683 TTL and Loop Prevention

683.1 Learning Objectives

By the end of this section, you will be able to:

Apply TTL Concept: Understand how Time-To-Live prevents routing loops
Trace Packet Paths: Use traceroute to discover network paths
Compare IPv4/IPv6: Understand TTL vs Hop Limit differences

683.2 Prerequisites

Routing Basics: Understanding router operation and forwarding decisions

683.3 Time-To-Live (TTL): Preventing Routing Loops

683.3.1 The Problem

What if routing tables have errors or loops?

Packets could circulate endlessly through routers, never reaching destination:

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#16A085', 'secondaryColor': '#E67E22', 'tertiaryColor': '#ecf0f1', 'noteTextColor': '#2C3E50', 'noteBkgColor': '#f39c12', 'textColor': '#2C3E50', 'fontSize': '16px'}}}%%
graph LR
    A[Router A<br/>Send to B]
    B[Router B<br/>Send to C]
    C[Router C<br/>Send to A]

    A -->|Packet| B
    B -->|Packet| C
    C -->|Packet| A

    style A fill:#E67E22,stroke:#2C3E50,stroke-width:3px,color:#fff
    style B fill:#E67E22,stroke:#2C3E50,stroke-width:3px,color:#fff
    style C fill:#E67E22,stroke:#2C3E50,stroke-width:3px,color:#fff

Figure 683.1: Routing loop problem: misconfigured routing tables cause packets to circulate endlessly between routers

683.3.2 The Solution: TTL Field

Every IP packet header contains a TTL (Time-To-Live) value:

IPv4: TTL field (8 bits, max value 255)
IPv6: Hop Limit field (8 bits, max value 255)

How it works: 1. Source host sets initial TTL (typically 64 or 128) 2. Each router decrements TTL by 1 3. If TTL reaches 0, router drops packet 4. Router may send ICMP “Time Exceeded” error back to source

683.3.3 TTL in Action

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#16A085', 'secondaryColor': '#E67E22', 'tertiaryColor': '#ecf0f1', 'noteTextColor': '#2C3E50', 'noteBkgColor': '#f39c12', 'textColor': '#2C3E50', 'fontSize': '16px'}}}%%
flowchart LR
    Source[Source<br/>TTL=64]
    R1[Router 1<br/>TTL=63]
    R2[Router 2<br/>TTL=62]
    R3[Router 3<br/>TTL=61]
    Dest[Destination<br/>TTL=60]

    Source -->|Decrement TTL| R1
    R1 -->|Decrement TTL| R2
    R2 -->|Decrement TTL| R3
    R3 -->|Decrement TTL| Dest

    style Source fill:#E67E22,stroke:#2C3E50,stroke-width:3px,color:#fff
    style Dest fill:#16A085,stroke:#2C3E50,stroke-width:3px,color:#fff
    style R1 fill:#2C3E50,stroke:#16A085,stroke-width:2px,color:#fff
    style R2 fill:#2C3E50,stroke:#16A085,stroke-width:2px,color:#fff
    style R3 fill:#2C3E50,stroke:#16A085,stroke-width:2px,color:#fff

Figure 683.2: TTL decrement in action: each router decrements TTL by 1, preventing infinite loops

Alternative View: TTL as a Countdown Timer

This variant shows the same TTL concept but emphasizes how TTL prevents routing loops by visualizing a loop scenario with countdown.

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#E67E22', 'secondaryColor': '#16A085', 'tertiaryColor': '#E8F6F3', 'fontSize': '11px'}}}%%
sequenceDiagram
    participant S as Source<br/>TTL=3
    participant A as Router A
    participant B as Router B
    participant C as Router C

    Note over S,C: Misconfigured loop: A->B->C->A

    S->>A: Packet TTL=3
    Note over A: TTL=3->2
    A->>B: Packet TTL=2
    Note over B: TTL=2->1
    B->>C: Packet TTL=1
    Note over C: TTL=1->0
    C--xA: TTL=0 DROPPED!

    Note over C: ICMP Time Exceeded<br/>sent to Source
    C-->>S: ICMP Error

    Note over S,C: Without TTL, packet loops forever!<br/>With TTL, max 3 hops then dropped.

Figure 683.3: TTL Loop Prevention - Shows how TTL countdown stops packets from circulating forever in misconfigured networks

Key Insight: TTL is like a “self-destruct timer” for packets. Even if routing tables have errors, packets eventually die and don’t clog the network forever.

Show code

{
  const container = document.getElementById('kc-route-ttl-1');
  if (container && typeof InlineKnowledgeCheck !== 'undefined') {
    container.innerHTML = '';
    container.appendChild(InlineKnowledgeCheck.create({
      question: "An IoT mesh network has a misconfiguration causing a routing loop between three routers: A -> B -> C -> A. A sensor sends a packet with TTL=64. How many times will the packet traverse the loop before being dropped?",
      options: [
        {text: "The packet will loop forever until manually stopped", correct: false, feedback: "This is exactly what TTL prevents! Without TTL, routing loops would cause packets to circulate endlessly. TTL ensures packets are eventually dropped, protecting the network."},
        {text: "The packet will be dropped immediately when the loop is detected", correct: false, feedback: "Routers don't detect loops by examining packet history. They simply decrement TTL and forward. The loop is only 'detected' when TTL reaches 0 and the packet is dropped."},
        {text: "The packet will traverse the loop 21 times (64 hops / 3 routers per loop)", correct: true, feedback: "Correct! Each router in the loop decrements TTL by 1. With a 3-router loop and TTL=64, the packet traverses the loop 64/3 = 21.33 times. After 64 hops, TTL reaches 0 and the router drops the packet, sending an ICMP Time Exceeded error."},
        {text: "The packet will traverse the loop 64 times (once per TTL value)", correct: false, feedback: "Each hop decrements TTL by 1, not each complete loop. With 3 routers per loop, the packet makes 64 total hops across ~21 complete loops before TTL reaches 0."}
      ],
      difficulty: "medium",
      topic: "routing"
    }));
  }
}

