Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


Why doesn't the firewall decrement the TTL of packets?

I would like to understand why the TTL (Time to Life) is not decremented by -1 when packets are forwarded through the firewall.

Devices that route must decrement a TTL value, but the firewall does not follow this rule when routing packets. I would like to understand if there is any reason for this behavior.

In Sonicwall there is an option in Firewall Settings -> Advanced -> Decrement TTL that is unchecked by default, if I activate it, the forwarded packets start to decrement the TTL.

Category: High End Firewalls


  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    I think it's supposed to be a security feature. If you don't decrement the TTL, you [hopefully] don't show up in a traceroute. I always enable it.

Sign In or Register to comment.