IPv6 teredo blackout June 8th

Brandon Butterworth brandon at bogons.net
Wed Feb 2 20:52:40 CET 2011

> Some windows platforms have teredo enabled by default.

I never understood why that would be a good plan, the aim
is to get people doing native not deploying tunnels where
they're not intended to be

> Thoughts and mitigation?

Get MS to deploy a default off in the next patch cycle (just missed the
IE biggie) or make teredo not try. Not tested this myself -

  "Block name resolution of the Teredo DNS host name, which
   by default on computers running Windows 7 is teredo.ipv6.microsoft.com"

if you're lucky enough to control their DNS


More information about the ipv6-ops mailing list