Teredo

Teredo


This video will look at the IPv6 transition technology Teredo. Teredo allows IPv4 devices to access IPv6 devices on the internet. It is designed to provide IPv6 access to IPv4 devices until IPv6 the IPv4 device has access to an native IPv6 network.

Download the PDF handout:

What is Teredo
Teredo is named after a worm that was often found in wooden ships. The Teredo worm burrows through the wood creating a tunnel. The Teredo protocol creates an IPv4 tunnel over the internet. This allows an IPv4 device to access IPv6 networks. The advantage of Teredo over other transition technologies is that it works with Network Address Transition (NAT). Thus, it is possible for multiple IPv4 devices to share the same public IPv4 address and use it to access IPv6 networks.

Components of Teredo
Teredo consist of three components; these are the Teredo Client, Teredo Server and Teredo Relay. The administrator is required to configure the Teredo Client, which is the IPv4 device, with an address of a Teredo Server. The device will contact the Teredo Server. The Teredo Server will provide the device with the IP Address of a Teredo Relay. The device will then create a tunnel to the Teredo Relay. The Teredo Relay is connected to the IPv4 and IPv6 networks. The Teredo Relay will transfer traffic from one network to the other and thus provides the bridge between the networks.

Teredo Address
Teredo addresses use a specific address that contains information that helps with the routing of the data over the network. Placing data inside the address is what allows Teredo to travel over NAT. All Teredo addresses start with “2001:0000”. Currently, any IPv6 address starting with 2000 to 2003 is in the registrable public address space. This means that Teredo addresses are routable on the IPv6 public network. The other four parts of the address are as follows:
Teredo IPv4 Server: The Teredo IPv4 Server is the address of the Teredo Server that bridges the IPv4 and IPv6 networks. This means, by looking at the IPv6 address, you can always tell which Teredo Server was used to cross the networks.
Flags: This is used to determine how the data will be routed. For example, a flag is set when the device is behind a NAT device. There is a set of random flags that are configured to make it harder for a malicious user to work out the IP Address of the device.
UDP Port: When the device uses NAT, the internal port number will change to an external port number as the traffic pass through the NAT device. The external port number if recorded in the Teredo address. This allows Teredo traffic coming back to the NAT device to know which port to use.
This allows Teredo traffic coming back to the NAT device to know which port to use.
Client Public IPv4: This will be the public IPv4 address that is being used. If the device has its own public IPv4 address it will be set to this. If a NAT device is being used, the external public IPv4 address of the NAT device will be used.

References
“Installing and Configuring Windows Server 2012 R2 Exam Ref 70-410” page 214
“Teredo Addresses” https://msdn.microsoft.com/en-us/library/windows/desktop/cc136764(v=vs.85).aspx

Credits
Trainer: Austin Mason http://ITFreeTraining.com
Voice Talent: HP Lewis http://hplewis.com
Video Production: Kevin Luttman http://www.KevinLuttman.com
Quality Assurance: Brett Batson http://www.pbb-proofreading.uk