The objective of this document is to help configure the Martian Addresses on SFE/SGE managed switches. These settings help in removing IP packets from invalid IP addresses. Martian addresses are host or network addresses about which all routing information is ignored.
• SFE/SGE Managed Switches Series
• v3.0.2.0
Step 1. Log in to the web configuration utility and choose Security Suite > DoS Prevention > Martian Addresses. The Martian Addresses page opens:
Step 2. In the Include Reserved Martian Addresses field, check the Include Reserved Martian Addresses check box to included the following IP addresses:
• 0.0.0.0/8 (except 0.0.0.0/32) — Addresses that are in this category are the source hosts on this network.
•127.0.0.0/8 — This address is used as a host loop back address.
• 192.0.2.0/24 — This address is used as the TEST-NET in documentation and example codes.
• 224.0.0.0/4 — This address is used in IPv4 multicast address assignments.
• 240.0.0.0/4 (except 255.255.255.255/32) — This is a reserved address range which is also known as Class E address space.
The Martian Addresses Table is displayed:
• IP Address — The IP address for which DoS attack is enabled is shown.
• Mask — The mask for which DoS attack is enabled is shown.
Step 3. (Optional) To delete a martian address from the table check the corresponding check box and then click Delete.
Step 4. Click Add to add a new Martian Address.The window to add a new Martian Address opens:
The Supported IP Format field displays that only Version 4 is supported.
Step 5. In the IP Address field, Click the radio button for the drop down list to choose an existing IP address or click the New IP Address radio button to add a new IP address.
Note: If you choose New IP Address in Step 5 then proceed with Step 6 else skip to Step 8.
Step 6. In the Mask field, enter the mask for which DoS attack should be enabled.
Step 7. In the Prefix Length field, enter the IP route prefix for the destination IP.
Note: Follow either one of Step 6 or Step 7.
Step 8. Click Apply.
Caution: This only saves your configuration to the running configuration file. This means any changes made will be lost if the device is rebooted. If you wish to save these changes even after a system reboot, you need to copy the running configuration file to the startup configuration file. See Copy Configuration File on SFE/SGE Series Managed Switches for more information on how to do this