Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1066
Views
0
Helpful
3
Replies

TTL 1 becomes 0 for OSPF and DNS but not dropped why

Go to solution
lohit prasad
Level 1
Level 1

‎11-12-2016 09:08 AM - edited ‎03-08-2019 08:08 AM

Hi 

Between two end point minimum TTL value should be set as 2 otherwise neighbour directly connected box will drop the packet when it received packet with TTL value less than 2 i.e. TTL = 1 . 

But for OSPF and DNS, I read that TTL value must be set 1 while sending out of box. Then how come it is processed becuse TTL will become 0 at IP header level and wont go to 89 protocol or UDP/TCP for DNS. then wil not it get dropped ? 

TTL is done at control or data plane level ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rolf Fischer
Level 9
Level 9
In response to lohit prasad

‎11-19-2016 03:05 AM

Hi,

a packet with TTL=1 is perfectly valid for the receiving router when it it destined to that receiving router itself:

https://supportforums.cisco.com/discussion/13076746/ttl1-and-router-default-behavior

This cretainly applies to all the link-local control traffic like OSPF.

But for OSPF and DNS, I read that TTL value must be set 1 while sending out of box.

DNS? Where did you read this? This possibly refers to DNS broadcasts, which an layer-3 interface with ip helper configured can convert into unicast. Normally there is no DNS server on the local subnet, so the initial TTL for DNS unicasts has to be much higher than 1.

TTL is done at control or data plane level ?

I would say it depends. An IP packet with TTL<=1 always needs to be processed by the CPU:

http://www.cisco.com/c/en/us/about/security-center/ttl-expiry-attack.html

HTH
Rolf

View solution in original post

0 Helpful
3 Replies 3

Go to solution
lohit prasad
Level 1
Level 1

‎11-16-2016 10:33 AM

Hi experts 

any reply or help in understanding networking would be helpful ? 

0 Helpful

Go to solution
Rolf Fischer
Level 9
Level 9
In response to lohit prasad

‎11-19-2016 03:05 AM

Hi,

a packet with TTL=1 is perfectly valid for the receiving router when it it destined to that receiving router itself:

https://supportforums.cisco.com/discussion/13076746/ttl1-and-router-default-behavior

This cretainly applies to all the link-local control traffic like OSPF.

But for OSPF and DNS, I read that TTL value must be set 1 while sending out of box.

DNS? Where did you read this? This possibly refers to DNS broadcasts, which an layer-3 interface with ip helper configured can convert into unicast. Normally there is no DNS server on the local subnet, so the initial TTL for DNS unicasts has to be much higher than 1.

TTL is done at control or data plane level ?

I would say it depends. An IP packet with TTL<=1 always needs to be processed by the CPU:

http://www.cisco.com/c/en/us/about/security-center/ttl-expiry-attack.html

HTH
Rolf

0 Helpful

Go to solution
lohit prasad
Level 1
Level 1
In response to Rolf Fischer

‎11-20-2016 12:52 AM

Thanks. It means if packet belongs to itself then TTL value will be 0 but will be processed  okay.

0 Helpful
Customers Also Viewed These Support Documents