How do you change the TTL in macOS High Sierra?

networking macos macos-sierra macos-highsierra

33,550

Solution 1

The ways you gave are still honored.

What may have thrown you off is that ping reports the TTL of the ICMP echo reply received, which is controlled by the target host; that is, the machine that is responding to your ping. I do not think the ICMP echo (ping) protocol provides a way to influence what TTL the target host uses.

I verified this by running tcpdump and looking at what TTL was on my outgoing ICMP echo requests. Be sure to add at least one -v to tcpdump to see the TTLs.

sudo tcpdump -vi en0 icmp

Solution 2

Works for me on 10.15.2 (19C57) Catalina. -w is deprecated, and should be omitted.

sysctl net.inet.ip.ttl=65
net.inet.ip.ttl: 64 -> 65

ping localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.040 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=65 time=0.091 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=65 time=0.091 ms

Using a launch daemon to persist the setting after reboot: /Library/LaunchDaemons/com.gvalkov.ttl65.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.gvalkov.ttl65</string>
    <key>MachServices</key>
    <dict>
        <key>com.gvalkov.ttl65</key>
        <true/>
    </dict>
    <key>Program</key>
    <string>/usr/bin/sysctl</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/bin/sysctl</string>
        <string>net.inet.ip.ttl=65</string>
    </array>
    <key>UserName</key>
    <string>root</string>
    <key>GroupName</key>
    <string>wheel</string>
    <key>KeepAlive</key>
    <true/>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

Note: I hope I got the path to sysctl correctly! Please run which sysctl to obtain the actual path. I cannot currently check, because my MacBook Pro 2018 is being serviced again for swelling battery and stuck keys. :(

33,550

Brett

Updated on September 18, 2022

Comments

Brett almost 2 years
How do you change the TTL in macOS High Sierra?

In previous macOS versions, this could be done as follows...

Temporarily:
```
sudo sysctl -w net.inet.ip.ttl=65
```
Or permanently by creating or editing /etc/sysctl.conf to adding:
```
net.inet.ip.ttl=65
```
EDIT: Correction on testing the TTL

So if the TTL was previously set to 64 and I change it to 65, I should see a ping TTL increase by 1, however, in 10.13.5, this is not occurring.
- Admin almost 6 years
  
  Will it be applied to ipv6 protocol? Tried net.inet6.ip6.ttl=65 but get unknown oid error message from system.
- Admin about 4 years
  
  @basil, want to try net.inet6.ip6.hlim=65
Brett almost 6 years

My mistake on the interpretation of ping. Was about 6 months since I messed with this on an OS prior to High Sierra. So if I changed the TTL +1, for example from 64 to 65, I should see a ping TTL also increase by 1. Which I am not seeing in 10.13.5.
Spiff almost 6 years

@Brett I think you’re still misinterpreting the ping output. It has never shown you the TTL you’re sending on ICMP Echo Request packets you send. It shows you the TTL on the ICMP Echo Reply packets you receive, which have nothing to do with your local host’s TTL settings, and everything to do with the remote host’s TTL settings (minus the number of hops the replies took to get across the network to you). Prove this to yourself with tcpdump, or by pinging the TTL-adjusted Mac from another machine on your LAN (make your Mac the ping responder, not the ping requester).
Tyler A. over 4 years

How do you do it permanently?
George Valkov over 4 years

Use a launch daemon. I have extended my answer with a sample script.
Miguel Fernando Macías Macías about 3 years

On this system, the path for sysctl is /usr/sbin/sysctl.