IPv6 standards profile released
Standards profile for IPv6 is the next step in the long road to IPv6 transition
- By William Jackson
- Sep 19, 2008
The publication of a long-awaited standards profile for IPv6 in networking equipment is an 'impressive piece of work,' the chief architect for the Office of Management and Budget said Thursday.
The profile, released this week by the National Institute of Standards and Technology, begins the next step in the government's long transition to the next generation of Internet Protocols. In a three-year dash mandated by OMB, agencies had readied their network backbones for carrying IPv6 traffic by the end of June.
'That's a pretty big milestone,' OMB chief architect Kshemendra Paul said at a conference hosted in Washington by the Digital Government Institute. 'The challenge now is to take that next step and do the hard work of architecting and planning' the next generation of networking services and applications.
The host and router profile in the document encompasses basic IPv6 functionality in addition to specific requirements and key optional capabilities for routing, security, multicasting, mobility, network management and quality of service. The network protection device profile contains a set of capability requirements for IPv6-aware firewalls and intrusion detection systems. The profile also addresses how such systems can interoperate and co-exist with the current IPv4 systems.
Paul said that the version of the profile published by NIST after releasing two draft versions for comment goes a long way toward harmonizing the IPv6 standards profiles of the Defense Department and the rest of the U.S. government. The DOD profile includes some additional cryptographic requirements, but other than some stylistic differences the rest of the two profiles are a pretty good match, he said.
Although the standards are expected to evolve, Paul said he did not anticipate major changes in profile. OMB and NIST now are waiting for industry to produce products and services built to the specifications.
'If we see a pattern of problems and roadblocks, we will take a step back and see if there are gaps that need to be addressed in the profile,' he said.
Although there is not a specific mandate for using IPv6, agencies are expected to be including it in their enterprise architecture plans and OMB is updating its Enterprise Architecture Assessment Framework to address transition strategies and investment proposals, Paul said. Agencies should be planning now to incorporate the new technologies, so that they can be introduced in the normal technology refresh cycle to minimize capital expenditures. The backbone upgrade was carried out that way without additional appropriations for the work.
In planning for uses of IPv6 agencies need to tie the new applications and services to mission performance.
'It has to be business case driven,' Paul said. 'I expect the first business cases will be built around security and mobility issues.'
Dave Rubal, senior manager of Cisco Systems' Federal Partner Systems Engineering group, should begin planning now, so that they do not have to rush.
'We're not advocating at all jumping in with both feet,' Rubal said.
He advocated a phased approach beginning with laboratory testing, then pilot programs for new applications, expanding the geographic reach of IPv6 systems to include dispersed user communities, and finally adoption of new applications.
Although proponents of IPv6 tout a wide range of advantages for the new protocols, including improved peer-to-peer networking, auto-discovery, improved security and a larger, more flexible address space, no one really is certain yet how it will be used.
'There is no killer app for IPv6, but there is a groundswell of opportunities,' Rubal said. He predicted that global connectivity through secure peer-to-peer connections and advanced sensor technology would be early drivers for adoption.
William Jackson is a Maryland-based freelance writer.