"--- begin message from Dylan Greene ---"
On Thu, Jun 20, 2002 at 05:42:23PM -0400, Rajesh Talpade wrote:
Is there a way for an ISP to determine the ingress router interface at its network border that will carry IP traffic _from_ an IP address not owned by it?
I don't want to assume the path is the same in both directions, and tools such as CAIDA's skitter plot paths from specific sources. One approach might be deriving network paths from CAIDA's data, perhaps someone has already done this?
Rajesh,
Hi there..
Are you asking to determine the interface that "will" or "is" passing said traffic?
the interface that "should be" passing the traffic. in other words, given an IP address, i would like to know what interface traffic from this address should enter my network. i realize the interface may change over time, but can i at least know what interface it is without using filters or logging mechanisms on the actual routers? hence i was alluding to using existing data, such as bgp paths, or caida's database. thanks. rajesh.
I think it depends on what you're trying to do- Are you trying to track an individual src at one given point, or collect some stats/trends on where various srcs are entering your network?
I.e, for an individual src/dst (maybe you're tracing a DoS, etc..) there are a number of ways to use filters and other mechanisms to log/count packets matching some known charachteristics (src/dst, length, etc..)
There are various ways to do things like this, it depends on what exactly you're trying to track though.
..Dylan