TTL - what is it and why change it. TTL - what is it? What does ttl number mean
The TTL value is the lifetime of the data set in the IP protocol. Many network clients have come to this section to learn how to eliminate restrictions on the distribution of traffic from a smartphone. Indeed, thanks to this indicator, mobile operators have the ability to control the distribution of traffic from smartphones via WI-FI or in another way to devices. They always know from where and where the Internet is distributed. In this review, we will try to present the material as intelligibly as possible.
Recently, all mobile operators provide unlimited Internet without restrictions, only if you use the Internet on your smartphone. But if you start using a smartphone instead of an access point, or connect a laptop via a wire, then the cellular company will quickly detect this (offer to pay extra for traffic). Most users do not understand how this happens. But there is nothing difficult in this. TTL is used to check the company. This means TimeToLive, the lifetime of the data in seconds. The highest value is 255. Moreover, different operating systems generate sets with different values. For example, companies immediately introduce restrictions as soon as you start distributing traffic to other devices. When a new device is connected, the outgoing TTL will be less than that of your smartphone by one. Knowing how to change this value will help you bypass these limitations.
Types of TTL
For different systems, TTL has a different meaning. TTL=1 if it was not transmitted through other devices. The largest value is 255. It takes on a different value depending on the OC:
- Windows (XP,7,8,10) TTL=128
- Unix TTL=64
- iOS TTL=64
- Android TTL=64
- Lumia TTL=130
- Mac OS TTL = 64 (see Unix)
- Cisco TTL=255
If you still have questions, then below we will try to schematically explain what TTL is.
Work of a mobile gadget without distribution
If the smartphone does not work instead of the access point, then the operator receives a value of 64.
Smartphone distributes traffic without TTL correction
When traffic is distributed via wireless networks or USB to a laptop and another smartphone, the operator receives sets from the distributing device with three different TTL values: 64 from himself, 127 from the computer and 63 from the receiving device. This happens due to the fact that TTL, passing through the distributing device, loses one from its value. As a result, the mobile provider takes action against such a subscriber.
To bypass the restrictions, you can:
- Change the value on the receiving device.
- Record the value on the dispenser.
Distribution of traffic with TTL adjustment
To exclude operator blocking, it is necessary to change this value, which is set by software on the dispenser. The diagram shows how the value was changed on the dispenser. Now this value, passing from the receiving device through the distributing device, decreases by one unit and becomes 63 instead of 64. The operator does not notice changes in traffic and does not introduce restrictions.
If the receiver has a different TTL value, then you need to change the set value from 128 to 64. If you cannot make changes on the computer, then change the value on the distributor to 127. Then the operator will also receive TTL with an equal value. But in this case, you will not be able to distribute the Internet to your phone and laptop at the same time, because. they have different meanings.
Conclusion
In this article, we have tried to present the material as simply and clearly as possible. Now you know what the TTL value is and how you can bypass the restrictions of mobile operators by changing it. You can find specific methods for adjusting the value on MTS in a separate one.
Since you got here, most likely you need to change the TTL to bypass the restrictions of the mobile operator on the distribution of traffic, but you do not understand what TTL is and why change it. I'll try to explain.
The concept of TTL
On the Internet, everything is transmitted in packets - small portions of data. They go from router to router (the same as from router to router) through network nodes. For example, your mobile phone can also become a router if you use it to distribute data to a computer and other devices.
TTL stands for Time To Live, that is, the lifetime of a data packet in seconds. When a packet passes through the next router, the TTL is reduced by one. This is necessary so that the packet does not endlessly walk around the network if it cannot reach the addressee. The router, upon entering which the packet has exhausted its TTL value, sends an ICMP message to the sender stating that the packet has exceeded the maximum allowable time for its stay in the network. The maximum value TTL=255. Moreover, different operating systems generate packets with different TTL.
To put it in very simple terms...
