RT-AC68U Modify TTL to custom value

[jsdukeboy08]

Model:
RT-AC68U

Firmware:
384.10_2

Looking for a way to change the TTL value for all traffic that passes through the router to a custom value (65) so that I can set it up along with a mobile wired hotspot (netgear nighthawk M1). Trying to get this set up for my parents as they have no other internet options. Any help is appreciated

 

[ColinTaylor]

I believe there's an option in the router's menu to do that. Can't remember exactly where, try looking at WAN > Internet Connection.

 

[jsdukeboy08]

Thank you for the reply, I’ll give that a look later tonight and see if I can find what I’m looking for. I’ve already looked over the options quite a bit but hopefully I just missed it

 

[dave14305]

Thank you for the reply, I’ll give that a look later tonight and see if I can find what I’m looking for. I’ve already looked over the options quite a bit but hopefully I just missed it

At the bottom called “Spoof LAN TTL value”. It will overwrite outgoing packets’ TTL to the router default 64, making it look like there was no hop before hitting the ISP.

 

[dave14305]

There’s also support in the firmware but hidden in the GUI to fix incoming packets with TTL=1 and rewrite the TTL to 64. You would need to run a command in the SSH shell:

nvram set ttl_inc_enable=1
nvram commit
service restart_firewall

Depending on your situation, you have those two options.

 

[jsdukeboy08]

At the bottom called “Spoof LAN TTL value”. It will overwrite outgoing packets’ TTL to the router default 64, making it look like there was no hop before hitting the ISP.

Thank you for the replies, I have selected the spoof LAN TTL value but is there a way to increase that number to 65? The reason I am wanting to do this is because my parents will be using the nighthawk with a verizon sim card. I have read online that it is possible to get around their hotspot limitation by increasing the default TTL by +1, thus making the traffic look like cell phone data. So I think this means I will be needing to set all traffic TTL to 65, both incoming and outging, at least that is how I understand it.

 

[davidh44]

Thank you for the replies, I have selected the spoof LAN TTL value but is there a way to increase that number to 65? The reason I am wanting to do this is because my parents will be using the nighthawk with a verizon sim card. I have read online that it is possible to get around their hotspot limitation by increasing the default TTL by +1, thus making the traffic look like cell phone data. So I think this means I will be needing to set all traffic TTL to 65, both incoming and outging, at least that is how I understand it.

Any luck with this? I see that Merlin has added "Extend the TTL value" back into the latest version 384.12:
Re-added option to extend the WAN's TTL (from stock
firmware, was previously disabled as it used to
be broken)

 

[jsdukeboy08]

Any luck with this? I see that Merlin has added "Extend the TTL value" back into the latest version 384.12:
Re-added option to extend the WAN's TTL (from stock
firmware, was previously disabled as it used to
be broken)

I actually went another route and ended up getting everything set up with dd-wrt. I did however find this video I’ll link below that seems to do what I was wanting with Merlin. Hope it helps

 

[dave14305]

Any luck with this? I see that Merlin has added "Extend the TTL value" back into the latest version 384.12:
Re-added option to extend the WAN's TTL (from stock
firmware, was previously disabled as it used to
be broken)

That option will take any incoming packet from the WAN with TTL at 1 and increase it to 64. Spoof TTL will override outgoing packets to the WAN with 64, negating the natural TTL decrement that would happen at the router, so it hits the hotspot with a TTL of 64 instead of 63. Both together should work. No need for 65 IMO.

 

[davidh44]

I actually went another route and ended up getting everything set up with dd-wrt. I did however find this video I’ll link below that seems to do what I was wanting with Merlin. Hope it helps

Thank you! With DD-WRT, can you do the same thing through the GUI?

 

[davidh44]

That option will take any incoming packet from the WAN with TTL at 1 and increase it to 64. Spoof TTL will override outgoing packets to the WAN with 64, negating the natural TTL decrement that would happen at the router, so it hits the hotspot with a TTL of 64 instead of 63. Both together should work. No need for 65 IMO.

It seems for the purposes of fooling a hotspot, "Spoof TTL" should be all that's needed then?

 

[dave14305]

It seems for the purposes of fooling a hotspot, "Spoof TTL" should be all that's needed then?

Perhaps, unless the hotspot overrides the return traffic with a TTL of 1, but I have no experience using hotspots. I guess you'd know pretty quickly if your traffic is dying (TTL expired in transit).

 

[davidh44]

I actually went another route and ended up getting everything set up with dd-wrt. I did however find this video I’ll link below that seems to do what I was wanting with Merlin. Hope it helps

I did this today and it worked well, thanks for the link. The only glitch was that you actually have to reboot twice after formating the JFFS partition before it's usable.
The video recommends a TTL of 100 for Verizon Wireless hotspots, and I've even seen 117 used elsewhere. I had initially thought it had to be 65, but I guess it's 65 or higher.

 

[davidh44]

That option will take any incoming packet from the WAN with TTL at 1 and increase it to 64. Spoof TTL will override outgoing packets to the WAN with 64, negating the natural TTL decrement that would happen at the router, so it hits the hotspot with a TTL of 64 instead of 63. Both together should work. No need for 65 IMO.

Turns out those two settings on both the latest Asus and Merlin firmwares don't do anything to the TTL. TTL stayed exactly the same with the two settings enabled in different combinations. I had to do that custom script in the Youtube video to get TTL to actually change (while leaving those 2 settings disabled by default).

 

[Not1ofthepack]

Thank you for the replies, I have selected the spoof LAN TTL value but is there a way to increase that number to 65? The reason I am wanting to do this is because my parents will be using the nighthawk with a verizon sim card. I have read online that it is possible to get around their hotspot limitation by increasing the default TTL by +1, thus making the traffic look like cell phone data. So I think this means I will be needing to set all traffic TTL to 65, both incoming and outging, at least that is how I understand it.

Would you please explain how you did it with DD-WRT. I have been looking for this for a few days now.

 

[jsdukeboy08]

Would you please explain how you did it with DD-WRT. I have been looking for this for a few days now.

It has been a few months since I've done this and the router is out at my parents so I can't remember exactly all the steps or locations for dd-wrt but I made myself a note on what commands to execute in the event that something ever went wrong and I needed to head back out there and fix it. They are below and I hope they are helpful, I believe they need to be executed in administration>commands but I can't remember exactly.

Save under both Startup and Firewall and run nvram commit && reboot command after
iptables -t mangle -I POSTROUTING -o `get_wanface` -j TTL --ttl-set 65
iptables -t mangle -A PREROUTING -j TTL --ttl-set 65

Hope this helps