So you’ve installed Windows Vista and you’ve run ‘ipconfig /all’ from the command prompt. You might have noticed a few extra interfaces, but not really understand what they are. You trust Microsoft to be secure-by-default, so you forget about them.
![clip_image001[1]_thumb[3]](http://www.holliday.com.au/resource/WindowsLiveWriter/TeredoTunnelingPseudoInterfaceandIPv6_12CF5/clip_image001%5B1%5D_thumb%5B3%5D.png?fileId=1035461)
If your brain works anything like mine, the word ‘Teredo’ will stand out as a keyword to search on and you’ll eventually get to these two articles:
- http://en.wikipedia.org/wiki/Teredo_tunneling
- http://www.microsoft.com/technet/network/ipv6/teredo.mspx
Teredo is a networking protocol designed by Microsoft that allows clients on an IPv4 network behind a NAT router to access the IPv6 Internet.
IPv4 Network Address Translation (NAT)
First an explanation of how most home users, small offices and increasingly more business access the Internet. Because the IPv4 address space is running out, NAT has taken off as a mechanism for multiple clients sharing the same Internet connection and public IP address.
In this diagram, the NAT router uses a single IPv4 public IP address and ‘translates’ it to a private IP address for the client. The way it does this is by watching all the traffic that the client is sending out to the Internet.
e.g. A web request to microsoft.com would look like this to the NAT router:
Source IP: 192.168.0.50
Source port: 1024
Destination IP: 207.46.192.254
Destination port: 80
But obviously, when microsoft.com receives this request and tries to send a response back – it won’t know how to connect to 192.168.0.50, because this is a private IP address.
What NAT does is changes the Source IP/Port before sending the request off and keeps the request in a ‘translation table’. So the request becomes:
Source IP: 203.219.21.70
Source port: 60101
Destination IP: 207.46.192.254
Destination port: 80
Then when microsoft.com receives this modified request, it sends a response back to the NAT router. The NAT router then looks in it’s translation table and sees that it IS expecting a response back. It modifies the destination IP and port and passes it back to the client:
Source IP: 207.46.192.254
Source port: 80
Destination IP: 192.168.0.50
Destination port: 1024
Teredo
Teredo is enabled by default in Windows Vista.
Teredo is an IPv6 transition technology that allows automatic IPv6 tunneling between hosts that are located across one or more IPv4 NATs. IPv6 traffic from Teredo hosts can flow across NATs because it is sent as an IPv4 UDP message. If the NAT supports UDP port translation, then the NAT supports Teredo. The exception is a symmetric NAT, which is described in “Types of NATs” in this article.
Teredo is designed as a last resort transition technology for IPv6 connectivity. If native IPv6, 6to4, or Intrasite Automatic Tunnel Addressing Protocol (ISATAP) connectivity is present, the host does not act as a Teredo client. As more IPv4 edge devices are upgraded to support 6to4 and IPv6 connectivity becomes ubiquitous, Teredo will be used less and less until finally it is not used at all.
The Teredo Tunneling Pseudo-Interface attempts to auto-configure itself. When it does, it gets assigned an IPv6 IP address. This address will look something like this:
2001:0:4136:e38e:14e4:2ca1:3424:eab9
This may look like just a random number, but there’s lots of extra information encoded in here.
Teredo IPv6 addresses
Teredo Prefix
The first 32bits of a Teredo address are always:
2001::/32
Teredo Server IPv4 Address
This indicates the currently configured Teredo Server.
A Teredo server is an IPv6/IPv4 node that is connected to both the IPv4 Internet and the IPv6 Internet, supports a Teredo tunneling interface over which packets are received. The general role of the Teredo server is to assist in the address configuration of Teredo client and to facilitate the initial communication between Teredo clients and other Teredo clients or between Teredo clients and IPv6-only hosts. The Teredo server listens on UDP port 3544 for Teredo traffic.
By default in Windows Vista the Teredo server is configured as teredo.ipv6.microsoft.com
Resolving this address gives us 5 possible IP addresses.
Name: teredo.ipv6.microsoft.com
Addresses: 65.54.227.136, 65.54.227.138, 65.54.227.140, 65.54.227.142, 65.54.227.144
When we convert these IP addresses to their HEX equivalent, we end up with:
65.54.227.136 = 4136:e388
65.54.227.138 = 4136:e38a
65.54.227.140 = 4136:e38c
65.54.227.142 = 4136:e38e
65.54.227.144 = 4136:e390
If you need to change your Teredo server, you can do it by opening the command prompt as an administrator and running:
netsh interf7ace ipv6 set teredo servername=teredo.server.com
Teredo Flags
The next 16 bits for are reserved for Teredo flags.
The 16 bits within the Flags field for Windows Vista and Windows Server 2008-based Teredo clients consists of the following: CRAAAAUG AAAAAAAA.
- The C bit is for the Cone flag.
- The R bit is reserved for future use.
- The U bit is for the Universal/Local flag (set to 0).
- The G bit is Individual/Group flag (set to 0).
- The A bits are set to a 12-bit randomly generated number.
