I have been largely looking at packet captures for tcp streams. today I noticed that I was oddly getting icmp ttl exceeded messages back on the network from various devices on the path when I wasn't even pinging...
I have to admit parsing icmp is not in my skillset. Is there useful information in the icmp messages in this capture?
http://snapon.lab.bufferbloat.net/~d/ttl_exceeded.cap
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html