Defining Martian Addresses
The Martian Addresses page enables entering IP addresses that indicate an attack if they are seen on the network. Packets from these addresses are discarded.
The switch supports a set of reserved Martian addresses that are illegal from the point of view of the IP protocol. The supported reserved Martian addresses are:
- Addresses defined to be illegal in the Martian Addresses page.
- Addresses that are illegal from the point of view of the protocol, such as loopback addresses, including addresses within the following ranges:
- 0.0.0.0/8 (Except 0.0.0.0/32 as a Source Address)--Addresses in this block refer to source hosts on this network.
- 127.0.0.0/8--Used as the Internet host loopback address.
- 192.0.2.0/24--Used as the TEST-NET in documentation and example codes.
- 224.0.0.0/4 (As a Source IP Address)--Used in IPv4 Multicast address assignments, and was formerly known as Class D Address Space.
- 240.0.0.0/4 (Except 255.255.255.255/32 as a Destination Address)--Reserved address range, and was formerly known as Class E Address Space.
You can also add new Martian Addresses for DoS prevention. Packets that have a Martian addresses are discarded.
To define Martian addresses:
- Click Security > Denial of Service Prevention > Martian Addresses. The Martian Addresses page displays.
- Select Reserved Martian Addresses and click Apply to include the reserved Martian Addresses in the System Level Prevention list.
- To add a Martian address click Add. The Add Martian Addresses page displays.
- Enter the parameters.
- Click Apply. The Martian addresses are defined, and the Running Configuration file is updated.