Linux tunnels inherit TTL by default

To: debian-ipv6@lists.debian.org
Subject: Linux tunnels inherit TTL by default
From: csmall@eye-net.com.au (Craig Small)
Date: Tue, 23 Oct 2001 12:27:09 +1000
Message-id: <20011023122709.B15803@eye-net.com.au>
Mail-followup-to: debian-ipv6@lists.debian.org

Hello,
  I got this wierd problem where traceroutes would not work once I sent
packets through my IPv6 tunnel.  I would get back ICMP ttl expired
messages, but they were IPv4 icmp messages.

It seems that the tunnel packets were inheriting the TTL of the IPv6
payload.  This meant the IPv4 routers carrying my tunnel packets dropped
them on the floor.

Finally I tracked it down to a tunnel paramter, it seems that the
inherit ttl is something that is on by default.  I think this is
incorrect though.

rowlf:/home/csmall# ip tunnel show trumpet
trumpet: ipv6/ip  remote 203.5.119.58  local 203.41.228.22  ttl inherit
rowlf:/home/csmall# ip tunnel change trumpet ttl 64
rowlf:/home/csmall# ip tunnel show trumpet
trumpet: ipv6/ip  remote 203.5.119.58  local 203.41.228.22  ttl 64

Traceroute now works as it should.  Should I be recommending people set
this ttl?

 - Craig


Here is the "before" trace, nortice the TTL 

08:39:19.759053 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 1) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) [ttl 1] (id 0)
08:39:24.757631 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 1) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) [ttl 1] (id 0)
08:39:24.917585 139.130.45.1 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 255, id 30635)
08:39:29.756208 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 1) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) [ttl 1] (id 0)
08:39:29.906165 139.130.45.1 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 255, id 30667)
08:39:34.754785 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 2) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) (ttl 2, id 0)
08:39:34.914740 203.50.15.195 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 254, id 18731)
08:39:39.763359 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 2) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) (ttl 2, id 0)
08:39:39.923314 203.50.15.195 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 254, id 18741)
08:39:44.761937 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 2) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) (ttl 2, id 0)
08:39:44.921891 203.50.15.195 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 254, id 18759)
08:39:49.760514 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 3) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) (ttl 3, id 0)
08:39:49.940463 203.50.12.181 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 253, id 56462)
08:39:54.769089 203.41.228.22 > 203.5.119.58: v6-in-v4
                 3ffe:8001:6:10:201:3ff:fe40:a029 > 3ffe:501:4819:2000:280:adff:fe71:81fc  (v0, priority 8, flow 1196328, len 32, hop 3) 3ffe:8001:6:10:201:3ff:fe40:a029.40496 > 3ffe:501:4819:2000:280:adff:fe71:81fc.33434: udp 24 (DF) (ttl 3, id 0)
08:39:54.989026 203.50.12.181 > 203.41.228.22: icmp: time exceeded in-transit [tos 0xc0] (ttl 253, id 56508)
-- 
Craig Small VK2XLZ  GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
Eye-Net Consulting http://www.eye-net.com.au/        <csmall@eye-net.com.au>
MIEEE <csmall@ieee.org>                 Debian developer <csmall@debian.org>

Reply to:

Prev by Date: Re: pkgs
Next by Date: Route problem [LONG]
Previous by thread: Converting a string into an IPv6 address
Next by thread: Route problem [LONG]
Index(es):
- Date
- Thread