Jul 13 2022
Networking

Federal IPv6 Task Force Proposes Transition Guidance

Review of federal agencies’ implementation plans for a new internet addressing system is underway.

A federal task force guiding the government’s move from Internet Protocol version 4 (IPv4) to new IPv6 technology has developed evaluation guidelines to help agencies review their plans for implementation this summer. 

“The evaluation guidelines, which will be made available to agencies, measure the level of completeness of the IPv6 implementation plans and provide recommendations for improving the plans,” according to a statement from the General Services Administration.

“The intent is to provide for continuous improvement over time, and the guidelines provide a checklist of topics that should be present in every IPv6 implementation plan.” 

The Federal IPv6 Task Force, established by the Federal Chief Information Officers Council, reviewed the evaluation plan guidelines at an IPv6 interagency meeting, and the Office for Management and Budget (OMB) is expected to provide written feedback to agencies on their IPv6 implementation plans.

“The overall goal is for all agency IPv6 implementation plans to have consistent quality, contain the requisite set of comprehensive topics and motivate a feasible and actionable plan to move to an IPv6-only networked environment,” the GSA statement said. 

Click the banner below to get access to exclusive cloud content by becoming an Insider.

IPv6 Will Provide More IP Addresses for Government Agencies

The transition to IPv6 was mandated by the OMB in a November 2020 memo that describes IPv6 as a “next-generation internet protocol” designed to replace IPv4, which has been in use since 1983. 

IPv4 allowed for 4.3 billion 32-bit IP addresses; IPv6 was designed to support 340 trillion trillion trillion addresses using a 128-bit format, according to a recent blog post by Ravi Chandrasekaran, a senior vice president at Cisco.

“While the address system was already showing signs of stress, a growing number of personal computers and smartphones would also require unique IP addresses,” Chandrasekaran writes, pointing to research that shows a jump from five internet-connected devices per household in 2015 to 50 in 2020. 

LEARN MORE: Prepare for the new IPv6 technology with these tips.

IPv6 has been a standard for 24 years, yet IT teams in both the public and private sectors deployed creative techniques to help extend the life of IPv4 addressing,  such as network address translation (NAT) built into routers and firewalls, for example, according to Chandrasekaran.

Many organizations became satisfied with these workarounds to overcome IPv4’s limitations, but these techniques were “basically Band-Aids,” he writes. “Using NAT, for example, obfuscates IP addresses within the enterprise network, making managing Access Control Lists much more complex.”

“Security is inhibited with NAT too, because when hundreds of devices are sharing the same IPv4 address, it’s difficult to apply security policies accurately or quarantine rogue devices without affecting all the other devices identified with the same IP address,” he writes.

IPv6 Goals Are ‘Aggressive’ but ‘Realistic’

The OMB memo also points out flaws with these methods.

“Over time, numerous technical and economic stop-gap measures have been developed in an attempt to extend the usable life time of IPv4, but all of these measures add cost and complexity to network infrastructure and raise significant technical and economic barriers to innovation,” according to the memo.

So far, about 43 percent of 1,300 U.S. government-tested domains are IPv6-enabled and operational as of July 12 according to data from the National Institute of Standards and Technology (NIST). About 48 percent were in progress, leaving a little over 9 percent with no progress. 

EXPLORE: Why federal agencies are shifting back to hyperconverged infrastructure.

As FedScoop reports, “agency implementation plans must include milestones for having at least 20% of IP-enabled assets on federal networks operating in IPv6-only environments by the end of fiscal 2023, 50% by the end of fiscal 2024 and 80% by the end of fiscal 2025. They must also provide a replacement or retirement schedule for information systems that can’t be transitioned.”

Doug Montgomery, manager of internet and scalable systems research at NIST, previously said those goals are “aggressive, but they are realistic.”

He said the transition will be made easier by all new laptops, smartphones, servers and other IP-connected devices coming with IPv6 capabilities already installed.

hayatikayhan/Getty Images
Close

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.