Martian packet

From Infogalactic: the planetary knowledge core
Jump to: navigation, search

A Martian packet is an IP packet which specifies a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA). If seen on the public internet, these packets cannot actually originate as claimed, or be delivered.[1] However, certain reserved addresses can be routed using multicast, or on private networks, local links, or loopback interfaces, depending on which special-use range they fall within.[2]

Martian packets commonly arise from IP address spoofing in denial-of-service attacks,[3] but can also arise from network equipment malfunction or misconfiguration of a host.[1]

The name is derived from packet from Mars, a place from which packets clearly can not originate.[4]

IPv4

Martians include bogons and packets with source or destination addresses within special-use ranges:[2]

Address Block Present Use
0.0.0.0/8 "This" network[5]
10.0.0.0/8 Private-use networks[6]
100.64.0.0/10 Carrier-grade NAT[7]
127.0.0.0/8 Loopback[5]
127.0.53.53 Name Collision Occurrence (listing in server logs denotes a collision in DNS.) [8]
169.254.0.0/16 Link local[9]
172.16.0.0/12 Private-use networks[6]
192.0.0.0/24 IETF protocol assignments[10]
192.0.2.0/24 TEST-NET-1[11]
192.168.0.0/16 Private-use networks[6]
198.18.0.0/15 Network interconnect device benchmark testing[12]
198.51.100.0/24 TEST-NET-2[11]
203.0.113.0/24 TEST-NET-3[11]
224.0.0.0/4 Multicast[13]
240.0.0.0/4 Reserved for future use[5]
255.255.255.255/32 Limited broadcast[14][15]

IPv6

Martian IPv6 packets include bogons and those having source or destination addresses with the following special-use prefixes:[16]

Address Block Present Use
::/128 Node-scope unicast unspecified address[17]
::1/128 Node-scope unicast loopback address[17]
::ffff:0:0/96 IPv4-mapped addresses[17]
::/96 IPv4-compatible addresses[17]
100::/64 Remotely Triggered Black Hole addresses[18]
2001:10::/28 Overlay Routable Cryptographic Hash IDentifiers (ORCHID)[19]
2001:db8::/32 Documentation prefix[20]
fc00::/7 Unique local addresses (ULA)[21]
fe80::/10 Link-local unicast[17]
fec0::/10 Site-local unicast (deprecated)[22]
ff00::/8 Multicast[17] (Note: ff0e:/16 is global scope and may appear on the global internet.)

6to4 is an IPv6 transition technology where the IPv6 address encodes the originating IPv4 address such that every IPv4 /32 has a corresponding, unique IPv6 /48 prefix. Because 6to4 relays use the encoded value for determining the end site of the 6to4 tunnel, 6to4 addresses corresponding to IPv4 martians are not routable and should never appear on the public internet. The 6to4 martians are as follows:

IPv4 Martian 6to4 Prefix
0.0.0.0/8 2002::/24
10.0.0.0/8 2002:a00::/24
127.0.0.0/8 2002:7f00::/24
169.254.0.0/16 2002:a9fe::/32
172.16.0.0/12 2002:ac10::/28
192.0.0.0/24 2002:c000::/40
192.0.2.0/24 2002:c000:200::/40
192.168.0.0/16 2002:c0a8::/32
198.18.0.0/15 2002:c612::/31
198.51.100.0/24 2002:c633:6400::/40
203.0.113.0/24 2002:cb00:7100::/40
224.0.0.0/4 2002:e000::/20
240.0.0.0/4 2002:f000::/20
255.255.255.255/32 2002:ffff:ffff::/48

Teredo is another IPv6 transition technology that encodes the originating IPv4 address in the IPv6 address. However, the encoding format encodes the Teredo server address and tunnel information before the IPv4 client address. Thus there is no definable set of prefixes more specific than 2001:0::/32 for Teredo packets with martian end-site addresses. It is, however, possible to spoof Teredo packets with the Teredo server IPv4 address set to a martian. The list of martian Teredo server address prefixes is as follows:

IPv4 Martian Teredo Server Address Prefix
0.0.0.0/8 2001::/40
10.0.0.0/8 2001:0:a00::/40
127.0.0.0/8 2001:0:7f00::/40
169.254.0.0/16 2001:0:a9fe::/48
172.16.0.0/12 2001:0:ac10::/44
192.0.0.0/24 2001:0:c000::/56
192.0.2.0/24 2001:0:c000:200::/56
192.168.0.0/16 2001:0:c0a8::/48
198.18.0.0/15 2001:0:c612::/47
198.51.100.0/24 2001:0:c633:6400::/56
203.0.113.0/24 2001:0:cb00:7100::/56
224.0.0.0/4 2001:0:e000::/36
240.0.0.0/4 2001:0:f000::/36
255.255.255.255/32 2001:0:ffff:ffff::/64

See also

References

  1. 1.0 1.1 RFC 1812 - Requirements for IP Version 4 Routers
  2. 2.0 2.1 RFC 6890 - Special Use IPv4 Addresses
  3. RFC 3704 - Ingress Filtering for Multihomed Networks
  4. Lua error in package.lua at line 80: module 'strict' not found.
  5. 5.0 5.1 5.2 RFC 1122 - Requirements for Internet Hosts
  6. 6.0 6.1 6.2 RFC 1918 - Address Allocation for Private Internets
  7. RFC 6598 - IANA-Reserved IPv4 Prefix for Shared Address Space
  8. https://www.icann.org/news/announcement-2-2014-08-01-en
  9. RFC 3927 - Dynamic Configuration of IPv4 Link-Local Addresses
  10. RFC 5736 - IANA IPv4 Special Purpose Address Registry
  11. 11.0 11.1 11.2 RFC 5737 - IPv4 Address Blocks Reserved for Documentation
  12. RFC 2544 - Benchmarking Methodology for Network Interconnect Devices
  13. RFC 3171 - IANA Guidelines for IPv4 Multicast Address Assignments
  14. RFC 919 - Broadcasting Internet Datagrams
  15. RFC 922 - Broadcasting Internet Datagrams in the Presence of Subnets
  16. RFC 5156 - Special-Use IPv6 Addresses
  17. 17.0 17.1 17.2 17.3 17.4 17.5 RFC 4291 - IP Version 6 Addressing Architecture
  18. RFC 6666 - A Discard Prefix for IPv6
  19. RFC 4843 - An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)
  20. RFC 3849 - IPv6 Address Prefix Reserved for Documentation
  21. RFC 4193 - Unique Local IPv6 Unicast Addresses
  22. RFC 3879 - Deprecating Site Local Addresses