TTL - what is it, how to use and set the value on your phone and router?

ATTENTION! According to the latest data from a reliable source, it became known that not only TTL is the reason for blocking the mobile Internet. If you need information on TTL for routers, and what this protocol affects, then see the last chapter.

Good day to all! Most likely you came here to bypass the blocking of your mobile operator. After all, with the help of TTL, these companies catch the hand of subscribers who have enabled access point mode on their phone. What is TTL? Time To Live is the lifetime of a packet in the IP addressing universe.

When the user turns on the modem or access point mode, the phone starts distributing Wi-Fi along with the Internet. When connecting a computer, laptop, TV, set-top box or other phone (tablet), it is through TTL that the provider understands that the Internet is being distributed to another device.

At the moment, such operators as MTS, Beeline, YOTA, Tele2 and others are guilty of this. As far as I remember, only Megafon has no restrictions yet, but I could be wrong - correct me in the comments if I’m wrong. Next, I will tell you how to find out the TTL value, how to change it, and how to bypass the blocking. Let's start with the theory - I advise you to read it so that everything will be clear to you in the future.

More details about TTL

Let's look at a simple example. You have a phone that, when connected to the operator’s mobile Internet, constantly sends requests. Each such request has a TTL value, which by default is 64 - on Android and iOS. For Windows Phone, as far as I remember, this value is 130.

After the router mode is turned on on the phone and Wi-Fi with the Internet is distributed, other devices connect to it. On Windows the default TTL is 128. On other phones it is 64.

Now we come to the heart of TTL. As you remember, TTL is the lifetime of a packet, and it is called that because when passing through one node or device, this value is reduced by 1. As a result, the computer connected to your phone will send a request to the Internet with a TTL that will be equal to 127 (that is, minus 1). From connected phones the TTL will be already 63.

As a result, three packets with different TTLs arrive from your phone to the operator’s server. The operator understands that the matter is not clean and blocks the device. But the blocking can also be easily bypassed.

Working principle of TTL

Recently, all mobile operators provide unlimited Internet without restrictions only if you use the Internet on a smartphone. But if you start using a smartphone instead of an access point, or connect a laptop via wire, the cellular company will quickly detect this (they will offer to pay additionally for traffic). Most users don't understand how this happens. But there is nothing complicated about it. TTL is used to verify companies. This means TimeToLive, the lifetime of the data in seconds. The largest value is 255. Moreover, different operating systems generate sets with different values. For example, companies immediately introduce restrictions as soon as you start distributing traffic to other devices. When a new device is connected, the outgoing TTL will be one less than that of your smartphone. Knowing how to change this value, you can bypass these restrictions.

Bypassing blockages

The blocking is quite simple - you need to set the TTL on the connected devices, which will be exactly 1 more than that of the distributing phone. For example, you distribute the Internet to a laptop, then you need to set this device’s TTL to a value 1 greater than that of the distribution device (that is, 65). As a result, the packet from the computer reaching the phone will take the value 64. The operator will see that all packets are the same and will not block anyone.

NOTE! You can, of course, not reduce the TTL on the receiving device, but reduce it on the distributing device, but for this you will need ROOT rights and the TTL Master program. Therefore, it is easiest to change the value on secondary devices - more on this below.

But there is one more catch, which for some reason is not written about anywhere. The fact is that operators also began to calculate the distribution differently. The provider has a list of servers that can only be accessed from a computer.

For example, if a Windows update starts on a connected computer, the operator will immediately understand this. Because no one in their right mind would access Microsoft update servers from their phone. The list of such servers is constantly growing. But this problem is quite easily solved. On this occasion, we have detailed instructions for all operators on our portal:

MTS
Beeline
YOTA

All the steps are described there with pictures and explanations. You can also determine and check your TTL, but in fact they have the same values for all types of devices that I wrote about at the very beginning.

Changing TTL on Windows.

