teredo.ipv6.microsoft.com off?

Ron Broersma ron at spawar.navy.mil
Wed Jul 17 16:22:22 CEST 2013


On Jul 17, 2013, at 6:20 AM, Jeroen Massar wrote:

> On 2013-07-17 15:09 , Ron Broersma wrote:
>> 
>> On Jul 16, 2013, at 10:40 PM, Mikael Abrahamsson wrote:
>> 
>>> On Tue, 16 Jul 2013, Christopher Palmer wrote:
>>> 
>>>> If there is feedback on the ongoing experiment or our
>>>> consideration of sunsetting Teredo, do let me know.
>>>> 
>>>> So far people have been quite enthusiastic.
>>> 
>>> I am too. I would really like to see 6to4 and teredo be default off
>>> everywhere, and people who want it can manually turn it on. If
>>> teredo went away completely, that would also be a good thing.
>> 
>> Strongly concur here as well.  One less thing I have to disable on
>> all my systems in enterprise nets.
> 
> Windows boxes that are in an Active Domain (which should match your
> 'enterprise net') have Teredo and 6to4 disabled per default.
> Next to that one can enforce that of course through AD policies.

A number of my enterprise nets support many OSs and are not AD-centric.  That's why I qualified my enterprise nets as "heterogeneous".  But yes, if you are homogeneous on Windows and everything is in AD, you can disable those things through GPO.  For me, we have to tell each of our users to disable teredo, disable 6to4, disable privacy/temporary addresses, etc., and in many cases beg them to upgrade to OSs that support DHCPv6.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6127 bytes
Desc: not available
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20130717/fc9c268a/attachment.p7s>


More information about the ipv6-ops mailing list