IPv6 Will Provide More IP Addresses for Government Agencies
IPv4 allowed for 4.3 billion 32-bit IP addresses; IPv6 was designed to support 340 trillion trillion trillion addresses using a 128-bit format, according to a recent blog post by Ravi Chandrasekaran, a senior vice president at Cisco.
“While the address system was already showing signs of stress, a growing number of personal computers and smartphones would also require unique IP addresses,” Chandrasekaran writes, pointing to research that shows a jump from five internet-connected devices per household in 2015 to 50 in 2020.
IPv6 has been a standard for 24 years, yet IT teams in both the public and private sectors deployed creative techniques to help extend the life of IPv4 addressing, such as network address translation (NAT) built into routers and firewalls, for example, according to Chandrasekaran.
Many organizations became satisfied with these workarounds to overcome IPv4’s limitations, but these techniques were “basically Band-Aids,” he writes. “Using NAT, for example, obfuscates IP addresses within the enterprise network, making managing Access Control Lists much more complex.”
“Security is inhibited with NAT too, because when hundreds of devices are sharing the same IPv4 address, it’s difficult to apply security policies accurately or quarantine rogue devices without affecting all the other devices identified with the same IP address,” he writes.
IPv6 Goals Are ‘Aggressive’ but ‘Realistic’
The OMB memo also points out flaws with these methods.
“Over time, numerous technical and economic stop-gap measures have been developed in an attempt to extend the usable life time of IPv4, but all of these measures add cost and complexity to network infrastructure and raise significant technical and economic barriers to innovation,” according to the memo.
So far, about 43 percent of 1,300 U.S. government-tested domains are IPv6-enabled and operational as of July 12 according to data from the National Institute of Standards and Technology (NIST). About 48 percent were in progress, leaving a little over 9 percent with no progress.
As FedScoop reports, “agency implementation plans must include milestones for having at least 20% of IP-enabled assets on federal networks operating in IPv6-only environments by the end of fiscal 2023, 50% by the end of fiscal 2024 and 80% by the end of fiscal 2025. They must also provide a replacement or retirement schedule for information systems that can’t be transitioned.”
Doug Montgomery, manager of internet and scalable systems research at NIST, previously said those goals are “aggressive, but they are realistic.”
He said the transition will be made easier by all new laptops, smartphones, servers and other IP-connected devices coming with IPv6 capabilities already installed.