A Martian packet is an
IP packet seen on the
public Internet that contains a source or destination address that is
reserved for special use by the
Internet Assigned Numbers Authority
The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, Autonomous system (Internet), autonomous system number allocation, DNS root zone, root zone management in the Domain Name Syste ...
(IANA) as defined in , Appendix B Glossary (Martian Address Filtering). On the public Internet, such a packet either has a
spoofed source address, and it cannot actually originate as claimed, or the packet cannot be delivered.
The requirement to filter these packets (i.e. not forward them) is found in , Section 5.3.7 (Martian Address Filtering).
Martian packets commonly arise from
IP address spoofing in
denial-of-service attacks,
but can also arise from network equipment malfunction or misconfiguration of a
host.
In
Linux
Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...
terminology, a Martian packet is an IP packet received by the kernel on a specific interface, while routing tables indicate that the source IP is expected on another interface.
The name is derived from ''packet from Mars'', meaning that packet seems to be not of this Earth.
IPv4 and IPv6
In both
IPv4
Internet Protocol version 4 (IPv4) is the first version of the Internet Protocol (IP) as a standalone specification. It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. ...
and
IPv6
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...
, a Martian packet has a source address, a destination address, or both within one of the special-use ranges.
[ Updated by .]
Transition mechanisms
6to4
6to4 is an
IPv6 transition technology where the IPv6 address encodes the originating IPv4 address such that every IPv4 has a corresponding, unique IPv6 prefix. Because 6to4 relays use the encoded value for determining the end site of the 6to4 tunnel, 6to4 addresses corresponding to IPv4 Martians are not routable and should never appear on the public Internet.
Teredo tunneling
Teredo is another
IPv6 transition technology that encodes the originating IPv4 address in the IPv6 address. However, the
encoding format encodes the Teredo server address and tunnel information before the IPv4 client address. Thus there is no definable set of prefixes more specific than for Teredo packets with Martian end-site addresses. It is, however, possible to spoof Teredo packets with the Teredo server IPv4 address set to a Martian.
Implementation
Some of the large router have functionality to filter out specifically for Martian Filtering packet and address.
*
Juniper Junos OS has .
*
Cisco IOS does not have Martian Filtering, and uses
* Cisco Small Business has
See also
*
Bogon filtering
Bogon filtering is the practice of blocking packets known as bogons, which are ones sent to a computer network claiming to originate from invalid or bogus IP addresses, known as bogon addresses.
Etymology
The term ''bogon'' stems from hacker jarg ...
*
Christmas tree packet
*
Broadcast storm
References
{{DEFAULTSORT:Martian Packet
Packets (information technology)
Denial-of-service attacks
IP addresses