Teredo is an IPv6 transition technology that provides address assignment and host-to-host automatic tunneling for unicast IPv6 traffic when IPv6/IPv4 hosts are located behind one or multiple IPv4 network address translators (NATs). To traverse IPv4 NATs, IPv6 packets are sent as IPv4-based User Datagram Protocol (UDP) messages.
Disable and enable Teredo using the command line
netsh int ipv6 isatap set state disabled
netsh int ipv6 6to4 set state disabled
netsh interface teredo set state disable
netsh int ipv6 set teredo client
netsh interface teredo set state client
check status
netsh Int teredo show stat
The package exchange process, useful when troubleshooting
- Initial configuration for Teredo clients
- Maintaining the NAT mapping
- Initial communication between Teredo clients on the same link
- Initial communication between Teredo clients in different sites
- Initial communication from a Teredo client to a Teredo host-specific relay
- Initial communication from a Teredo host-specific relay to a Teredo client
- Initial communication from a Teredo client to an IPv6-only host
- Initial communication from an IPv6-only host to a Teredo client
General Information
Teredo is an address assignment and automatic tunneling technology that provides unicast IPv6 connectivity across the IPv4 Internet. 6to4 is another automatic tunneling technology that provides unicast IPv6 connectivity across the IPv4 Internet. However, 6to4 works well when a 6to4 router exists at the edge of the site. The 6to4 router uses a public IPv4 address to construct the 6to4 prefix and acts as an IPv6 advertising and forwarding router. The 6to4 router encapsulates and decapsulates IPv6 traffic sent to and from site nodes.
6to4 relies on the configuration of a public IPv4 address and the implementation of 6to4 routing functionality in the edge device. Many small office/home office (SOHO) configurations use an IPv4 network address translator (NAT) for Internet connectivity. For more information about how network address translation works, see “Overview of Network Address Translators (NATs)” in this article. In most NAT configurations, the device providing NAT functionality is not capable of acting as a 6to4 router. Even if 6to4 was universally supported in Internet edge devices, there are some Internet connectivity configurations that contain multiple levels of NATs. A 6to4-capable edge device cannot use 6to4 if it is not assigned a public IPv4 address.
Teredo solves the issues of the lack of 6to4 functionality in modern-day Internet edge devices and multi-layered NAT configurations by tunneling IPv6 packets between the hosts within the sites. In contrast, 6to4 tunnels IPv6 packets between the edge devices. Tunneling from the hosts presents another issue for NATs: IPv6 packets that are encapsulated with IPv4 have the Protocol field in the IPv4 header set to 41. Most NATs only translate TCP or UDP traffic and must either be manually configured to translate other protocols or have NAT editors installed that handle the translation. Because Protocol 41 translation is not a common feature of NATs, IPv4-encapsulated IPv6 traffic will not flow through typical NATs. Therefore, to allow IPv6 traffic to flow through one or multiple NATs, Teredo encapsulates the IPv6 packet as an IPv4 UDP message, containing both an IPv4 and UDP header. UDP messages can be translated universally by NATs and can traverse multiple layers of NATs.
To summarize, Teredo is an IPv6 transition technology that allows automatic IPv6 tunneling between hosts that are located across one or more IPv4 NATs. IPv6 traffic from Teredo hosts can flow across NATs because it is sent as an IPv4 UDP message. If the NAT supports UDP port translation, then the NAT supports Teredo. The exception is a symmetric NAT, which is described in “Types of NATs” in this article.
Teredo is designed as a last resort transition technology for IPv6 connectivity. If native IPv6, 6to4, or Intrasite Automatic Tunnel Addressing Protocol (ISATAP) connectivity is present, the host does not act as a Teredo client. As more IPv4 edge devices are upgraded to support 6to4 and IPv6 connectivity becomes ubiquitous, Teredo will be used less and less until finally it is not used at all.
Benefits of Using Teredo
Teredo is a NAT traversal technology for IPv6 traffic. IPv6 traffic tunneled using Teredo can cross one or multiple NATs and allow a Teredo client to access the hosts on the IPv6 Internet (through a Teredo relay) and other Teredo clients on the IPv4 Internet. The ability to connect to other Teredo clients that are connected to the IPv4 Internet enables communication between applications that would otherwise have problems communicating over a NAT. With Teredo, IPv6-enabled applications can successfully communicate more frequently over the IPv4 Internet than IPv4-only applications.
Some types of IPv4-only server or peer applications have problems communicating when running on a computer that is behind a NAT. For more information, see Problems with Using Network Address Translators. These types of applications either require manual configuration of the NAT (to allow unsolicited incoming traffic to the server or peer computer on the private network) or the application must provide its own solution for NAT traversal.
If the application is IPv6-capable, it can use Teredo. There is no need to either configure the NAT or modify the application to perform its own NAT traversal. Therefore, rather than spending development time modifying applications for a custom NAT traversal solution, application vendors should update their applications to be IPv6-capable. If the application is already IPv6-capable, it can use Teredo, the NAT traversal solution for Windows.
Notes
Fixing Broken IPv6
netsh interface ipv6 delete route ::/0 interface=14
netsh interface ipv6 add route ::/0 interface=14