Imagine that you are 5 years old and you want to eat (you are a package). You go to your dad and say, "Dad, I want to eat." Your dad watches TV, according to the routing table, sends you to mom. You go to her and ask "Mamaaa, I want to eat." Mom chats with a friend on the phone and, according to her routing table, sends you to dad. And so you go like a fool from dad to mom and back, back and forth, back and forth, and all because the crooked admins (parents of dad and mom) configured the routing table incorrectly. To protect themselves from such situations, they came up with the concept of TTL (Time To Live), which, in relation to our situation, means the amount of patience a boy has until he says “enough” and falls before the feet of mom or dad in a helpless state. The latter, according to the rules (standards are “this is how it is in the family”), is obliged to send a short unflattering review to the address of the one who sent the boy to eat. This is the so-called "boy dead" ICMP packet.
Ok, so what are the operators? The fact is that according to the TTL received from the subscriber, the operator will know whether the Internet is being distributed or not.
How operators know that traffic is being distributed
Because packets with different TTL values \u200b\u200bbegin to come to him from the subscriber. There are two reasons for this:
- Firstly, TTL may be different for different devices. And when distributing the Internet, a second device appears - the one to which we distribute the Internet. So, for an iOS or Android phone, the TTL value is 64, and for a Windows computer it is 128. And when distributing the Internet from the phone to the computer, two different TTL values \u200b\u200bwill appear: 64 and 128. The operator receives packets with both TTL=64 and TTL= 127 (when a packet is sent from a computer through a distributing telephone router, the value of 128 is reduced by one).
- Secondly, even if the TTL of the devices is the same (from phone to phone), the distributing phone again reduces the TTL by 1 like any normal router. And the operator receives packets with different values TTL=64 (if it is a packet from a distributing phone) and TTL=63 (a packet from a consuming phone).
So the operator receives packets with different values:
- TTL packet from the phone itself.
- TTL of the packet from the device consuming traffic, reduced by one when passing through the telephone router.
I am attaching pictures just in case.
And when distributing the Internet, the phone sends packets to the operator with three different TTL values: 64 from itself, 127 from the computer and 63 from the consuming phone.
The operator notices such a situation of spread of TTL values, concludes that traffic is being distributed and takes punitive measures against the violating subscriber who wants to profit from unlimited Internet to the fullest, distributing it wherever he wants. How to hide the distribution from the operator? Obviously, it is necessary to compare TTL - bring them all to the same value. For this you can
- Or change the TTL on the consuming device,
- Or on the distributing phone, make sure that packets always go to the operator with one TTL value.
Casting TTL to a Single Value to Bypass Operator Restrictions
- You can bring TTL to a single value of 63 by changing it on the distributing phone and on the receiving computer. This is a non-latching TTL change.
- You can not change anything on the receiving devices, but "force" the distributing phone to always send packets with TTL=63 to the operator, regardless of where they come from: from the distributing phone itself or from the receiving device (computer or phone). This is TTL fixing.
The second scheme is more convenient, but it is not suitable for all phones.
So, we have considered what TTL is, and why it needs to be changed. How exactly to change the TTL requires consideration in a separate article. .
Most recently, a review of the flagship device, the ASUS wireless router, appeared on our pages. A distinctive feature of the model was the presence of eight LAN ports. Such a number of wired interfaces may be required if there are a large number of devices that have a wired connection: desktop computers, network storages and MFPs, video players, and so on. However, so much technology is usually found only in geeks and computer enthusiasts. For ordinary users, even four standard wired ports are often too many. Today, a model with two LANs and one WAN interface came to our network laboratory for testing. ASUS RT-AC53 is a truly budget router.
So, let's get started!
Appearance and hardware platform
The ASUS RT-AC53 wireless router is made in a black plastic case, the dimensions of which are 320x190x35 mm (excluding antennas), with a weight of only 285 grams. For its operation, the device requires an external power supply (supplied) with the following characteristics: 12 V and 1 A.
The top panel is matte, consisting of two parts. It contains the name of the manufacturer and the main parameters of the product, as well as LEDs that display the status of the wired and wireless interfaces of the device, as well as the presence of power.
The side surfaces are unremarkable, there is only a ventilation grill.
On the bottom panel of the router, you can find a sticker with brief information about the model, four rubber feet, two grooves for two more feet, two technological holes for mounting the device to the wall, and, of course, a ventilation grill.
The rear panel carries three non-removable swivel antennas, three Gigabit Ethernet interfaces (one WAN and two LANs), a power connector with a device on / off button, a WPS button and a recessed Reset button.
