Defense users will have to wait a little longer for IPv6
- By William Jackson
- Dec 12, 2005
The Defense Department, which has led the government's push for moving to version 6 of the Internet Protocols, is scaling back expectations for its 2008 transition.
'I don't think we're going to make that transition date,' said Kris Strance, a senior analyst in the Defense CIO office.
The original fiscal 2008 deadline was for a full DOD transition to IPv6. Strance said during a security conference last month in Washington hosted by the E-Gov Institute that the department would first move its network backbones to the new protocols.
'A more difficult problem is transitioning applications,' he said.
Many applications will have to be modified to operate with IPv6, while some will continue to run in their current IPv4 configurations, and others will be replaced with newer software.
The Internet Protocols are a set of standardized rules used by computers to communicate with each other. They form the basis for the Internet and increasingly underlie many enterprise networks. Most of the world currently is using version 4, but development of IPv6 began in the 1990s to solve a range of addressing, security and configuration issues.
The new protocols are mature enough that a number of countries'particularly in Asia, and to a lesser extent Europe'have begun moving to IPv6. DOD an- nounced in 2003 its intention to transition to the new version, and civilian agencies followed suit this year.
DOD has required all IT hardware and software bought since October 2003 to be IPv6-capable to avoid wholesale upgrades of its infrastructure. But determining just what 'IPv6-capable' is has proved a challenge. For example, switches and routers from Cisco Systems Inc. of San Jose, Calif., are mostly IPv6-compliant, but some features such as remote management still require IPv4 packets.
'For the foreseeable future, management will be through IPv4,' said Cisco's director of product management Ben Goldman.
DOD in October met its first milestone objective for the transition when it began running isolated enclaves of IPv6 traffic on its networks. Two remaining major objectives are to begin cross-domain IPv6 traffic by fall 2006 and the full transition by 2008.
'There still is a lot of work to be done in security' before the last two objectives can be met, Strance said.
Although IPv6 is intended to offer greater network security, the transition to the new version while maintaining IPv4 on the same networks will introduce new security problems.
Strance added DOD would be operating IPv4 alongside IPv6 well into the next decade. '2012, 2016'who knows right now?' he said.
DOD's plan to move its backbones to IPv6 by 2008 puts it in synch with civilian agencies, which must switch their backbones to the new version by June 30, 2008. John Gavin, IPv6 project manager for the Commerce Department, said there is yet no killer app for IPv6 and that for now the transition is a matter of future-proofing the department's networks.
'The primary benefit now is being ready for the future,' he said. 'We don't want to wait until we have to support an application. We want to be ready when the application is there.'
William Jackson is freelance writer and the author of the CyberEye blog.