Agencies should plan now to enable IPv6 on public-facing servers
American Registry for Internet Numbers president expects federal mandate soon for agencies to begin enabling new protocols on public-facing Web servers
The pool of available IPv4 addresses will be completely allocated in the not-too-distant future.
“It will happen 717 days from today, around 2 in the afternoon, just before tea time,” said John Curran, president of the American Registry for Internet Numbers (ARIN).
Security will not come naturally with IPv6
Or it might be in just 657 days; it depends on whose countdown clock you use. The point is, given the current rate of Internet growth, in about two years all new address assignments will be made with IPv6 addresses.
This is well within the information technology planning horizon of agencies, and they need to begin planning now to enable public-facing Web servers for users who expect to connect to government resources using the new Internet Protocols, said Curran, who delivers the keynote address today at a conference on the Next Generation Internet hosted by the Digital Government Institute.
The government led the way in the IPv6 transition in this country with a mandate from the Office of Management and Budget to enable agency backbones to handle IPv6 traffic. “We need the same thing to happen again” with servers, Curran said. “I would not be surprised to see that happen sometime over the next few months.”
The Internet Protocols are a set of rules that computers use to communicate with each other, and the Internet has grown exponentially with the current Version 4. But the size of the IPv4 address space limits the number of possible addresses. The protocols have been updated with improvements, including a much larger address space to enable a vastly greater number of addresses on the Internet.
Although IPv6 offers some improved features, such as better security and easier setup of end-to-end connections, the two protocol versions are functionally very similar, Curran said. “You are not going to often see an improved functionality for IPv6” great enough to drive its adoption. Available address space is the primary driver for adoption, he said.
“You can’t continue to grow with IPv4,” Curran said. Eventually all growth will be in the IPv6 address range. “Very quickly the public Internet will be both IPv4 and IPv6. Will we ever turn off IPv4? I don’t know that there is any reason for that to occur, but all of the growth will soon be in IPv6 and you will end up with a predominantly IPv6 Internet. We have to make sure agencies are prepared, because when the demand curve comes, it’s going to come very quickly.”
It does not have to be a crisis if the current lead time is used to upgrade and implement the technology through the normal technology refresh cycle, as was done with agency backbones. This would not only ensure that government servers are available for native IPv6 service, but also would create a demand for vendors to enable it in more products, making the services more widely available.
Operating systems in most servers and routers already support IPv6, but that does not mean there will not be some challenges.
“It does require a bit of learning,” Curran said, and configurations will be different. “There may be places where it is not trivial.” Log software that tracks connections by IP address might not have adequate space for the longer IPv6 addresses, for instance. But by beginning now, the next step in the transition can be made, if not completely painless, less painful than if the job is rushed.
“We’ve been planning for this for 15 years,” Curran said. With address depletion about two years away, “there is no longer any time to put it off.”
William Jackson is a senior writer of GCN and the author of the CyberEye blog.