Apps are put to the test

Marine Capt. Jeremy Duncan wasn't used to the humid, late-July heat of Durham, N.H., having lived in the much drier Southwest and served two tours in Iraq. But on a recent Friday, he sought relief in the air-conditioned, 32,000-square-foot InterOperability Lab at the University of New Hampshire for the biggest-ever test of applications on Moonv6, a global IPv6 network maintained by a consortium from government, industry and academia.

Duncan was up from the Defense Department's Joint Interoperability and Test Command in Fort Huachuca, Ariz.'another Moonv6 site'watching several dozen young people in shorts, T-shirts and sandals stare at network configuration screens and automated test software from Agilent Technologies, Ixia Inc. and Spirent Communications.

'The goal of this event is really to show the industry and the user'the government'where IPv6 is right now,' said Ben Schultz, UNH-IOL's managing engineer.

JITC's interest in the event centered on security testing, including the interaction of applications with firewalls, plus the use of IPSec in automatic key exchanges for Public Key Infrastructure systems. Testers used guidelines from the National Security Agency's Operational Network Evaluation division, also known as the Blue Team, to assess IPv6's vulnerability to such hacker techniques as port scanning. 'Surprisingly, we thought we would find a lot more implications and problems,' Duncan said of preliminary results.

Aside from organized test events, JITC uses Moonv6 independently to hone DOD's Generic IPv6 Test Plan [get the 10MB PDF at GCN.com, GCN.com/638]. 'It's meant to provide procedures to test IP products for their IPv6 capability,' Duncan said.

JITC plays a central role in federal networking requirements. 'We are the ultimate certification for IPv6 interoperability and the maintainer of the DOD IPv6 Approved Products List,' Duncan said. The first products are hardware, but he soon expects submissions from vendors of business software. 'We only have a few who have had any interest [in being tested],' he said.

Voice over IPv6

July wasn't the first time the Moonv6 consortium put applications to the test on its IPv6-based network. A December 2005, 11-vendor test of voice over IP programs on a dual-stack, tunneling infrastructure was largely successful but had some voice quality problems, according to UNH-IOL.

Prior to that, that lab ran successful tests of end user utilities that run at the network application layer, including videoconferencing and file transport protocol tools.

During the July 2006 tests, in addition to JITC's security apps, Spectracom Corp. of Rochester, N.Y., brought some of their NetClock appliances for a successful run-through of the IPv6 version of the Network Time Protocol. NTP provides the basis for applications that are critical to the accuracy of homeland security and regulatory software.

Overall, Schultz and Duncan said governments are keenly interested in the dual-stack performance and security of their current and future applications. Testing will prove critical.

'There may be vulnerabilities associated with that transition mechanism,' Duncan said.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above