1. Call the “Run” window. To do this, press the key combination Win + R. In this window, enter regedit and click OK. 2. We find ourselves in the registry editor. We go along the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters 3. Here we need to right-click on the field on the right, and select “Create -> DWORD Parameter (32 bits)” 4. Set the name of the parameter – “DefaultTTL " Double-click on the created parameter, select the Decimal Numeration System, and enter the value 65. 5. We also create the DefaultTTL=65 parameter for the adjacent registry branch - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6 Done, the TTL on the computer has been changed! Reboot the computer.

Why does the TTL reset after every session?

Another common problem is when the manipulations described above have to be repeated again on a daily basis. In some cases, changes are not even saved during the day, which cannot correspond to a comfortable time spent on the Internet on a PC through mobile traffic.

There may be two problems. The first is errors in the registry, the second is that changes are not made on behalf of the administrator. Both problems can be solved quite simply and do not require complex operations.

Errors in the registry today are easily corrected using various “cleaning” utilities, such as CCleaner, Wise Care 365 and others. Just in case, before starting the program, it is recommended to leave a mark to restore the system, although in 99.9% of cases there is no need to worry.

As for access on behalf of the administrator, usually, if we are talking about a personal computer, the account will be on behalf of the administrator. If not, then you need to obtain such rights, and only then make the changes described above.

Additional Information ! If both options are excluded, you should also scan the system with an antivirus.

How to get administrator rights in the Windows 10 operating system

If the computer is used by several people who “sit” on different accounts, you need to find out which of them has administrator rights (usually the first one created) and assign the same privileges to the other “account”.

The algorithm of actions is as follows:

Click on the magnifying glass icon.
Enter the “cmd” command.
A response to the request will appear at the top of the window in the form of the “Command Line” item. You need to right-click on it once.
In the pop-up submenu, select “Run as administrator.”
An input window will open where you need to enter “net user administrator /active:yes” (without quotes). If Windows is in English, then enter the same thing, only enter the word “administrator” in Latin letters.
Click on Enter.

After this, all that remains is to restart the computer and this account will already have administrator rights.

Additional Information ! You can see which account is administrative and which is not in the “Change account settings” item, which can be found in Start by right-clicking on the “User” item (called by clicking on the “three dashes” icon).

Location of the Windows Account Settings menu

Internet diagnostic tests

The PING command can be used to perform several useful Internet diagnostic tests, such as the following:

Domain IP address

PING can be used to check a domain name or IP address. The response displays the corresponding IP address.

Time and distance

The PING command can be used to determine how long it takes for a packet to bounce from another site, which tells the user the distance to the Internet in network terms.

Access

The PING function can be used to check whether a user can reach another computer device. If the user cannot ping at all, but can ping other sites, this indicates that the Internet is working, but the site is not working. However, if the user is unable to ping any site, it indicates that the entire network connection is down due to a bad connection.

The following are considered good ping response times:

<30ms - excellent ping and ideal for online gaming.
30 to 50ms is an average ping and is still good for online gaming.
50 to 100 ms is a somewhat slow ping time, which affects online gaming.
100-500ms is slow ping and has minimal impact on web browsing, but creates noticeable lag when playing online games.
500 ms - pings lasting half a second and more noticeably delay all requests.

The output of the PING utility depends on the operating system. However, almost all PING outputs display the following:

Destination IP address
ICMP sequence number
Time to Live (TTL)
Round trip time
Payload size
The number of packets lost during transmission.

Most ping programs send multiple pings and provide an average number of pings at the end.[4]

Functionality

The PING function offers two main purposes: to check whether a host is reachable and to measure how long it takes to respond. The PING command is one of the most commonly used command line interfaces. PING consists of one packet, which is an echo request. If the host is available, it responds with one packet. The time measurement for PING is measured in milliseconds, which refers to the time the packet reaches the host and the response returns to the sender.[2]

Additionally, PING uses the Internet Control Message Protocol (ICMP). ICMP compensates for gaps in the IP protocol by reporting an error. This is necessary for the system because the IP protocol does not have a way to report errors. It reports errors and expects higher layers of the OSI architecture model to handle and correct errors. This PING program works like a sonar that sends small packets of information containing an ICMP ECHO_REQUEST to a specified computer and then sends an ECHO_REPLY in return.

