Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7594
Views
0
Helpful
5
Replies

ping and TTL

Rockyy
Level 1
Level 1

‎12-08-2017 06:11 PM - edited ‎03-05-2019 09:37 AM

I might sound funny but I'm very confused about TTL value in ping.

 

Lets say if I ping my Cisco firewall from my PC below is the result.

 

ping 172.16.1.254

PING 172.16.1.254 (172.16.1.254): 56 data bytes

64 bytes from 172.16.1.254: icmp_seq=0 ttl=254 time=2.048 ms

64 bytes from 172.16.1.254: icmp_seq=1 ttl=254 time=1.266 ms

The TTL value is 254 and I know that the firewall is at 2nd hop.

 

But when I ping lets say 8.8.8.8 the TTL value is 55

ping 8.8.8.8

PING 8.8.8.8 (8.8.8.8): 56 data bytes

64 bytes from 8.8.8.8: icmp_seq=0 ttl=55 time=24.083 ms

64 bytes from 8.8.8.8: icmp_seq=1 ttl=55 time=26.028 ms

 

 

So 55 represent that 8.8.8.8 is after how 55 hops?

OR

255 - 55 = 200 hops away?

 

 

Please explain.

 

Labels:
0 Helpful
5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

‎12-08-2017 07:02 PM

The TTL is set by the destination host. Some set it at 255 and countdown (your firewall) and some set at 64 and countdown (8.8.8.8 Google DNS). In the case, google is 64-9=55 If you ping www.cisco.com that servers set the ttl at 255 also.

So, every server is different.

HTH

0 Helpful

Rockyy
Level 1
Level 1
In response to Reza Sharifi

‎12-09-2017 04:45 AM

So how could I know what is the value set by destination I mean TTL value in ping?
0 Helpful

Harold Ritter
Spotlight
Spotlight
In response to Rockyy

‎12-09-2017 10:59 AM

The TTL value used by the destination is determined by the OS running on that destination. This value is then decremented by each L3 hop between the destination back to the source. Some people have documented the TTL value used by OS. Here's an example of site stating some values:

 

http://www.kellyodonnell.com/content/determining-os-type-ping

 

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)
0 Helpful

Rockyy
Level 1
Level 1
In response to Reza Sharifi

‎12-09-2017 04:45 AM

Can you please give coupLe more examples with the calculation?
0 Helpful

Rockyy
Level 1
Level 1
In response to Rockyy

‎12-12-2017 11:35 AM

Ok, so lets say 8.8.8.8 is 9 hops away. Why the results are different in traceroute?

traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1 172.16.10.253 (172.16.10.253) 4.403 ms 1.337 ms 1.215 ms
2 172.16.1.254 (172.16.1.254) 1.208 ms * 4.070 ms
3 142.254.149.69 (142.254.149.69) 9.586 ms 12.595 ms 11.109 ms
4 agg63.ftpfoh0301h.midwest.rr.com (24.95.87.201) 416.368 ms 26.303 ms 20.601 ms
5 agg40.clmkohpe02r.midwest.rr.com (24.33.161.200) 14.862 ms 16.032 ms 17.444 ms
6 be27.clmkohpe01r.midwest.rr.com (65.29.1.34) 11.456 ms 16.567 ms 16.641 ms
7 bu-ether15.chctilwc00w-bcr00.tbone.rr.com (66.109.6.68) 24.220 ms 23.078 ms 27.292 ms
8 bu-ether11.chcgildt87w-bcr00.tbone.rr.com (66.109.6.20) 24.871 ms 19.948 ms 24.350 ms
9 0.ae2.pr1.chi10.tbone.rr.com (107.14.17.196) 19.862 ms
0.ae1.pr1.chi10.tbone.rr.com (107.14.17.194) 20.366 ms
0.ae0.pr1.chi10.tbone.rr.com (107.14.17.192) 20.098 ms
10 ix-ae-27-0.tcore2.ct8-chicago.as6453.net (64.86.79.97) 19.840 ms 20.277 ms 18.981 ms
11 64.86.79.50 (64.86.79.50) 19.483 ms 20.609 ms 20.392 ms
12 * 108.170.243.193 (108.170.243.193) 20.570 ms *
13 216.239.63.191 (216.239.63.191) 22.637 ms
209.85.251.31 (209.85.251.31) 21.484 ms
74.125.37.9 (74.125.37.9) 22.253 ms
14 google-public-dns-a.google.com (8.8.8.8) 19.939 ms 29.120 ms 19.946 ms
0 Helpful
Customers Also Viewed These Support Documents