I have a Linux PC has two NICs:
1st name is ens192, ip is 192.168.0.2/24 gw is 192.168.0.1 also default route, major NIC
2nd name is ens256, ip is 192.168.1.50/24 gw is 192.168.1.1, and with follow policy routing commands:
ip route add default via 192.168.1.1 dev ens256 table 1000
ip rule add from 192.168.1.50 table 1000
NOW, everyone connects(PING) 192.168.1.50 is OK, below is from 192.168.4.2 (I have a 192.168.0.0/16 network in router and 192.168.xxx.1 is default gw for each subnet)
PING 192.168.1.50 (192.168.1.50) 56(84) bytes of data.
64 bytes from 192.168.1.50: icmp_seq=1 ttl=63 time=0.560 ms
64 bytes from 192.168.1.50: icmp_seq=2 ttl=63 time=0.517 ms
64 bytes from 192.168.1.50: icmp_seq=3 ttl=63 time=0.678 ms
--- 192.168.1.50 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2050ms
rtt min/avg/max/mdev = 0.517/0.585/0.678/0.068 ms
ttl=63 is expected.
THE PROBLEM IS: In same subnet 192.168.1.0/24, a pc ip is 192.168.1.70 ping 192.168.1.50 got wrong ttl value, see output:
$ ping 192.168.1.50 -c 3
PING 192.168.1.50 (192.168.1.50): 56 data bytes
64 bytes from 192.168.1.50: seq=0 ttl=63 time=0.619 ms
64 bytes from 192.168.1.50: seq=1 ttl=63 time=0.512 ms
64 bytes from 192.168.1.50: seq=2 ttl=63 time=0.593 ms
--- 192.168.1.50 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.512/0.574/0.619 ms
ttl=64 is expected, but got 63!!!
I got pcap in wireshark:
192.168.1.70 -> 192.168.1.50
192.168.1.50 -> 192.168.1.70
We can see PC 1.50 reply ICMP to gw
My question is: how to correct the ttl in same subnet? someone help???
