Linux – TTL and traceroute showing different values for same domain

linuxnetworkingttl

Why am I getting two different outputs for tracert and ping?

Ping Result showing total hops of 20 and tracert showing 8.

Default ttl value on my Linux machine 64, icmp echo reply ttl value 44.

64-44=20

but tracert is showing only 8 hops.

What can be the reason?

If tracert is implemented using ttl then why am I getting different values for same domain, no matter how many times I tried?

For Google and Google services, ttl value and tracrt are same,but for other domains it's different.

Best Answer

What you are doing makes no sense and when it works, it works by luck. You have no idea what the inital TTL value is in the ping reply packet. That packet is sent by some remote machine over which you have no control (the one you pinged). You can't determine the hop count from the received TTL value without knowing the initial TTL value.

You do know the initial TTL of your outbound traceroute packets, since you composed them. That's why this works with traceroute, which is designed for this purpose. If you tried to make sense of the received TTL values in the ICMP responses to your traceroute packets, that would give the same nonsensical results that only work by luck that you get from ping.

Try it if you don't believe me. Do a traceroute and look at the received TTL values in the ICMP replies. You might see 51 from one hop and 238 from the very next one. This happens because the various devices use different initial TTL values in the replies they compose to you.

Related Solutions

Centos – traceroute timing out in hop 5 for hostname

It's just because router that is on Hop 5 is filtering traceroute request.
It's not a problem, there is no impact for your server and you can't do anything about this.

Differences of the TTL value in Tracert and Ping

Why does it happen?

Some host in path filtering you traceroute

Is it any difference between the TTL value showed in ping and the TTL value of tracert ?!

no difference(ping ttl=55, tracepath ttl=back=55)... no host filtering trace

ping ya.ru
PING ya.ru (87.250.250.3) 56(84) bytes of data.
64 bytes from www.yandex.ru (87.250.250.3): icmp_seq=1 ttl=55 time=36.6 ms

 tracepath ya.ru

 ....................

 8:  l3-s550-s450.yandex.net (213.180.213.23)              97.070ms 
 9:  l3-s650-s550.yandex.net (213.180.213.29)              97.992ms 
10:  www.yandex.ru (77.88.21.3)                            91.306ms reached
     Resume: pmtu 1500 hops 10 back 55

Then when I ping google.com the returned TTL value is 45, and I assume it means that (128 - 45) / 2 hops are existed in my way to google.

No. Path = 64(default google.com ttl) - 45(ping ttl) = 19 hops

Best Answer

Related Solutions

Centos – traceroute timing out in hop 5 for hostname

Differences of the TTL value in Tracert and Ping

Related Topic