Tuesday, January 29, 2008

IPv6 Coming June 30 to the Federal Government

It's been almost a non-event - I think most don't realize the Federal Government has an IPv6 (Internet Protocol version 6) mandate scheduled for June 30 of this year. Last month, Network World ran an interesting piece titled How feds are dropping the ball on IPv6. Here's a quote from the Network World article:

Only 10% of federal agencies are buying services to run IPv6 traffic on their backbone networks, carriers estimate. The other 90% of federal agencies will likely meet the IPv6 mandate by upgrading their core routers to be IPv6 capable without running IPv6 traffic over them, carriers predict.

Internet traffic currently runs using IPv4 (Internet Protocol version 4), with the current IPv4 standard approved way back in 1981. Version 4 has survived the explosive growth of the Internet with a series on enhancements including CIDR and NAT. When the Internet was privatized in the mid 1990's many assumed the end of Version 4 was near, predicting we would soon run out of addresses (IPv4 supports a maximum of 4,294,967,296 or 232 addresses). Anticipating the growth of the Internet, IPv6 was approved by the Internet Engineering Task Force with the first RFC's released that defined IPv6 in 1996. IPv6 uses 128 bit addresses and supports a maximum of 2128 addresses - that's a lot of addresses!

IPv6 also provides additional overhead that can be used for things like better security and quality of service. However, the larger address space and overhead means more bits on the transmission media that are not data which can slow transmissions down - especially on lower bandwidth connections.

Router manufacturers have allowed IPv6 implementation for years - I recall working with Bay Networks routers back around 2000 that supported IPv6. Microsoft has also supported IPv6 since 2002 - providing implementations for Windows Server 2003, Windows XP with Service Pack 1 (SP1) or later, and Windows CE .NET 4.1 or later.

Both iPv4 and IPv6 will run on the same network and, since the federal mandate only requires core routers to be IPv6 capable, those required to meet the mandate only have to enable IPv6 on their backbone routers.

It looks like June 30 will come and go without significant IPv6 traffic moving on federal networks. I'm trying to stay optimistic, hoping this is a first step in moving to more secure IPv6 based communications, especially on networks that carry sensitive information.

No comments: