Federal agencies must have at least 80% of their IP-enabled internet assets on IPv6 by Sept. 30, 2025. Nearly half of all government domains are now IPv6-enabled, according to the Commerce Department. That positions them to take advantage of the more stable, more secure protocol, which also offers vastly more addresses than IPv4.
Domains that have not yet started an update must design new network architectures to support IPv6, as well as update devices and endpoints to handle the new standard. Here’s what to know about the technologies required to complete the job and the assistance available for agencies that get stuck during the update process.
Click the banner below to begin future-proofing your network.
Why IPv6? The Potential for Innovation and Stronger Security
The massive number of devices already connected to the internet continues to grow rapidly thanks to the popularity of mobile and Internet of Things technologies. IPv4, the previous protocol, uses 32-bit addresses and supports 4.3 billion devices, a woefully inadequate number given the proliferation of personal computers, smartphones and connected things (think smart TVs and thermostats). The dearth of addresses has caused problems for the past several years, leading to administrative overhead and outages across multiple internet service providers. The shortage has also limited innovation and service quality, all while increasing the cost of network operations.
Network address translation (NAT) and similar attempts to mitigate the address shortage have proved unreliable. Over the long term, the answer lies in IPv6, which replaces 32-bit IPv4 addresses with a 128-bit format that supports an exponentially larger number of unique IP addresses: more than 340 trillion trillion trillion. IPv6 was specified in 1995 in RFC 2460 and became an internet standard in 2017. Despite widespread adoption, many federal agencies continue to use creative techniques to extend the life of IPv4; however, federal IT leaders should embrace IPv6 because of its potential for technological advancement, innovation and stronger security.
80%
The percentage of IP-enabled assets on federal networks that must operate in IPv6- only environments by the end of FY 2025
Source: commerce.gov, “Internet Protocol Version 6 (IPv6) Policy,” Dec. 3, 2024
The IPv6 Advantages for Your Agency
IPv6 offers significant benefits:
- Larger address space and future-proofed networks. The astronomical increase in unique IP addresses spells the end of address exhaustion, using NAT or paying premium prices to purchase blocks of public IP addresses. That’s one of the main reasons forward-thinking companies such as Microsoft have stood at the vanguard of full IPv6 implementation.
- More efficient addressing and routing. IPv6 simplifies network operations and improves routing efficiency thanks to its hierarchical addressing, enhanced packet handling and autoconfiguration. IPv6 also simplifies application development and enhances performance in an IPv6-only network because NAT no longer hinders traffic flows.
- Enhanced security. Internet Protocol Security (IPSec), which is optional in IPv4, is built into the stack in IPv6, creating a more secure network environment. Encryption is provided by the Encapsulating Security Payload protocol and authentication via HTTP authorization headers; these protect packet contents from modification.
- Improved quality of service. Flow labels and priority fields in the IPv6 header can identify packets requiring special handling, such as default quality of service. For real-time IoT applications, IPv6 ensures more efficient data transmission, reduced latency and enhanced network performance.
Click the banner below to follow the IT professionals who had the biggest impact on government in 2024.
OMB M-21-07 Mandate
The Office of Management and Budget Memorandum 21-07 mandates that 80% of IP-enabled assets on federal networks operate in IPv6-only environments by the end of fiscal 2025. The directive applies to all existing information systems, including those used, managed or operated by a contractor, another agency or other organizations on behalf of the federal government. The OMB memo spells out requirements for completing operational deployments of IPv6 and identifies potential obstacles.
Key requirements include:
- All newly acquired networked federal information systems must be IPv6-enabled at the time of deployment.
- Any systems that cannot be converted to IPv6 must be identified and justified. Schedules for replacing or retiring those systems must be developed.
- All external partners must identify systems that interface with networked federal information systems and develop plans to migrate them to IPv6.
- Public or external-facing services (such as web, email, Domain Name System and internal client apps that communicate with public internet services) must be upgraded as soon as practical.
Agencies may find it useful to make a more gradual transition through dual-stacking — where IPv4 and IPv6 run concurrently on the same network — as the environment moves to full IPv6. Teams will need to update network policies and tools to handle IPv6 effectively.
DISCOVER: DOD’s Fulcrum IT strategy emphasizes four lines of effort.
How to Prepare for IPv6 Implementation
A comprehensive audit of the existing infrastructure will uncover IPv4 dependencies and help teams build a transition plan. Engage with vendors to ensure hardware and software are compatible, and thoroughly train staff on security threats as well as mitigation strategies.
Testing is the key to transition success: Look to the National Institute of Standards and Technology IPv6 Deployment Monitor and IPv6 client tester site for guidance. The OMB’s Guidance for Program Management of Agency Transition to an IPv6-only Environment document advises agencies that will award contracts for services required to meet the mandate.
Look to General Services Administration resources when developing contracts for IPv6-compliant equipment, governmentwide acquisition contracts and commercial IT products and services. The Internet Assigned Numbers Authority, the Federal IPv6 Task Force and its list of frequently asked questions, IPv6.com and the North American Network Operators’ Group also offer a wealth of information on navigating the switch. Once the transition is complete, continuous monitoring will be needed to optimize IPv6 network performance.
