cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9497
Views
0
Helpful
12
Replies

When does TTL gets decreased?

jose.ortiz
Level 1
Level 1

Hi All,

I am working in a project that requires carrying TCP traffic from one location to a remote site.  The problem we are having is that the program office that provides the data, set the TTL value to 1.  According to original design, the data was expected to be used only locally, so a TTL of 1 would be enough for that purpose.

Suffice to say that the providers of the data refuse to change the TTL value.  We have discussed placing a server at the site to repackage the packets via sockets to send to the desired destination.  But I recently learn of GRE, and I am hoping to submit this as a possible solution.  It sounds like it would be less cumbersome.

Can this work?  Obviously, if the router decreases the TTL to 0 and discards it before it does anything with the packets, then GRE would not help me, so I need to know if this can work.  Is there any other solution that I could use?

Can anybody throw some light, and help me?

Thanks in advance,

Jose A. Ortiz

Boston, MA

12 Replies 12

Jon Marshall
Hall of Fame
Hall of Fame

Jose

A TTL of 1 means the packet has be delivered within the same subnet/vlan so GRE would not help you here. However depending on your devices there is a way to extend a vlan across a L3 routed network called L2TPv3. See this doc for full details -

L2TPv3

Jon

Thanks Jon,

I'll look into L2TPv3.  So according to what you're saying, the router will decrease the TTL to 0, and discard it BEFORE it can be used for anything else, right?

Thanks again,

Jose

Jose

Yes, when the TTL reaches 0 the packet is discarded and so TTL = 1 means it has to be delivered within the same subnet.

Jon

Jose

Yes you are correct. If the source device sends the packet with TTL of 1, when it gets to the router the router will decrement TTL before it decides where to try to send it. So it will decrement to zero and be discarded before it could be forwarded through a GRE tunnel or something like that.

If the source sends the packet with TTL set to 1 they have severly restricted your options. L2TPv3 may allow you to send the frame to the remote destination, but I suspect that it will impose other problems especially since it will force the remote site to appear to be in the same subnet.

HTH

Rick

HTH

Rick

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Jose,

>> Suffice to say that the providers of the data refuse to change the TTL value.

I hope for security reasons otherwise for lack of network knowledge.

L2TPv3 provides a point-to-point L2 transport service that can be the right tool for this but be aware that TTL=1 will mean that receivers of TCP flows have to be in the same IP subnet as in siteA.

a point to point GRE tunnel could be enough to carry to a remote IP subnet.

The GRE tunnel would allow to use two different IP subnets.

As you note the key point is when TTL is reduced. GRE tunnels have been used for this task in the past also for non IP networks like IPX or appletalk.

The packet should be taken and placed inside a GRE packet to be transported to the other end.

I would suggest you to setup a small lab to see this.

The L2TPv3 will work but it will lead to single IP subnet (flat network)

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html

the side effect is that broadcast traffic may be carried over the L2TPv3 tunnel wasting bandwidth.

to be noted both L2TPv3 or point-to-point GRE could be protected with IPSec if there are security worries but this would put additional pressure on device performances.

Hope to help

Giuseppe

Hello Giuseppe,

>>>>I hope for security reasons otherwise for lack of network knowledge.<<<<

In deed, it is for security reasons.  Apparently, the TTL cannot be increased, because it would do so for ALL users of these data, and they're not comfortable with that.  Hence, why we are looking for a workaround.

>>>>As you note the key point is when TTL is reduced. GRE tunnels have been used for this task in the past also for non IP networks like IPX or appletalk.<<<<

So, if I understand you correctly, using GRE I can repackage the packet into a GRE packet, and send it across to siteB?  The router should allow me to use the packet in this way, BEFORE it discards it?

Thanks,

Jose

PS: I'm sure you know that Giuseppe is Jose in Italian.

Jose

So, if I understand you correctly, using GRE I can repackage the packet into a GRE packet, and send it across to siteB?  The router should allow me to use the packet in this way, BEFORE it discards it?

No it won't work because if you have 2 subnets the router still has to forward the packet across subnets in which case it will already have set the TTL to 0. You need to extend the same vlan on both sides otherwise the router will drop it. L2TPv3 does this. Yes as the others have pointed out it has limitations in terms of broadcast etc. but if you cannot change the TTL you don't have a lot of choice.

Jon

Jon,

In this case, I could use L2TPv3, having siteB be the same subnet as siteA, so the packet will not be dropped.  However, if I want to pass the at the destination to another subnet, how would I do it?

J

Hello Jose,

>> PS: I'm sure you know that Giuseppe is Jose in Italian.

yes, this is sure!

As Jon and Rick has noted the lab would give negative results as the packet is first received (and TTL decreased) then it would be encapsulated in GRE (if new TTL >0)

The use of GRE for sending traffic beyond their natural TTL is possible but initial TTL has to be greater.

Jon's suggestion to test this with dynamips/GNS3 is wise, this kind of functional tests should be an ideal use for it.

So your only option is L2TPv3.

Hope to help

Giuseppe

Giuseppe,

>>>>I would suggest you to setup a small lab to see this.<<<<<

In a recent class I just took, the instructor told me that there is a way to "rent" time in a router to experiment with configurations.  I've been looking around for this, but haven't found anything. 

Do you (or anybody else) know about this?

Thanks,

J

Jose

If you have a PC/Server with a decent amount of RAM/CPU then dynamips is a very good tool to use. It allows you to build complex topologies with routers and test out scenarios -

http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator

Jon

Great!

Thanks fellows

J

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco