Next IP meanders our way
- By William Jackson
- Jul 25, 2002
SPAWAR's Michael Brig says DOD will have a policy statement soon.
Despite the limits of the current version of the Internet Protocol, the successor to Version 4--IPv6--has been slow to materialize.
"At this point we've had very modest resources" to deploy IPv6 in Defense Department communications systems, said Michael P. Brig, Next-Generation Internet program manager at the Space and Naval Warfare Systems Command in Charleston, S.C. SPAWAR was the first military organization to test the new protocol.
DOD will issue a policy statement on the transition this summer,
Brig said last month at a meeting of the IPv6 Forum in Washington.
Larry Levine, mobile networks program director for the Space and Terrestrial Communications Directorate of the Army's Communications and Electronics Command at Fort Monmouth, N.J., said the Army will begin deploying the new protocol "in the next few years."
The Internet Protocol is a set of rules defining how computers and other digital devices communicate over the Internet and other IP networks. Version 4 has been in use for 20 years, and Version 6 in development for eight years. One forum member quipped that the protocols seem to be like Star Trek movies--only the even-numbered ones are any good.
The driver for moving to the new version is simple--"it's the address space, stupid," said Alan G. Nemeth, a Hewlett-Packard Co. fellow.
IPv6 promises dramatically more IP addresses, speedier routing and improved security.
The current version's 32-bit address space has a theoretical maximum of 4 billion individual addresses. Free addresses are running out, and the problem worsens as new wireless networks and other kinds of devices come online.
IPv6 has a 128-bit address space, which provides trillions more individual addresses.House numbers
The short-term fix for the address shortage has been Network Address Translation, which hides multiple devices behind one IP address.
But NAT interrupts the end-to-end model of communication originally envisioned for the Internet. It has turned the Net into a client-server rather than a peer-to-peer network, limiting applications that can be used, forum members said.
The United States, which maintains the lion's share of original IPv4 addresses, has been slower to move to IPv6 than other nations. Japan two years ago made transition by 2005 a national priority, followed by South Korea, which began the shift last year. But the Bush administration has not taken a position.
"We like IPv6," said Paul Kurtz, senior director of the White House Cybersecurity Office. "We'd like to see more people adopt it. But we haven't taken a stand on it."
Kurtz described the current state of network security as plugging holes because security had not been built into the IP infrastructure IPv6, which follows the IP Security standard, could improve end-to-end security.
Kurtz called IPv6 a step in the right direction but added, "We don't want to get into the position of telling people what protocols to use."
Networks using NAT to hide their devices from the Internet are not eager to abandon it for IPv6. DOD "deployed NAT for security reasons," Brig said.
Joel Bion, vice president of Internet technology at Cisco Systems Inc. of San Jose, Calif., played down the security risk.
"Security needs to be on each device," he said. "Global addressability doesn't open up any greater vulnerability than we already have."
Brig said he envisions a 10-year transition at DOD, predicting that IPv6 won't advance from an option to a standard alongside IPv4 until 2005. The dual standards would continue until 2011, when a two-year exit strategy for IPv4 would begin, he said.
William Jackson is freelance writer and the author of the CyberEye blog.