its funny, cuz its my favorite defaults (not only for Win10 machines).This enhancement got me in to "Teredo disabling spree" on all office PCs with Win10 this weekend... why it is enabled by default?Nice enhancement!*) upnp - fixed missing in-interface option for dynamic dst-nat rules;
*) upnp - added comment for dynamic dst-nat rules to inform what host/program required it;
Yes, thanks for the feature it makes it much easier to manage dst-nat now.
using ADK or DISM or even better NTLite(which isn't free, sadly) - you can customize such(or many other things with ease in both installed machines and installation images/mediums).
but prohibiting unauthorized teredo, 6to4, isatap and other transitioning tech(including ipip, ipoe and other protocols, including restricting ipv6 itself) - is generally good practice not only from terms of security.
you may also notice, that MS put into default win10 images somewhat quirky "debug adapter" and other WWAN miniports, annoying just like how WU repeatedly re-install ISATAP in past years. same about extra-protocols, that enabled and bound to interfaces "by default" aswell. or services(how many use "workstation" or "server" services in small offices, w/o AD usage ? for example).