4.2.2.9 Time to Live: RFC 791 Section 3.2
Time to Live (TTL) handling for packets originated or received by the router is governed by [INTRO:2]; this section changes none of its stipulations. However, since the remainder of the IP Protocol section of [INTRO:2] is rewritten, this section is as well.
Note in particular that a router MUST NOT check the TTL of a packet except when forwarding it.
A router MUST NOT originate or forward a datagram with a Time-to-Live (TTL) value of zero.
A router MUST NOT discard a datagram just because it was received with TTL equal to zero or one; if it is to the router and otherwise valid, the router MUST attempt to receive it.
How Traceroute Works
Traceroute transmits packets with small TTL values. Recall that the TTL (Time To Live) is an IP header field that is designed to prevent packets from running in loops. Every router that handles a packet subtracts one from the packet's TTL. If the TTL reaches zero, the packet has expired and is discarded. Traceroute depends on the common router practice of sending an ICMP Time Exceeded message, documented in RFC 792, back to the sender when this occurs. By using small TTL values which quickly expire, traceroute causes routers along a packet's normal delivery path to generate these ICMP messages which identify the router. A TTL value of one should produce a message from the first router; a TTL value of two generates a message from the second; etc.+--------+ +--------+
| SENDER | | TARGET |
+--------+ +--------+
| ^|
[============( Router )=====( Router )=====( Router )==|====]
^ ^ ^ |
| TTL=1 | TTL=2 | TTL=3 | TTL=4
Traceroute | | | |
shows these -----+--------------+--------------+------------/
IP addresses
In a typical traceroute session, a group of packets with TTL=1 are sent. A single router should respond, using the IP address of the interface it transmits the ICMP Timeout messages on, which should be the same as the interface it received the original packets on. The user is told this IP address, and DNS is used to convert this into a symbolic domain address. Also, round trip times are reported for each packet in the group. Traceroute reports any additional ICMP messages (such as destination unreachables) using a rather cryptic syntax - !N means network unreachable, !H means host unreachable, etc. Once this first group of packets has been processed (this can take 10 seconds or no time at all), the second group (TTL=2) begins transmitting, and the whole process repeats. Ref:4.2.2.9 Time to Live: RFC 791 Section 3.2
When is TTL Decremented by a Router?
icmp sequence diagram
Confirming TTL
traceroute
No comments:
Post a Comment