How to set router TTL?

Stavman · January 11, 2021, 10:14pm

I’ve been trying to get this set up on my new LHG LTE-US router

Im using verizon , and have tried a few options

Any help would be fantastic

Stav

Stavman · January 12, 2021, 3:15pm

Bump

Anyone able to help? I work from home so going mobile with all this covid crap would be a great help for my family’s mental health

k6ccc · January 12, 2021, 3:18pm

How about asking a question. The subject is so vague, and other than that, you don’t tell us what you are trying to do, or what you need help with.

erlinden · January 12, 2021, 3:19pm

Can you please share the configuration (/export hide-sensitive file=anythingyoulike)?
What have you tried, what are you trying and what problems are you running into?

Stavman · January 13, 2021, 2:03pm

I’ll get it setup today and fun that report @erlinden

So far I’ve been reading up but cZnt find a difinitive solution to change the TTL

So hopefully you experts can guide me in the right direction

sindy · January 13, 2021, 3:46pm

Repeating @k6ccc’s question: what do you want to achieve, or what problem you are trying to address? This forum can answer you any question regarding Mikrotik configuration, but you haven’t asked a clear question yet.

Stavman · January 13, 2021, 3:52pm

Trying to adjust the TTL settings in the Mikrotik router to bypass the HOTSPOT data usage when my Verizon card is used on the dish

So I’m able to use unlimited data , as a phone does, and not use the hotspot data

Does that make sense??

sindy · January 13, 2021, 4:02pm

Now yes
I’ll comment in a while.

Stavman · January 13, 2021, 4:12pm

Thanks, I appreciate the help

sindy · January 13, 2021, 4:23pm

To manipulate TTL, you use an action=change-ttl rule in /ip firewall mangle.

The own traffic of the router should leave with TTL=255, but even that may not always be the case, so you need a mangle rule in chain postrouting which handles both the router’s own traffic (such as DNS) and the forwarded traffic from LAN.

/ip firewall mangle add chain=postrouting action=change-ttl new-ttl=set:255 ttl=greater-than:200 out-interface=your-lte-interface-name

In order that it worked, you must not use fasttracking (so disable the action=fasttrack-connection rule in /ip firewall filter if there is one) because one of the reasons why fasttracking speeds up packet processing is that it skips mangle rules.

If you happen to already have any other mangle rules in chain postrouting, first issue a command /ip firewall mangle print chain=postrouting where !dynamic, and only then issue the command above with additional parameters passthrough=yes place-before=0.

Whether this will help or not is a question, as the mobile operator may also check the IMEI of the equipment, not just the TTL, an even not accept connection to particular LTE bands for “wrong” IMEIs.

The additional condition (ttl=greater-than:200) is there to allow traceroute to work (using the hotspot data quota probably). If you’re never going to use traceroute, you may omit this condition.

Stavman · January 22, 2021, 5:53pm

I just set this up… I think…lol

did this in the terminal window
/ip firewall mangle add chain=postrouting action=change-ttl new-ttl=set:255 ttl=greater-than:200 out-interface=LTE1

seemed to accept it

How do I test it, verify that it took

Thanks all

Chris

sindy · January 22, 2021, 6:44pm

If it didn’t give any error message, the rule got accepted. A command /ip firewall mangle export will show you all the mangle rules. If there is just this single one, you’re good; if there are more, they may need to be modified/reordered. So if in doubt, post the output of /ip firewall mangle export here.

To check whether the rule is actually doing something, you have to run /tool sniffer quick interface=LTE1 for a short while (seconds), and then /tool sniffer packet print detail where protocol=ip will show you that packets have been really stored, and /tool sniffer packet print detail where protocol=ip ttl<255 src-address~“the.address.assigned.to.lte” will show you whether the rule does its job - if it does, the output of this command will be empty.

Stavman · January 22, 2021, 8:07pm

Thanks Sindy

It did take

Im actually running the Router/Dish now and monitoring the VERIZON data usage on the website to see if its loggin as DATA or HOTSPOT

Ill post back with what I find out

Thanks everyone who helped on here… Much Love

Stavman · January 23, 2021, 1:34am

Didn’t work

Still showing as HOTSPOT data usage on Verizon account

Any ideas why

Probably need to post some reports. Let me know what I should try

Thank again

Chris

Stavman · January 24, 2021, 1:08am

so got it to work

was actually pretty easy once i learned a bit from everyone here

So easy explanation

Firewall and Mangle

Plus Sign Add New Mangle Rule
General Tab… Chain-- postrouting…
Out. Interface LTE1

Action Tab
Action-- Change TTL
New TTL — 65

Click apply

I ran it for about 3hrs… Used 6.5G of data, none as HOTSPOT

Thanks again to everyone who helped, especially Sindy… Much Love

alushchykau · August 22, 2021, 8:38pm

What about the Passthrough option in the Action tab, by default, it’s marked?

Stavman · June 16, 2022, 4:51pm

So with the above setup..been having issues with upload speed

Phone will get 4g upto 15g upload, but Sim Card in the Mikrotik dish I’ll get less than one

Any ideas

Znevna · June 17, 2022, 6:02am

One year later and you still ask vague questions with vague descriptions of the problem.
Try again.

rextended · June 17, 2022, 9:29am

Stavman, your problem now is different, open another topic with adequate title and a detailed description of devices and configuration.