Let's now look inside the case. The hardware stuffing of the ASUS RT-AC53 wireless router is represented by one green textolite board, the main elements of which are located on one side. The only exception is the GigaDevice 25Q64CSIG flash memory module, the volume of which is 8 MB.
The functions of a wired Gigabit Ethernet switch are performed by the Realtek RTL8367RB chip. The central processor is represented by a MediaTek MT7620A chip, operating at a frequency of 580 MHz. We have already seen such a processor in ASUS models RP-AC52 And RT-AC51U. The RAM functions are performed by the Winbond DDR2 module, the volume of which is 64 MB. Support for the 2.4GHz wireless band (2T2R) is built into the processor, while the 5GHz band uses a separate MediaTek MT7610EN wireless chip.
This concludes our brief review of the router's hardware and proceeds to the study of its software capabilities.
Initial setup and firmware upgrade
When connecting to the ASUS RT-AC53 wireless router for the first time, the user will need to perform the initial configuration of the device. The initial setup itself is extremely simple - you only need to specify the basic settings for connecting to the Internet, set an administrator password, and select an operating mode.
Firmware update is traditional for all ASUS wireless routers and does not require any special knowledge from the user. To change the firmware, go to the Firmware Update tab of the Administration menu and specify the file containing the new firmware version. It is also worth noting that the update can also be performed in a semi-automatic mode, which, of course, requires an Internet connection.
The entire firmware update process usually takes no more than three minutes (excluding the time required to download the firmware from the global network).
Here, in our opinion, it would be appropriate to mention the utilities supplied with the router, because usually the need for them arises during the initial setup of the device. So, three utilities are distributed with ASUS RT-AC53: Device Discovery, Firmware Restoration and ASUS Printer Setup. Frankly, we do not really understand why the vendor suggests using the ASUS Printer Setup utility, since the RT-AC53 model does not have USB ports.
Using the Device Discovery utility, the user can discover the ASUS RT-AC53 wireless router on their local network.
If the firmware update process fails, the RT-AC53 enters recovery mode, which can be recognized by the slowly blinking power indicator. Unfortunately, the tested wireless router does not have a web server built into the bootloader, so you can restore the firmware either using the Firmware Restoration utility or manually by uploading the firmware to the device via TFTP.
It is also worth noting that while in recovery mode, the RT-AC53 does not respond to ICMP echo requests (ping).
C:\>ping 192.168.1.1
Pinging 192.168.1.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
However, TFTP recovery is not so simple either. At first, we just tried to transfer the file with the new firmware to the router, but without success.
C:\>
timeout occurred
Connect request failed
Then we launched Wireshark and began to analyze the traffic exchanged between the test PC and the router. It turned out that periodically RT-AC53 sends an ARP request for the address 192.168.1.75.
We changed the address on the test PC to 192.168.1.75/24 and the firmware file transfer was successful. A few seconds after receiving the file, the RT-AC53 rebooted itself using the new firmware.
C:\>tftp -i 192.168.1.1 put c:\RT-AC53_3.0.0.4_380_6038-g76a4aa5.trx
Transfer successful: 7475296 bytes in 2 second(s), 3737648 bytes/s
This concludes the section on updating the firmware and initial settings, and proceed to review the capabilities of the device's web interface.
Web interface overview
The web interface of the ASUS RT-AC53 wireless router can be accessed using any modern browser. The web interface of the device is traditionally made in gray and black colors and is available in thirteen languages.
We will not describe in detail all the features of the model, but will focus on the most interesting ones.
Model RT-AC53, as well as all other modern ASUS wireless devices, supports the creation of up to three guest networks in each wireless band. The corresponding setting is available in the "Guest network" menu item.
The settings responsible for ensuring the quality of service are collected in the "Traffic Manager" menu item. Here the user can manually limit the data transfer rate for certain nodes, or use the traditional QoS service. Also, using this menu item, you can get a load schedule for wired and wireless interfaces.
If you need to limit the time of using the global network, you should refer to the menu item "Parental Control".
The wireless network settings collected in the tabs of the Wireless Network menu item are traditional for most ASUS wireless routers, so we will not dwell on them.
