On (02/26/09 13:49), Peter Memishian wrote: > > - setting ip/tcp/udp/icmp TTL through ndd: > > Do we really want to change the default ttl for all > > ip/tcp/udp/icmp packets? Esp when there are socket options > > like IP_TTL, IPV6_UNICAST_HOPS, IP_MULTICAST_TTL for this? > > (See also 5046705) > > > > We have ip_def_ttl, ip6_def_hops, tcp_ipv4_ttl, > > tcp_ipv6_hoplimit, icmp_ipv4_ttl, icmp_ipv6_hoplimit, > > udp_ipv4_ttl, udp_ipv6_hoplimit, ip_broadcast_ttl. > > Aren't IP_TTL, IPV6_UNICAST_HOPS, IP_MULTICAST_TTL > > sufficient? > > There are a number of times I can recall where the field has used the TTL > ndd parameters to workaround broken applications.
But setting it via ndd because of 1 broken app clobbers it for *all* apps! Isn't it possible (and better) to set up ipfilter for these broken apps to curb their ttl, instead of using the ndd sledge-hammer? --Sowmini
