Some protocols require that TTL is 1. This means that a conforming implementation, connected to properly functioning routers, never leaks packets onto the wider network (whether or not that is the Internet) regardless of router (mis) configuration because the router will reduce TTL to zero and discard the packet. It is fairly trivial for a knowledgeable attacker to spoof such packets if he can deliver them to your network.
Some protocols require that TTL is 255, because as observed here, packets which are somehow routed onto your network from elsewhere will not have this TTL value and so can be discarded. In this case attackers can't spoof you, but a lot of care is needed to ensure that no misconfigured router spills all the packets onto the Internet (or else, that when it does so no harm results)
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds