Editing Martian packet

{{Short description|IP packet on the public internet}}
A '''Martian packet''' is an [[Internet Protocol|IP]] [[Packet (information technology)|packet]] seen on the [[public Internet]] that contains a source or destination address that is [[Reserved IP addresses|reserved for special use]] by the [[Internet Assigned Numbers Authority]] (IANA) as defined in {{IETF RFC|1812}}, Appendix B Glossary (Martian Address Filtering). On the public Internet, such a packet either has a [[IP address spoofing|spoofed]] source address, and it cannot actually originate as claimed, or the packet cannot be delivered.<ref name=":0">{{Cite ietf |rfc=1812 |title=Requirements for IP Version 4 Routers |last=Baker |date=June 1995 |first=F. |access-date=2021-08-18}}</ref> The requirement to filter these packets (i.e. not forward them) is found in {{IETF RFC|1812}}, Section 5.3.7 (Martian Address Filtering).

Martian packets commonly arise from [[IP address spoofing]] in [[denial-of-service attack]]s,<ref name=RFC3704>{{cite ietf |rfc=3704 |title=Ingress Filtering for Multihomed Networks |first1=F. |last1=Baker |first2=P. |last2=Savola |bcp=84 |date=March 2004 |access-date=2021-08-18}}</ref> but can also arise from network equipment malfunction or misconfiguration of a [[Host (network)|host]].<ref name=":0" />

In [[Linux]] terminology, a Martian packet is an IP packet received by the kernel on a specific interface, while routing tables indicate that the source IP is expected on another interface.<ref>{{cite web |url=https://www.suse.com/support/kb/doc/?id=000016540 |title=Martian sources errors showing in messages log |access-date=2022-07-02}}</ref><ref>{{cite web |url=https://support.hpe.com/hpesc/public/docDisplay?docId=c02191085&docLocale=en_US |title=Red Hat Enterprise Linux 5.2 - Kernel: Martian Source Messages |access-date=2022-07-02}}</ref>

The name is derived from ''packet from Mars'', meaning that packet seems to be not of this Earth.<ref>{{cite web |url=http://www.catb.org/jargon/html/M/martian.html |title=Jargon File: martian |access-date=2010-12-25 |archive-date=2010-12-17 |archive-url=https://web.archive.org/web/20101217025706/http://catb.org/jargon/html/M/martian.html |url-status=live }}</ref>

==IPv4 and IPv6==
In both [[IPv4]] and [[IPv6]], a Martian packet has a source address, a destination address, or both within one of the special-use ranges.<ref name=rfc6890>{{Cite IETF|rfc=6890|title=Special-Purpose IP Address Registries|author1=M. Cotton|author2=L. Vegoda|author3=B. Haberman|editor=R. Bonica|date=April 2013|publisher=[[IETF]]}} Updated by {{IETF RFC|8190}}.</ref>

==Transition mechanisms==
===6to4===
[[6to4]] is an [[IPv6 transition mechanism|IPv6 transition technology]] where the IPv6 address encodes the originating IPv4 address such that every IPv4 {{IPaddr||32}} has a corresponding, unique IPv6 {{IPaddr||48}} prefix.  Because 6to4 relays use the encoded value for determining the end site of the 6to4 tunnel, 6to4 addresses corresponding to IPv4 Martians are not routable and should never appear on the public Internet.

===Teredo tunneling===
[[Teredo tunneling|Teredo]] is another [[IPv6 transition mechanism|IPv6 transition technology]] that encodes the originating IPv4 address in the IPv6 address. However, the [[Teredo tunneling#IPv6 addressing|encoding format]] encodes the Teredo server address and tunnel information before the IPv4 client address.  Thus there is no definable set of prefixes more specific than {{IPaddr|2001:0::|32}} for Teredo packets with Martian end-site addresses. It is, however, possible to spoof Teredo packets with the Teredo server IPv4 address set to a Martian.

== Implementation ==
Some of the large router have functionality to filter out specifically for Martian Filtering packet and address.

* [[Junos OS|Juniper Junos OS]]  has {{Code|martians}}.<ref>{{Cite web |title=Recognize Martian Addresses for Routing {{!}} Junos OS {{!}} Juniper Networks |url=https://www.juniper.net/documentation/us/en/software/junos/static-routing/topics/topic-map/recognize-martian-addr-routing.html |access-date=2024-06-04 |website=www.juniper.net}}</ref> 
* [[Cisco IOS]] does not have Martian Filtering, and uses {{Code|ip access-list}}<ref>{{Cite web |date=2010-06-24 |title=Bogon and Martian blocking on L3 Switch |url=https://community.cisco.com/t5/switching/bogon-and-martian-blocking-on-l3-switch/td-p/1484828 |access-date=2024-06-04 |website=community.cisco.com |language=en}}</ref>
* Cisco Small Business  has {{Code|Martian Addresses}}<ref>{{Cite web |title=Denial of Service (DoS) Martian Address Configuration on 300 Series Managed Switches |url=https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb4167-denial-of-service-dos-martian-address-configuration-on-300-s.html |access-date=2024-06-04 |website=Cisco |language=en}}</ref>

==See also==

* [[Bogon filtering]]
* [[Christmas tree packet]]
* [[Broadcast storm]]

== References ==
{{Reflist}}

{{DEFAULTSORT:Martian Packet}}
[[Category:Packets (information technology)]]
[[Category:Denial-of-service attacks]]
[[Category:IP addresses]]