Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)
RFC 4380
Document | Type |
RFC - Proposed Standard
(February 2006; Errata)
Was draft-huitema-v6ops-teredo (individual in int area)
|
|
---|---|---|---|
Author | Christian Huitema | ||
Last updated | 2013-03-02 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4380 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Margaret Cullen | ||
Send notices to | (None) |
Network Working Group C. Huitema Request for Comments: 4380 Microsoft Category: Standards Track February 2006 Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs) Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). Abstract We propose here a service that enables nodes located behind one or more IPv4 Network Address Translations (NATs) to obtain IPv6 connectivity by tunneling packets over UDP; we call this the Teredo service. Running the service requires the help of "Teredo servers" and "Teredo relays". The Teredo servers are stateless, and only have to manage a small fraction of the traffic between Teredo clients; the Teredo relays act as IPv6 routers between the Teredo service and the "native" IPv6 Internet. The relays can also provide interoperability with hosts using other transition mechanisms such as "6to4". Table of Contents 1. Introduction ....................................................3 2. Definitions .....................................................4 2.1. Teredo Service .............................................4 2.2. Teredo Client ..............................................4 2.3. Teredo Server ..............................................4 2.4. Teredo Relay ...............................................4 2.5. Teredo IPv6 Service Prefix .................................4 2.6. Global Teredo IPv6 Service Prefix ..........................4 2.7. Teredo UDP Port ............................................4 2.8. Teredo Bubble ..............................................4 2.9. Teredo Service Port ........................................5 2.10. Teredo Server Address .....................................5 2.11. Teredo Mapped Address and Teredo Mapped Port ..............5 2.12. Teredo IPv6 Client Prefix .................................5 Huitema Standards Track [Page 1] RFC 4380 Teredo February 2006 2.13. Teredo Node Identifier ....................................5 2.14. Teredo IPv6 Address .......................................5 2.15. Teredo Refresh Interval ...................................5 2.16. Teredo Secondary Port .....................................6 2.17. Teredo IPv4 Discovery Address .............................6 3. Design Goals, Requirements, and Model of Operation ..............6 3.1. Hypotheses about NAT Behavior ..............................6 3.2. IPv6 Provider of Last Resort ...............................8 3.3. Operational Requirements ...................................9 3.4. Model of Operation ........................................10 4. Teredo Addresses ...............................................11 5. Specification of Clients, Servers, and Relays ..................13 5.1. Message Formats ...........................................13 5.2. Teredo Client Specification ...............................16 5.3. Teredo Server Specification ...............................31 5.4. Teredo Relay Specification ................................33 5.5. Implementation of Automatic Sunset ........................36 6. Further Study, Use of Teredo to Implement a Tunnel Service .....37 7. Security Considerations ........................................38 7.1. Opening a Hole in the NAT .................................38 7.2. Using the Teredo Service for a Man-in-the-Middle Attack ...39 7.3. Denial of the Teredo service ..............................42 7.4. Denial of Service against Non-Teredo Nodes ................43 8. IAB Considerations .............................................46 8.1. Problem Definition ........................................46 8.2. Exit Strategy .............................................47 8.3. Brittleness Introduced by Teredo ..........................48 8.4. Requirements for a Long-Term Solution .....................50 9. IANA Considerations ............................................50 10. Acknowledgements ..............................................50 11. References ....................................................51 11.1. Normative References .....................................51 11.2. Informative References ...................................52Show full document text