The following are the steps that are typically performed when a user polls a machine.

An ICMP echo request message will be sent to the recipient by the source.
The PING program will set a sequence ID that will be incremented with each ping message.
PING inserts the sending time into the data section of the message.
It sends an ICMP echo reply message back to the source if the host is alive and responding.
The time of arrival of the response message will be noted using the PING command, which uses the time of sending part of the message and calculates the round trip time.
It increments the sequence ID and sends a new echo request message. This continues for the number of PING requests set by the user, or the program will terminate.

The round trip will be calculated using the local clock time of the source node when the IP datagram leaves the source node, and then it will be subtracted from the time at which the echo reply arrives.[3] The PING tool will display various error messages when the round trip operation does not complete successfully, such as the following:

Unknown carrier

Determines that the IP address or host names are not on the network, or that the destination host name cannot be resolved.

Destination host unavailable

Determines whether the target node is down or not online. This may occur because there is no local or remote route for the end node.

TTL expired during transit

This refers to the maximum time an IP packet can live on a network before it is discarded if it does not reach its destination.

Request a timeout

Determines when a PING command has ended because no response has been received from the host. It also determines that echo reply messages were not received due to network traffic, an Address Resolution Protocol (ARP) request packet filtering failure, or a router error.

Summary

In this article, we analyzed the meaning of TTL quite clearly and in detail, and presented it through a schematic representation of the interaction of the adjusted devices with the telecom operator. We hope that the information received was useful to you. You can add reviews and suggestions, as well as comments, in the comments.

Our recommendations:

Description, reviews and activation of the MTS HYIP tariff;
How to measure Internet speed on your phone online;

Changing TTL for Android devices

In order to change the TTL value on gadgets running the Android operating system, you must perform the following operations:

Download and install a utility called Sysctl Editor on the device.
After launching the application, go to the SYSCTL EDITOR folder, which is located on the main page.
In the search bar you must enter net.ipv4.ip_default_ttl.
In the window that appears, you need to change the TTL number from 64 to a reduced 63.
Reboot the device and access point.

That's all! Now you can access traffic from any mobile gadget.

What is TTL - definition

TTL is simply the lifetime of a data packet in the protocol . But the relevance of manipulating the values of a given data package is currently very high. And the majority have encountered this problem in one way or another and are now actively searching for information on how to bypass restrictions on Internet distribution from their smartphones. Telecom operators usually control traffic by monitoring TTL packets and catch unprepared users when distributing traffic and unauthorized connections of mobile devices to the user’s smartphone.

After reading this article, you can find out how and with what tricks you can bypass the restriction on the distribution of traffic from your smartphone, how the provider learns about the illegal distribution of the Internet by the user using IP or usb.

Examples of using

The following example contains the output of the ping command:

ping example.microsoft.com Pinging example.microsoft.com [192.168.239.132] with 32 bytes of data: Reply from 192.168.239.132: bytes=32 time=101ms TTL=124 Reply from 192.168.239.132: bytes=32 time=100ms TTL=124 Reply from 192.168.239.132: bytes=32 time=101ms TTL=124 Reply from 192.168.239.132: bytes=32 time=101ms TTL=124

To send a message to destination 10.0.99.221 and match it to its hostname, enter:

ping -a 10.0.99.221

To send ten ping messages to destination 10.0.99.221, each with a 1000-byte data field, enter:

ping -n 10 -l 1000 10.0.99.221

To send a message to destination 10.0.99.221 and record a route for 4 hops, enter:

ping -r 4 10.0.99.221

To send a message to destination 10.0.99.221 and set free routing for destinations 10.12.0.1-10.29.3.1-10.1.44.1, enter:

ping -j 10.12.0.1 10.29.3.1 10.1.44.1 10.0.99.221