Service provider story about tracking down TCP RSTs

Timothy Manito tmanito at
Sun Sep 2 23:07:43 UTC 2018

I think it would be a good idea to repost this is


Sent from ProtonMail mobile

-------- Original Message --------
On Sep 2, 2018, 10:43 PM, Tarko Tikan wrote:

> hey,
>> But why did the TLS Hello has a TTL lower that the TCP Syn ?
>> Do you have any information on that ?
> Consumer CPEs are typically some BCM reference design where initial TCP
> handshake is handled by linux kernel and everything following (including
> NAT) is handled in SOC.
> I've seen those systems not decrement TTL at all, decrement TTL before
> checking if packet is destined to itself etc. This case is weird as
> typically the hardware part is faulty, not the kernel.
> --
> tarko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the NANOG mailing list