EN
CN
When using network tools such as ping or traceroute to test server performance, the terminal usually returns a TTL value. Some users think "this server is very close" when they see that the TTL is 50; when they see that the TTL is 200, they wonder if there is a problem. So, what does the TTL value mean? When testing a server, is the lower the TTL, the better?
TTL is a field in the IP protocol, and its full name is Time To Live (lifetime). It was originally designed to prevent data packets from being transmitted infinitely in the network due to routing errors or loop problems. TTL is an integer value. Every time it passes through a router (i.e. one hop), the value will be reduced by 1. When the TTL is reduced to 0, the data packet will be discarded and an ICMP timeout message will be returned to the sender.
TTL typical default value:
Operating systems will set an initial TTL when sending packets, and the default values of different systems are different. The default TTL value of Windows system is 128, the default TTL value of Linux system is 64, the default TTL value of macOS system is 64, and the default TTL value of Cisco device system is 255.
Therefore, TTL is not a "final" value, but a countdown. The TTL you see in ping or traceroute is usually the remaining TTL value when the data packet reaches your host. It cannot directly indicate the distance or quality, but it can be indirectly inferred from the number of path hops.
What does the TTL value represent?
1. TTL remaining value ≠ actual distance. Many people think that a low TTL value means "closer" and a high TTL means "farther". This understanding is not entirely correct.
For example: a server is a Linux system, and the default TTL is 64; you ping it and get TTL=48; then this means that the data packet has gone through about 64-48=16 network hops. But if you change to a Windows system host, the default TTL is 128, and ping gets 108, which also goes through 20 hops.
It can be seen that: TTL is a relative value reflecting the number of hops, not an absolute distance, and has no direct relationship with network performance.
2. The number of TTL hops is related to the complexity of the path. Generally speaking, the number of hops for communication within a local LAN may be 1; the number of hops for communication within the same city is generally 5-10; the number of hops for communication across provinces may be 10-15; for communication with overseas servers, there are usually 15-25 hops, or even more.
If you ping a US VPS and get TTL=45, it may mean that the default value is 64, which means that 19 hops have been passed. This number of hops is not abnormal, but is in line with the basic situation of cross-border access.
Common misunderstandings between TTL value and "good performance":
1. The lower the TTL value, the closer the distance? Wrong! Low TTL may be due to fewer path hops; the system default value is low; the intermediate router has been optimized; the firewall or network policy has rewritten the TTL value.
However: network latency is the key to determining distance; packet loss rate determines stability; bandwidth determines transmission capacity. TTL is an auxiliary reference and cannot be used to directly determine server quality.
2. TTL value can be forged or modified
In network policies, TTL can be changed manually. For example, some firewalls will set a fixed TTL, and some VPS providers will uniformly modify TTL; some intermediate nodes will tamper with TTL for privacy protection. Therefore, in servers with strong security or CDN layer front-end, TTL can hardly be used to judge the path or distance.
TTL is not a core indicator for evaluating servers. When testing servers, the lower the TTL, the better. The value of TTL is just a residual value of the number of hops. It does not determine the speed, bandwidth or performance of the server. What really determines the server experience are multiple factors such as network quality (delay, packet loss), server hardware configuration, and computer room routing optimization.
