query about determining ingress interface
Rajesh Talpade
rrt at research.telcordia.com
Thu Jun 20 22:06:51 UTC 2002
"--- begin message from Dylan Greene ---"
>
> On Thu, Jun 20, 2002 at 05:42:23PM -0400, Rajesh Talpade wrote:
>
> > Is there a way for an ISP to determine the ingress router interface at
> > its network border that will carry IP traffic _from_ an IP address not
> > owned by it?
> >
> > I don't want to assume the path is the same in both directions, and tools
> > such as CAIDA's skitter plot paths from specific sources. One approach
> > might be deriving network paths from CAIDA's data, perhaps someone has
> > already done this?
>
> Rajesh,
>
> Hi there..
>
> Are you asking to determine the interface that "will" or "is" passing said
> traffic?
the interface that "should be" passing the traffic.
in other words, given an IP address, i would like to know what interface
traffic from this address should enter my network.
i realize the interface may change over time, but can i at least know what
interface it is without using filters or logging mechanisms on the actual
routers? hence i was alluding to using existing data, such as bgp paths,
or caida's database.
thanks.
rajesh.
> I think it depends on what you're trying to do- Are you trying to track
> an individual src at one given point, or collect some stats/trends on where
> various srcs are entering your network?
>
> I.e, for an individual src/dst (maybe you're tracing a DoS, etc..) there are
> a number of ways to use filters and other mechanisms to log/count packets
> matching some known charachteristics (src/dst, length, etc..)
>
> There are various ways to do things like this, it depends on what exactly you're
> trying to track though.
>
> ..Dylan
>
More information about the NANOG
mailing list