The “Switch Control” tab of the “LAN” menu item caught our attention. In addition to the option to enable / disable hardware NAT acceleration, there is the possibility of limiting the speed of certain (usually unwanted) traffic.
ASUS RT-AC53 can use static and dynamic IP addresses, as well as the following tunnels to connect to providers: PPTP, L2TP and PPPoE. The corresponding settings are available on the "Connection" tab of the "Internet" menu item. Perhaps a few words should be said here about the options "Expand TTL value" and "Change LAN TTL value". Both options are designed to simplify the user's work in the networks of operators that limit subscribers by the number of connected devices. The “Substitute LAN TTL value” option allows you to send packets to the Internet with a fixed value of the TTL field in the IP packet header, while the “Expand TTL value” option affects traffic in the opposite direction, allowing you not to drop those packets whose TTL should have been reset when passing through the router.
Unfortunately, the Dual WAN function is not supported by the RT-AC53.
The settings for the operation of the IPv6 protocol are collected in the menu item of the same name.
The ASUS RT-AC53 wireless router has a built-in VPN client and server. Unlike older models, there is no support for the OpenVPN protocol here.
Traffic filtering is performed using the tabs of the Firewall menu item.
The device operation mode is selected using the "Operation mode" tab of the "Administration" menu item.
This concludes our brief overview of the main features of the device's web interface and moves on to the command line interface.
Command line interface
Access to the device's command line is controlled using the "System" tab of the "Administration" menu. It is worth noting that access is supported both using the Telnet protocol and SSH.
To access the command line, use the same login-password pair as for accessing the router's web interface. The firmware of the tested model is based on the Linux 2.6.36 operating system using BusyBox 1.17.4.
RT-AC53 login: admin
Password:
[email protected]:/tmp/home/root# cd /
[email protected]:/# uname -a
Linux RT-AC53 2.6.36 #1 Fri Sep 23 12:05:55 CST 2016 mips GNU/Linux
[email protected]:/#busybox
BusyBox v1.17.4 (2016-09-23 12:02:33 CST) multi-call binary.
Copyright (C) 1998-2009 Erik Andersen, Rob Landley, Denys Vlasenko
and others. Licensed under GPLv2.
See source distribution for full notice.
Usage: busybox ...
or: function ...
BusyBox is a multi-call binary that combines many common Unix
utilities into a single executable. Most people will create a
link to busybox for each function they wish to use and BusyBox
will act like whatever it was invoked as.
Currently defined functions:
[, [[, arp, ash, awk, cat, chmod, chown, chpasswd, cmp, cp, crond, cut, date, dd, df,
dirname, dmesg, echo, egrep, env, etherwake, expr, fgrep, find, free, grep, gunzip,
ifconfig, insmod, ionice, kill, killall, klogd, ln, logger, login, ls, lsmod, md5sum,
mdev, mkdir, mknod, modprobe, more, mount, mv, netstat, nice, nohup, nslookup, pidof,
ping, ping6, printf, ps, pwd, readlink, renice, rm, rmdir, rmmod, route, sed, sh, sleep,
sort, strings, sync, syslogd, tar, telnetd, test, top, touch, tr, traceroute, traceroute6,
udhcpc, umount, uname, uptime, usleep, vconfig, vi, watch, wc, which, zcat, zcip
Let's see what processes are currently running on the device using the ps command. The top utility will display data on the current work of running processes. We placed the results of the work of these utilities in separate file.
The contents of the directories /bin, /sbin, /usr/bin and /usr/sbin, together with the output of the sysinfo script, we present in separate file. For example, the /sbin directory contains the tcpcheck utility, which allows you to check whether a specific TCP port is open on a specific host.
[email protected]:/# tcpcheck
usage: tcpcheck
[email protected]:/# tcpcheck 10 192.168.1.1:23
192.168.1.1:23 is alive
[email protected]:/# tcpcheck 10 192.168.1.2:23
192.168.1.2:23 failed
Now let's go to the /proc directory and see what files are located here, as well as find out the operating system time and its average load, get information about the installed processor and the amount of RAM. In principle, the uptime and average system load can also be obtained using the uptime system call.
