done in the ip_forward() function. (That is, unless IPSTEALTH is defined, in which case the box doesn't bother.) Since many a router vendor borrowed code from BSD it is likely most do it like this.
I am not sure that 254 is a good maximum number. Perhaps someone "in the
Yes, that would be helpful. Iljitsch