Networking/Computing Tips/Tricks

Rate this content:
5 of 5 - 2 votes
Thank you for rating this article.
Check out these additional IPv6 Resources:
Our IPv6 overview course at Udemy
Our IPv6 Custom Profiles for Wireshark
Our IPv6 classes at the Online School

Teredo Tunnels are a way to create a tunnel between two IPv6 end points (your computer and a web server) across the IPv4 network (your home or business and the Internet).  In Windows 7 (and I believe Vista as well) you do not have to worry about using this if your home or business does not yet support IPv6.  This should be alarming to all network administrators, because it probably means that people inside their network can tunnel out of their network flying through all firewalls!  The good news here is that Teredo tunnels are not "automatic"; in other words, Microsoft has configured the protocol stack so that no connection is attempted to the IPv6 DNS.  Teredo has been implemented as a "static" configuration, requiring us to statically configure the tunnel to specific destinations rather than simply use it in a web browser.

First, we need to examine the configuration of the system you are using.

  1. Since most of the steps require us to use the CMD Prompts in Administrator mode, begin by creating a shortcut to the CMD window on your desktop (right click on the desktop, select "New", select "Shortcut", enter "cmd" in the dialogue), then right click on that shortcut, and select "Run as Administrator".
  2. Enter "route print" at the command line.  It may scroll off the screen, but look for the "Teredo Tunneling Pseudo-Interface" at the top part of the output.  You can see below that mine was #29. routeprintcap
  3. Now, let's check the status of your Teredo Tunnel.  This is done using the "netsh" command (you can read more about netsh here).  At the command line, enter "netsh".
  4. You will be at the netsh prompt as shown.  Now enter "interface ipv6". Note the prompt changes.
  5. Now, lets display your ipv6 information.  At this new prompt enter "show interfaces".  Your output may differ, but you should see a couple of interesting things.  Note your matching interface number for the Teredo Tunnel (mine was 29), note the smaller minimum IPv6 MTU of 1280, and note that you may have a default 6TO4 adapter.  Also note the IPv6 loopback interface has a default MTU of 4 gigabytes!
  6. Now, let's examine the status of the Teredo Tunnel.  At the same netsh interface ipv6 prompt, enter "show teredo".  You will see there is a default server configured and the state should be dormant.
  7. Next, let's create a default route to send all IPv6 traffic down the Teredo interface.    At the command prompt enter "add route ::/0 interface=##" replacing the ## with your interface number. You will get an "Ok" response.
  8. Great!  Let's see if it works.  The only way to test this is to now attempt to contact an IPv6 server.  First open a second CMD window (does not have to be Run as Administrator).  Try "ping -6".  Two things will happen:
    1. 1st the will be resolved by the AAAA IPv6 DNS.  You will see the IPv6 address.
    2. 2nd you should get valid responses from the IPv6 site.
    3. You can also check back in your first CMD window to look at the change in state of the Teredo configuration.  Re-enter "show teredo" and you will see that Windows has enabled the interface and it will display the PAT (Port Address Translation) information.

Congratulations!  You have successfully built and used an IPv6 Teredo Tunnel!

To remove this static route, from the netsh interface ipv6 prompt, enter "delete route ::/0 interface=29".  You will get an "Ok"

Also, if you have been playing a little too much and want to reset the ntesh configurations to default, simply type "netsh interface ipv6 reset", and then reboot.

I hope you find this article and its content helpful.  Comments are welcomed below.  If you would like to see more articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!, and all comments are welcome! 

Add comment


Did you learn something?
Did I save you time? 

Buy me a coffeeBuy me a coffee!

Find by Tag

5G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az ACL Addressing Analysis Ansible Architecture ARP Assessment AToM Backup Bandwidth BGP Bibliography Biography Briefings CBRS CellStream Cellular Central Office Cheat Sheet Chrome Cisco Clock Cloud Computer Consulting CPI Data Center Data Networking Decryption DHCPv4 DHCPv6 Display Filter DNS Documentation ECMP EIGRP Ethernet Flipping the Certification Model Follow Me Fragmentation Git GNS3 Google GQUIC Hands-On History Home Network HTTPS ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 In A Day Internet IOS Classic IoT IPv4 IPv6 L2 Switch L2VPN L3VPN LDP Learning Services Linux LLN Logging LoL M-BGP MAC MAC OSx Macro Microsoft mininet Monitoring Monitor Mode MPLS Multicast Name Resolution Netflow NetMon netsh Networking Network Science nmap Npcap nslookup Online Learning Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX Parrot Passwords pcap pcap-ng PIM Ping Policy Port Mirror POTS POTS to Pipes PPP Profile Profiles Programming Project Management Python QoS QUIC Requirements RFC RIP Routing RPL RSVP SAS SDN Security Self Certification Service Provider Small Business Smartport SONET Span Port SSH SSL Subnetting T-Shark TCP TCP/IP Telco Telecom 101 Telecommunications Telnet Terminal TLS Tools Traceroute Traffic Analysis Traffic Engineering Training Travel Troubleshooting Tunnel Utility Video Virtualbox Virtualization Voice VoIP VXLAN Webex Wi-Fi Wi-Fi 4 Wi-Fi 5 Wi-Fi 6 Wi-Fi 6/6E Windows Wireless Wireless 5G Wireshark Wireshark Tip WLAN ZigBee Zoom

Twitter Feed