683.4 IPv4 vs IPv6 Packet Headers

683.4.1 IPv4 Header (TTL Field)

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version|  IHL  |Type of Service|          Total Length         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Identification        |Flags|      Fragment Offset    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Time to Live |    Protocol   |         Header Checksum       |  <- TTL HERE
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                       Source Address                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Destination Address                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

683.4.2 IPv6 Header (Hop Limit Field)

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class |           Flow Label                  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Payload Length        |  Next Header  |   Hop Limit   |  <- Hop Limit HERE
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
+                         Source Address                        +
|                            (128 bits)                         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
+                      Destination Address                      +
|                            (128 bits)                         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

683.4.3 IPv4 vs IPv6 Comparison

Feature	IPv4	IPv6
Field Name	TTL (Time-To-Live)	Hop Limit
Size	8 bits	8 bits
Max Value	255	255
Typical Initial Value	64, 128, 255	64, 255
Decrement	-1 per router	-1 per router
When 0	Drop + ICMP Time Exceeded	Drop + ICMPv6 Time Exceeded

Both work identically for loop prevention!

683.5 Using TTL: The `traceroute` Tool

The traceroute command uses TTL to map network paths:

traceroute google.com

How it works: 1. Send packet with TTL=1 - First router drops it, returns ICMP error (identifies router 1) 2. Send packet with TTL=2 - Second router drops it, returns ICMP error (identifies router 2) 3. Continue increasing TTL until destination reached

Output:

1  192.168.1.1 (Gateway)         1.234 ms
2  10.0.0.1 (ISP Router)         5.678 ms
3  203.0.113.1 (Regional Router) 12.345 ms
...
15 142.250.185.46 (google.com)   25.678 ms

Shows every router along the path!

683.6 Quiz: TTL in Multi-Hop Networks

Quiz: TTL Behavior Across Network Paths

Question: A LoRaWAN gateway forwards sensor data through 8 routers to reach a cloud server. The packet starts with TTL=64. On the return path, the cloud server’s response passes through 10 routers back to the gateway. What happens to the return packet?

Explanation: B. Each packet gets its own independent TTL. The response is a new packet created by the cloud server with a fresh TTL=64. After 10 hops, TTL = 64 - 10 = 54, so the packet is delivered successfully.

Key Insight: Each Direction is Independent

Request packet (sensor to cloud) has its own TTL. Response packet (cloud to sensor) is a completely different packet with its own fresh TTL.

Why Other Options Are Wrong:

A: Packet would only drop if TTL reaches 0. After 10 hops from TTL=64, TTL=54, which is not 0.
C: Misunderstands TTL as bidirectional. Each packet gets fresh TTL from its source.
D: Correct concept (new TTL) but wrong final value. TTL decrements at each hop.

Question: Traceroute discovers the path to a destination by intentionally triggering which ICMP response from intermediate routers?

Explanation: C. Traceroute sends packets with small TTL values (1, 2, 3, …). Each router decrements the value; when it reaches 0, the router drops the packet and returns ICMP Time Exceeded, revealing that hop.

Question: In IPv6, what field performs the same role as IPv4’s TTL?

Explanation: B. IPv6 uses Hop Limit (decremented by each router) to prevent loops, analogous to IPv4’s TTL.

683.7 IoT Implications of TTL

683.7.1 Long-Distance IoT Deployments

Example: Offshore oil rig sensors -> Cloud

Path might traverse:
- 5 hops (rig -> shore)
- 10 hops (shore -> internet backbone)
- 5 hops (backbone -> cloud provider)
Total: 20 hops

With TTL=64: Safe margin of 44 hops remaining
With TTL=32: Still safe (12 hops margin)

683.7.2 Mesh Networks

Example: Smart city sensors in mesh topology

Sensor -> 3 mesh hops -> Gateway -> 10 internet hops -> Cloud
Total: 13 hops

TTL concern: Mesh adds extra hops
Solution: Initial TTL=64 provides ample margin (51 hops remaining)

683.7.3 Checking TTL in Practice

# Linux: Check TTL of received ping
$ ping -c 1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=10.2 ms
                                       ^^^
                                       TTL remaining

# Calculation:
# Google's server sent with TTL ~127 or 128
# We received with TTL=117
# Hops: 128 - 117 = 11 hops from Google to us

683.8 Summary

TTL (Time-To-Live) prevents packets from looping forever in misconfigured networks
Each router decrements TTL by 1 when forwarding
When TTL reaches 0, the packet is dropped and ICMP error is sent
traceroute uses controlled TTL values to discover network paths
IPv4 uses TTL, IPv6 uses Hop Limit - both work identically
IoT networks: Plan for mesh hops by setting appropriate initial TTL values

683.9 What’s Next

Continue to Routing Tables to understand how routers store and look up route information, and the different types of routes (connected, static, dynamic).