By using a random number for the A bits, a malicious user that has determined the rest of the Teredo address by capturing the initial configuration exchange of packets between the Teredo client and Teredo server will have to try up to 4,096 (212) different addresses to determine a Teredo client’s address during an address scan.
In my address, the Teredo flags are: 14e4
Converting 0×14e4 to binary, we get the following:
00010100 11100100
CRAAAAUG AAAAAAAA
Which means that the ‘Cone’, ‘Universal’ and ‘Group’ flags are not set. Yay!
Obscured External Port
The next 16 bits store an obscured version of the external UDP port corresponding to all Teredo traffic for this Teredo client.
Obscuring the external port prevents NATs from translating the external port within the payload of the packets that they are forwarding.
Obscured port: 2ca1
XOR with 0xFFFF = 0xD35E
0xD35E = UDP port 54110
Obscured External Address
The last 32 bits store an obscured version of the external IPv4 address corresponding to all Teredo traffic for this Teredo client. The unobscured IP address can be obtained by XORing with 0xFFFFFFFF and then converting the decimal result to dotted-decimal notation. This tool might help.
Obscured IP: 3424:eab9
XOR with 0xFFFFFFFF = 0xCBDB1546
0xCBDB15 46 = Decimal 3420132678
Converted to dotted-decimal notation: 203.219.21.70
But how do I access the IPv6 Internet with Teredo???
To actually access the IPv6 Internet with Teredo, you need a Teredo Relay. A Teredo Relay potentially requires a lot of network bandwidth.
While Microsoft has been operating a set of Teredo servers ever since the first Teredo pseudo-tunnel for Windows XP was released, it has never provided a Teredo relay service for the IPv6 Internet as a whole.
I have tried a few Teredo servers, but none of them seem to relay. This is something that I will continue exploring. I’m going to try and set up Miredo somewhere and see what I can learn.
15 Comments
Teredo Relays need to be set up close to IPv6 content (ie. websites). Running a Teredo Relay close to your client doesn’t help you at all. The relay you use depends on the content you access, and the relay is chosen by the return path from the content to you.
I seem to be having trouble with mine. When in device manager, it shows a problem, not sure what kind, just doesn’t respond. Right now I have it shut off. Any and all help would be nice.
Great explanation. You are the master.
Help… I have been trying to connect to a printer server at a specified IP address but this computer with this teredo does not let me. The other three computers in the network connect to IP fine. When I say error it stops and reboots the printer software.
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-01-66
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.102%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
I wish I would of found you first
WOW thnx from a newbie
Hi,
You can uninstall Teredo by opening the command prompt and typing:
IPv6 uninstall
You need to check whether you need Teredo, guess not.
Cheers
I have Vista premium 32 bit. Before I did a system recovery the 6to4 could not be started, thus Teredo tunneling was not enabled. After the system recovery both the 6to4 and the tunneling were enabled.
The main concern with Teredo is that it effectively piggybacks onto the IPv4 and the NAT doesn’t know it is there.
The concern obviously is with the security of Teredo tunneling. Not knowing what is passing back and forth through a Teredo tunnel draws concerns.
Since there really isn’t any extensive use of IPv6 (6to4) it probably is best to keep the Tererdo adapter and the protocol disabled.
i have problem with that i had code 10 and i dont know where to download tunmp.sys again
can u help me?
You are a Star … Man I wish I had seen this earlier but nonetheless Thanks a million mate
Cheers
Thanks. I’ve got all sorts of answers on the web. Finally someone who knows what they are talking about.
Confirms all the problems I had trying to get Teredo going through Microsoft’s servers. I finally went and got a tunnel through SIXXS (.net). Setting up the required software on Vista is a bit tricky (Vista’s IPv6 DNS lookup procedure is “broken” compared to XP), but at least it works!
I have a question. Is it a problem with a client using the Toredo Tunneling Pseudo Interface, wireless client workstations with hard-wire cat5 cable to printer from the data access router…rest of workstations wireless…any problems setting a static ip for the copier and printing to the device? Also, how to set up scanning to smb, scan to a local hard drive??
Thanks in advance,
Sherrie Lindstrom,
Application Specialist
Konica Minolta Business Solutions
HELLO GUYs ,
i hope may be some one can help me , which i despratly need
..
actually i can setup teredo client but what i cant do is that , i cant communicate to an IPv6-only node through teredo , because i need a relay for that and there are no relays set uped by microsoft at this point , so how can i communicate between Teredo client and IPv6-only node without relay or how to setup a relay.
thanx
What am I going to do with this!
Description
Windows was able to successfully install device driver software, but the driver software encountered a problem when it tried to run. The problem code is 10.
Problem signature
Problem Event Name: PnPDeviceProblemCode
Architecture: x86
Hardware Id: *TUNMP
Setup class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
PnP problem code: 0000000A
Driver name: tunmp.sys
Driver version: 6.0.6001.18000
Driver date: 01-21-2008
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 1033
Extra information about the problem
Bucket ID: 163684729
I have the same problem with this teredo. When I type ipv6 uninstall it says it is not reconized as a internal or external command please HELP!!!!!! thank you N B T