[email protected]:/# cd /proc
[email protected]:/proc#ls
1 193 267 bus kpagecount stat
10 194 3 cmdline kpageflags sys
11 196 30 cpuinfo loadavg sysrq-trigger
115 2 301 crypto locks sysvipc
116 20 306 devices meminfo timer_list
12 201 4 diskstats misc tty
13 204 41 driver modules uptime
135 208 430 execdomains mounts version
136 21 5 filesystems mt7620 vmallocinfo
164 212 6 fs mtd vmstat
17 22 7 interrupts net zoneinfo
172 226 76 iomem nvram
175 23 8 ioportspagetypeinfo
18 261 82 irq partitions
180 263 9 kcore self
19 265 buddyinfo kmsg softirqs
[email protected]:/proc# cat uptime
1746.00 1673.66
[email protected]:/proc# cat loadavg
0.07 0.07 0.02 1/47 432
[email protected]:/proc# cat cpuinfo
system type: MT7620
processor: 0
cpu model: MIPS 24Kc V5.0
BogoMIPS: 386.04
wait instruction: yes
microsecond timers: yes
tlb_entries: 32
extra interrupt vector: yes
hardware watchpoint: yes, count: 4, address/irw mask:
ASEs implemented: mips16 dsp
shadow register sets: 1
core: 0
VCED exceptions: not available
VCEI exceptions: not available
[email protected]:/proc# uptime
03:29:19 up 29 min, load average: 0.05, 0.06, 0.02
It is impossible not to mention the nvram utility, which allows you to change important parameters of the device.
[email protected]:/#nvram
usage: nvram
[email protected]:/# nvram show | grep admin
http_username=admin
[email protected]:/# nvram show | grep password
size: 20283 bytes (41157 left)
http_passwd=password
[email protected]:/#
So, for example, using the nvram utility, you can disable the STP protocol on the RT-AC53 LAN ports.
[email protected]:/# nvram show | grep stp
size: 20283 bytes (41157 left)
lan_stp=1
lan1_stp=1
[email protected]:/# nvram set lan_stp=0
[email protected]:/# nvram commit
[email protected]:/# nvram show | grep stp
size: 20283 bytes (41157 left)
lan_stp=0
lan1_stp=1
[email protected]:/#
This concludes the review of the capabilities of the command line interface, let's move on to testing the device.
Testing
The first test with which we traditionally begin this section is measuring the boot time of the router, by which we mean the time interval between the moment the device is powered up until the first echo response is received via the ICMP protocol. The ASUS RT-AC53 wireless router boots in 42 seconds, which we consider a good result.
The second no less traditional test was the device security check, carried out from the LAN port side using the Positive Technologies XSpider 7.8 network security scanner. A total of nine open ports were found. The most interesting information found is presented below.
Before proceeding directly to load testing, we would like to acquaint the reader with the main parameters of our test bench.
| Component | PC | Laptop |
| Motherboard | ASUS Maximus VIII Extreme | ASUS M60J |
| CPU | Intel Core i7 6700K 4 GHz | Intel Core i7 720QM 1.6 GHz |
| RAM | DDR4-2133 Samsung 64 GB | DDR3 PC3-10700 SEC 16 GB |
| LAN card | Intel PRO/1000PT ASUS PCE-AC88 |
Atheros AR8131 ASUS RT-AC88U |
| operating system | Windows 7 x64 SP1 Rus | Windows 7 x64 SP1 Rus |
We decided to start testing the performance of the device by measuring the routing speed with NAT / PAT with hardware acceleration enabled (default setting). Measurements were taken for one, five and fifteen simultaneous TCP connections. The test results are presented in the diagram below.
As follows from the results of this test, routing is performed at the speed of the medium, while the device processor remains unloaded. The only thing I would like to note is the limitation when working in full duplex: the total data transfer rate in both directions did not exceed 1 Gb / s, which, in our opinion, is due to the internal wiring of the device.
We decided to disable hardware acceleration and repeat the previous measurements. The speed limit in this test is due to the performance of the router's CPU.
When performing classic routing without NAT, hardware acceleration is not used, so the speeds obtained as a result of the experiment are similar to those we obtained in the previous experiment.
