Why doesn't the firewall decrement the TTL of packets?
I would like to understand why the TTL (Time to Life) is not decremented by -1 when packets are forwarded through the firewall.
Devices that route must decrement a TTL value, but the firewall does not follow this rule when routing packets. I would like to understand if there is any reason for this behavior.
In Sonicwall there is an option in Firewall Settings -> Advanced -> Decrement TTL that is unchecked by default, if I activate it, the forwarded packets start to decrement the TTL.
Best Answer
-
Arkwright Community Legend ✭✭✭✭✭
I think it's supposed to be a security feature. If you don't decrement the TTL, you [hopefully] don't show up in a traceroute. I always enable it.
2