DEFENSE IT — IPv6
DOD updates IPv6 Standard Profile
The Defense Department has released Version 4.0 of the IPv6 Standard Profiles for IPv6 Capable Products as part of an update to the Defense Information Technology Standards Registry (DISR) Baseline Release, Version 09-2.0.
The IPv6 specification is an update of the original published in 2006, as well as Version 2.0 and 3.0 updates made in 2007 and 2008, respectively. The document was developed by the DISR IPv6 technical working group, chaired by Ralph Liguori, of the Fort Monmouth DISA Standards Engineering Branch.
The updated IPv6 Standard Profile “provides a technical and standards based definition of interoperability requirements for IPv6-capable products to be used in DOD networks,” the document states, and provides an engineering-level definition of the standards vendor products need to meet in order to be “IPv6 Capable” and qualified for “interoperable use throughout the U.S. Department of Defense.”
DOD was one of the first government adopters of IPv6 with its June 2003 memorandum “Internet Protocol Version 6 (IPv6)” that began its mandate for the use of IPv6 in the Pentagon's Global Information Grid network. Unlike many organizations that look at IPv6 as primarily a means to solve the IPv4 address depletion issue, DOD has long since embraced other IPv6 features such as ad hoc networking, auto-configuration and mobility, each of which has specific significance in DOD theater environments. The updated profile document addresses Mobile IPv6 (MIPv6) specifically, refining the requirements based on vendor feedback.
“While we still want to encourage implementation of Mobile IPv6 in products, feedback from several vendors indicated that we were being too aggressive in this area," said Ed Jankiewicz, a senior research engineer with SRI International at Fort Monmouth's Branch Office for IPv6 Research Supporting DISA Standards Engineering. "MIPv6 is not as mature as other parts of IPv6, and the market incentives are not yet there to prompt vendors to action. We had some strong language regarding support for Route Optimization in previous versions, and we have stepped back from that.”
Route optimization is used in MIPv6 to allow a correspondent node to communicate directly with the mobile node after the mobile node moves away from its home network and home agent. Route Optimization enables the correspondent node to learn the mobile node’s new IP address so that both parties can communicate directly, eliminating triangular routing through the home agent. This improves performance, reduces latency and reduces the number of network segments and devices in the path that could cause a disruption to the session.
The IPv6 profile document still encourages “host and server vendors to implement route optimization if and when their products will be deployed with mobile nodes,” Jankiewicz said.
The Pentagon worked with industry groups and commercial vendors to refine the specification document.
“Through our involvement with the Internet Engineering Task Force and the North American IPv6 Task Force we have established some very good lines of communications with vendors and other industry subject matter experts," Jankiewicz said. "This has generated a lot of comment and discussion on the prior versions."
The IPv6 Standard Profiles document distinguishes different types of IPv6 devices into product classes with class profiles as well as defining the base requirements and the functional requirements by technical areas. Product classes include end nodes (host/workstations, network appliance, simple servers and advanced servers), intermediate node (routers, Layer 3 switches, information assurance devices) and IPv6-capable software.
The document is targeted toward several communities of interest, including contracts and acquisition officers, testing and certification organizations and developers. According to the authors, acquisition officers “may use this document as a reference when they develop specific product and system requirement text to specify the minimal requirements for products to be IPv6 capable.”
“The involvement of vendors in our review process helps us to continuously refine our requirements, to strike the balance between emerging technologies and the readiness of the commercial market to provide them,” added Jankiewicz.