For residents of the post-Soviet space, the actual way to connect to the Internet is to use a variety of tunnels (VPN). We decided to measure the performance of a wireless router when working with two types of such tunnels: PPTP and L2TP. ASUS RT-AC53 supports both encrypted (MPPE128) and non-encrypted PPTP tunnels.
We decided to continue the wired tests by measuring the performance of the ASUS RT-AC53 model when working with the next version of the IP protocol - IPv6.
The processing of IPv6 packets is performed by the central processor, so the speed limit is due to the performance of the latter, that is, when transmitting IPv6 traffic at a speed of about 200 Mbps, the processor load was 100%.
ASUS RT-AC53 wireless router has the ability to ensure the quality of service of transmitted traffic. So, for example, you can set a limit on the maximum bandwidth available to a particular device. We decided to find out how much the real user data transfer rate corresponds to the configured value. The graph below shows three curves: the blue one corresponds to the configured values, the green one corresponds to the traffic transmitted from the subscriber to the Internet, and the red one corresponds to the opposite direction.
For speeds up to about 150 Mbps, the obtained values correspond well to the configured ones, however, starting from this speed, the increase in the bandwidth available to the user stops, which is again due to the performance of the central processor of the device - the CPU is used to provide QoS support. All devices for which no rate limiting rule is configured when QoS is enabled receive a bandwidth of about 175 Mbps. It is worth noting that we do not consider the detected limitations to be a problem, since the use of QoS mechanisms is usually required at relatively low speeds of access to the global network, and most providers in Russia do not offer tariffs with speeds higher than 100 Mbps.
QoS mechanisms are not the only means to limit the rate of traffic transmitted by users. We are talking about the settings located in the “Switch Control” tab of the “Local Network” menu item. True, here it is worth talking, rather, about protective mechanisms that allow you to stabilize the network in cases where, for example, the network card of one of the PCs is out of order and sends a large number of erroneous frames. We could not help but test the operation of this mechanism using the example of the Unknown Unicast frame limit. Measurements were taken up to speeds of 700 Mbps - the limiting mechanism coped well with the traffic generated by our test PC. It seems that such Storm Control in the RT-AC53 model is implemented in hardware. Here, however, one cannot but say about the fly in the ointment, which we found during the testing process. If the limits are set high enough, then unknown traffic at about 500 Mbps will result in 100% CPU usage, so we strongly discourage users from changing the default values.
Finally, we got to the wireless tests. The measurements were carried out with the router and the client located in close proximity to each other, the distance between them was from one to three meters. First, we found out what speeds will be available to users operating in the 2.4 GHz band.
The next test was the measurement of wireless transmission rates of user data in the 5 GHz band. The 5 GHz band continues to be less loaded compared to the 2.4 GHz band, so we, as always, recommend that users pay their full attention to it.
In conclusion of this section, we decided to find out to what maximum temperature the device case heats up during intensive use. We measured the case temperature of the ASUS RT-AC53 wireless router using our ADA TempPro-2200 laboratory pyrometer. The maximum values are as follows: top panel - 37°C, bottom panel - 41°C. During measurements, the temperature in the room was 25°C.
This is where we end the testing section and move on to summing up.
Conclusion
We were satisfied with the tested ASUS RT-AC53 wireless router. This model belongs to the class of budget solutions: you should not expect record speeds or the maximum set of functions from it. However, for most home users, the functionality of the RT-AC53 will be more than enough. To connect to the Internet one stationary computer, set-top box and several laptops with phones, you do not need to purchase a network monster - just an ordinary inexpensive wireless router is enough. Model ASUS RT-AC53 is just such a solution - nothing more, just everything you need.
The strengths of the ASUS RT-AC53 Wireless Router are listed below:
- good traffic transfer rates in both wireless bands;
- availability of QoS mechanisms;
- support for up to three guest networks in each wireless band;
- good processing speeds of IPv6 traffic;
- the ability to limit the time of using the Internet by the client (parental control);
- built-in PPTP client and server;
- the ability to limit the speed of transmission of unwanted traffic in the LAN;
- acceptable price.
Unfortunately, we cannot but list the disadvantages of the device:
- the web interface is not fully translated;
- only two LAN ports.
At the time of writing this review, the average price for the ASUS RT-AC53 wireless router in online stores in Moscow was 3,700 rubles.
