Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Some mobile phone providers check the packet TTL to limit tethering.

Network packets commonly have start with default TTL values of 64, 128, or 255. Each hop in the network subtracts 1.

When phone connects direct to carrier (cell tower, I assume) the carrier will see TTL of 64.

A laptop tethered to a phone introduces a hop so laptop-to-phone TTL is 64, phone-to-carrier TTL is 63.

Carriers can then limit bandwidth if network packet that don't have a common TTL.

For `iptables` look at `--ttl-inc 1` (to add back the 1 so 63 => 64) or `--ttl-set 64`.

Alternatively, you set the tethered devices to use a TTL of 65, e.g. linux/mac `sysctl -w net.inet.ip.ttl=65`



Thank you for explaining this, I had always wondered how a carrier could tell a device was tethered if a router was not passing on tethered device details.


Another way to do it is to look for requests to domains that phones never access but desktops/laptops often do. Windows Update is the most common, but you could probably do apt package repositories or whatever.


If the hotspot is sourced from the phone, the phone tells the carrier


How do you figure out what detection method a carrier is using?


Make the TTL change , and see if traffic bw changes?


Thanks!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: