It's not correct that the modern Linux kernel refuses to forward packets with a source address in 0.0.0.0/8. The only address that it refuses to forward this way is 0.0.0.0/32.
I just got a patch into the ip(7) man page that describes this
(I'm working on a project that aims to make these addresses potentially useful for numbering Internet hosts in the future, as part of which Dave Taht's patch linked above was written, so I follow this very closely!)
Separately, you need to be able to process a 0.0.0.0/32 source address on external interfaces (though not to forward it) in order to be able to implement a DHCP server, as that's the source address used by DHCP clients. (edit: another commenter pointed out that this commonly uses raw sockets so it doesn't necessarily require any explicit kernel support)
If we (for an expansive sense of "we") had kept it up more actively, we would already have had 15 years of progress on updating implementations and evolving people's expectations. That wouldn't have been a super-fast change, necessarily.
We (for a narrow sense of "we") think it's pretty likely that people will still be interested in having more IPv4 space in 15 years from now, so it's too bad that progress is (somewhat) stalled on this (with most Unix-like systems allowing it, and Windows not allowing it, and dedicated routers from before about 2013-2016 often not allowing it).
¹ the specific project I'm working on, started by John Gilmore, didn't exist yet at that time, but is trying to revive/continue this idea
Fair enough, but that more or less emphasizes my point: if it wasn't done by 2010 or so that means that a ton of IoT hardware has now shipped that may never see updates and that would possibly end up failing when presented with such a departure from what the expected behavior was at the time the hardware was shipped. You change old established standards at your peril, especially how IPV4 is routed and which ranges are reserved. There are quite a few things that retrospectively could have been handled better and a large number of huge ranges got handed out like candy back in the day. Some of those have been reclaimed and some still remain. It may be easier and with less chance of breaking stuff if those ranges were reclaimed more aggressively.
A martian is a packet that has a source address in a network for which the interface it's arriving on isn't configured. They're not restricted to 0/8; they can have just about any source address.
> The best way to fix this issue is to change Netflow / IPFIX / sFlow agent configuration on device to use another legitimate IP address instead of 0.0.0.0.
Um, yes. 0.0.0.0 looks like a really bad choice of source address.
"martian" isn't an official term from the RFCs, and is terrible usage. If linux is not running on mars at the moment (perhaps in the Chinese rover?) it surely will be in the not too distant future. And a router in orbit may need to distinguish between martian and terrestrial traffic.
Which the code can easily do of course, but a foolish name like this could confuse someone debugging code during development, or worse while debugging a communication problem in process far away.
Martian is an official term from the RFC's, though? It's mentioned in section 5.3.7 of RFC 1812 from 1995. That happens to be the exact section of the exact RFC with the recommendation whose kernel implementation is shown in the article. It seems to be fairly established terminology, having sat in that RFC for the last 28 years.
Darn, it's still a short-sighted choice. Even "interstellar" would be good for another 75 years or so ( https://i4is.org/what-we-do/technical/project-dragonfly/ ), though "intergalactic" would be better, even if ipv6 were used.
sysctl is kernel parameters though, right? I just can't imagine being confused by that, it's too divorced from anything that would care what planet it's on.
It relies on the page Reserved_IP_addresses, implying that a martian is a packet with a source address within certain ranges. In fact a martian is a packet with a source address for which the receiving interface isn't configured; any address could be a martian, depending on how the interface is set up.
I don't think I've ever seen the specific form "Martian traffic", but "packet from Mars" or "Martian packet" is an established idiom for packets arriving on "impossible" interfaces (e.g. a packet from 192.168.x.x arriving on a publicly routed interface).
If one reads RFC 1812, one finds that it does not exactly define the term. It uses it in a heading but doesn't use it in a way that agrees with its later definition of "martian", since its explanation of "martian address filtering" encompasses traffic that is not "martian" per its own glossary.
A contemporary definition that is not self-contradictory is in Eric S. Raymond's New Hacker's Dictionary, published four years earlier; but which isn't what RFC 1812 says either, however.
So whilst the people who weren't alive in the 1990s are wrong to be hung up on the "I thought it meant 'from Mars'." confusion, since the saddening reality of 2023 is that we're no nearer to that being a realistic source of confusion than we were in 1991; the obverse of the coin is that, like much of the Jargon File, it's woolly slang set over-hard into stone by Eric S. Raymond and a document from Cisco that it is unwise to rely upon for strict technical meaning.
> So whilst the people who weren't alive in the 1990s are wrong to be hung up on the "I thought it meant 'from Mars'." confusion, since the saddening reality of 2023 is that we're no nearer to that being a realistic source of confusion than we were in 1991;
There’s a Mars Fleet of about 11 operational spacecraft and robotic landers/rovers/etc on or around Mars right now, and in fact the robotic helicopter, Ingenuity, runs Linux. I legitimately thought it was related to those. There were no operational missions at Mars in 1991.
"Runs Linux" is superficial thinking, though. ("Runs Linux" doesn't equate to "uses the Internet Protocol".) There is no more Internet Protocol connectivity to Mars in 2023 than there was in 1991. There is no realistic prospect of this being a possible source of confusion now, in the near future, or possibly ever at the current rate.
I just got a patch into the ip(7) man page that describes this
https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/...
although there hasn't been a man-pages release since then, so you probably can't see this on your own system yet.
The original change (included in Linux 5.3) is
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...
(I'm working on a project that aims to make these addresses potentially useful for numbering Internet hosts in the future, as part of which Dave Taht's patch linked above was written, so I follow this very closely!)
Separately, you need to be able to process a 0.0.0.0/32 source address on external interfaces (though not to forward it) in order to be able to implement a DHCP server, as that's the source address used by DHCP clients. (edit: another commenter pointed out that this commonly uses raw sockets so it doesn't necessarily require any explicit kernel support)