Agencies must acquire networking equipment capable of handling IPv6 and enable the new protocols on their networks over the next four years, but finding the right equipment can be a challenge, government and industry officials said.
Agencies must buy networking equipment capable of handling the next generation of internet protocols, and enable the new protocols on their networks over the next four years, but finding suitable equipment can be a challenge.
End user software for IPv6 – the successor to IPv4 – is not a big problem, said Chris Spears, senior network planning architect at Internet2, a test bed for advanced networking. Most new operating systems and browsers support IPv6, as does wide-area network backbone equipment. The problem is in between, in network services and software for the enterprise.
Security can be a particular problem, said John Baird, IPv6 transition manager for the DOD’s Defense Research and Engineering Network. And when there are products to consider, they often do not scale well and it is difficult to find tools that can withstand testing under load for more than a few minutes, he said at a recent conference on IPv6 hosted by the Digital Government Institute.
The problem is not a lack of interest from vendors, who are willing to support the new protocols. Ric Chavez, senior manager of Cisco Systems' global government solutions group, said there has been an increase in interest in the functionality in the last six months, since it became a requirement under the Federal Acquisition Regulations.
Guy Snyder, secure communications program manager for ICSA Labs, one of two independent labs accredited to test products against the official government profile, said interest has increased dramatically since the September memo from the Office of Management and Budget requiring implementation of IPv6.
But although Cisco’s core infrastructure technology—the routers and switches—support the protocols, more advanced and emerging products have not yet been tested for them.
Technology companies simply can't put everything in place at once, Chavez said. Development of features such as IPv6 support is done over several product releases, and product development cycles are from 12 to 18 months. “The fact remains, it still takes a while to deliver all the features required," he said.
The move to IPv6 is being forced by the depletion of available Internet addresses under IPv4. Although the IPv4 Internet will continue to work, future expansion will require use of IPv6. Because the two versions are not compatible, networks and content providers will have to enable both sets of protocols on their infrastructures to ensure that access is seamless.
Although it has only recently picked up steam, the transition has been going on for some time. DOD’s DREN enabled IPv6 from 2003 through 2005, and the department began creating an equipment profile for IPv6 capability in 2001. OMB in 2005 required civilian agencies to enable IPv6 on network backbones by 2008, and in this September set a 2012 deadline for enabling it on public-facing websites and services. Internal networks will be enabled with IPv6 by 2014.
The National Institute of Standards and Technology, building on earlier efforts including the DOD profile and the industry’s IPv6 Ready program, created the USGv6 profile for networking equipment. Agencies must buy products that have been successfully tested against this profile, when they are available.
The first version of the profile covers hosts and routers.
Development of full suites of interoperable equipment capable of handling IPv6 on networks and in enterprises likely will take several more years. Because enablement of IPv6 within agencies is an unfunded mandate, equipment acquisition will have to be done through the routine cycle for refreshing technology. With a little luck, this will allow time for the creation of technical specifications and product development to meet the OMB deadlines.
NEXT STORY: TechToons