By Ben Ames
FALLS CHURCH, Va. - In Pentagon planners’ vision of a network-centric battlefield, every electronic component will maintain an Internet link to every other electronic component.
That sounds good, but the recipe calls for more security, mobility, and Internet Protocol (IP) addresses than currently exist. The solution is simple, they say-Internet Protocol version 6, better known as IPv6.
Two years ago, leaders at the U.S. Department of Defense (DOD) announced a policy requiring all Pentagon purchases after October 2003 to adopt IPv6. At that pace, DOD experts say their entire Global Information Grid (GIG) will be IPv6-enabled by 2008.
There is just one problem-everyone else is dragging their feet. From corporate America to the rest of the federal government, most computer users say they are content with today’s familiar old technology, IPv4.
A recent poll of information-technology managers across the public and private sectors found they were struggling with familiar problems, such as poor support for efficiency, voice-over-Internet protocol phones, quality of service, and security.
Yet fewer than 7 percent of the 349 respondents saw IPv6 as the solution, according to the study’s sponsor, Jupiter Networks of Sunnyvale, Calif.
“It’s almost like being on a desert island with palm trees and coconuts and saying ‘Gee, I’m starving to death’ while the bananas are hanging on the branch over your head,” says Charles Lynch, technical director of the Defense Information Systems Agency’s IPv6 Transition Office in Falls Church, Va.
“The view in the DOD used to be called horizontal fusion; everything talks to everything. Now it is called netcentricity; everything is a communicator and everything uses IP packets,” he says. “But networks today are not designed to handle that. We really have a kluge, and now we have a chance to do it the right way.
“While the Net is a great thing, it has a lot of mistakes: security, a protocol not built for today’s high-speed networks, and addresses that were given out first-come, first-served as opposed to geographically,” Lynch says.
“The lesson we’ve learned from AT&T is when we lay down a network, it should be geographically based; for instance, 703 is the area code for northern Virginia. But on the internet, the IP number means nothing. If 703 exists in several places, you need the next several digits too, and you need a database with many more numbers.”
Instead, when organizers hand out addresses for IPv6, they will use hierarchical aggregation, which means the numbers will be geographical or even geospatial. An IP address in the new system could indicate its location on a map, or even its altitude at that spot (such as a specific story in a building).
Applied to an Air Force example, designers could build an F-22 fighter jet with an IP address assigned to every electronic component and every sensor. Not only would that streamline communication within the aircraft, but also allow those outside the jet to look in, he says.
A logistician could see the entire wing, and a maintenance worker could see if the avionics are faulty, if the plane can’t drop bombs, or if the pilot’s biometrics are off. When the plane lands, mechanics will already have the proper tools handy to turn the aircraft around quickly for new missions.
“And you can use that platform now not just for dropping bombs, but for surveillance. The J-UCAS can be outfitted not only with weapon systems but with sensors,” he says, referring to the Joint Unmanned Combat Air System.
IPv6 can supply enough addresses to build this “network of networks” because it assigns 128 bits of data for every IP address, compared to the current 32 bits.
The new system promises great rewards, but most users look at the current Internet and shrug, “If it ain’t broke, don’t fix it,” Lynch says.
“People need a reason to migrate and want it to be seamless if they do. Especially to proceed beyond a dual-stack mode where they’re using both v4 and v6,” says Rod Murchison, senior director of product management in the Security Products Group at Juniper Networks in Sunnyvale, Calif.
“The conception is that v6 will put you on a separate island, but backward compatibility is built in, so it will still work with v4-v4 will be around a long time,” he says.
In fact, the change will impact back-end services and management far more than the typical user. To accommodate legacy systems, most companies will roll in the transition by building dual stacks that work with both v4 and v6.
Murchison recently attended the Coalition Summit for IPv6 meeting in Reston, Va., to discuss applications for military and homeland security, such as network-centric warfare, real-time response, and communications.
“Address expansion will enable the network to identify every sensor and component,” he says. “Operational simplicity is what’s going to make it successful, from threat mitigation to attack protection. That will let you detect when something is compromised, whether to trust a faulty sensor, do intrusion-detection, find anomalies, and deploy active response and remediation.”
Universities and government laboratories are leading the private sector charge toward IPv6, with projects such as the high-bandwidth Internet2, but typical companies do not move enough data or support enough Internet nodes to feel constrained by IPv4, so they question the move.
The transition cost for any company will depend on the number of Internet-enabled devices it has, from desktop PCs to voice-over-Internet-protocol (VOIP) phones, networking devices, and even personal electronics. Other electronic manufacturers adopting IPv6 will include networking vendors, operating system vendors, and device makers of handhelds, PDAs, and cell phones.
For more information, see www.moonv6.com, www.usipv6.com, or www.ipv6style.jp/en. To download the Juniper study, see www.juniper.net/federal/IPv6.
