One thing comes to mind - DHCP (automatic IP address allocation).
In a nutshell, 0.0.0.0 means “any address”.
The IP address 0.0.0.0 is used during the initialization of any network interface that is set to acquire it’s address from a DHCP server. When a NIC is initializing, it sends a DHCPDISCOVER message using the address 0.0.0.0 with a port of UDP67. It uses this address as the NIC has no idea what subnet is should be on, so it sends the request to all addresses.
If a DHCP server is contacted, it replies with a DHCPOFFER message. If more than one DHCP server is contacted, they will all respond with their own DHCPOFFER message. When the DHCPOFFER message is received, the client responds with a DHCPREQUEST message. If the client receives more than one DHCPOFFER message, it will choose one of these. The clients DHCPREQUEST is also sent as a broadcast message using the address 0.0.0.0 but it sets the “Server Identifier” option field with the DHCP servers IP address (which serves to let the other DHCP servers that may have responded that the client has chosen a specific server and to drop currrent DHCP operations for this client).
To test if this is the cause, try setting your network adaptor to a static address (rather than DHCP), reboot and then check if the 0.0.0.0 traffic ends or changes.
As I said, this is the first thing that popped into my head.
Hope this helps,
Ewen