Why is tampering with the TTL of IP dangerous?

linux ip iptables

The TTL get decremented when it pass through a router. This makes sure that if the packet is traveling around in circles it will eventually die.

The TTL field of an IP v4 packet is an 8-bit field (255 decimal). So setting it high at the start it isn't a big deal since it can't actually be that large in a well-formed packet (Although, some things might accept malformed IP packets).

However, if something increments it, and the incrementation step is part of the loop, the packet could keep going in circles without ever reaching zero. Over time (could be very short, or a gradual leak), packets could build up in the system containing that loop causing it to overload.


The TTL on packets keeps routing sane, basically. If a packet were to have a very large TTL and was caught in a circular route for some reason, it could cause a ton of traffic (called a "packet storm") and interfere with normal operations. Too low TTL would result in loss of connectivity as you'd lose the packet before it reached the destination.

Related

how to access host variable of a different host with Ansible?
Bash find command verbose output
how to restrict access to directory and subdirs
How to convert 'dmesg' time format to 'real' time format
nginx proxy pass redirects ignore port
Docker COPY issue - "no such file or directory"
How to take full ownership of an IP address?
Connecting to HTTPS with netcat (nc) [closed]
On a dual CPU server, is it normal for one CPU to run hotter than the other?
Why change default ssh port? [closed]
Fibre channel long distance woes
filesystem for millions of small files