DISA foresees no hiccups in switch to new Internet protocol

Featured eBooks
Future-Ready Workforce
Read Now

Health Tech

Read Now

AI Applications

Read Now
Insights & Reports
A Mapping Guide for the NIST CSF 2.0
Presented By Forescout Technologies
Download Now
4 steps to successful data governance programs for government
Presented By Carahsoft
Download Now
Bob Brewin By Bob Brewin,
Editor at Large

By Bob Brewin

|

Transition to IPv6 later this year likely to be easier for Defense Department than for commercial users, official says.

The Defense Information Systems Agency expects a smooth transition to the new Internet protocol on networks it operates for the Defense Department, officials said, in large part because three years ago the agency equipped network switches and routers to handle the coming Internet protocol version 6 (IPv6).

Bruce Bennett, program executive officer for communications at DISA, told Nextgov Defense is not apt to be hindered by the crunch that commercial firms might face this year when the final 4 billion addresses of the older Internet protocol version 4 (IPv4) are distributed because, he added, the agency has prudently managed those addresses.

DISA took advantage of a process called network address translation, which uses just one IPv4 address to serve hundreds of end users, much like a local router serves up to 256 addresses behind one Internet-facing address.

The agency also has an aggressive policy to reuse addresses after a piece of equipment is retired, or taken out of service. Thanks to these practices, Bennett said, he expects the Pentagon to run networks that use both IPv4 and IPv6 for the next decade.

End users accessing DISA networks will in most cases be spared worrying about whether they can connect to an IPv6 site or system, Bennett said, as technology updates ensure that new computers can handle IPv6. "If you buy a new computer today at Best Buy, the network card supports IPv6," he said.

Traffic using these dual protocols will flow easily on Defense networks, he said, because DISA has installed hardware and software that can translate IPv6 traffic to IPv4 and vice versa.

When Defense does run out of IPv4 addresses and changes over to IPv6, Bennett said, it will tap into an almost unlimited supply of IPv6 addresses. While IPv4 used a 32-bit address scheme with a cap of four billion, IPv6 uses a 128-bit address, which provides undecillion addresses, or 340 trillion groups of 1 trillion networks each.

Bennett said Defense has four-tenths of these addresses, an amount he views as a close to limitless supply. (It would be a good idea, he jokes, to check back with DISA in 150 years to see how its supply of IPv6 addresses is faring.)

DISA has not yet seen the kind of killer app that would force a wholesale switch to IPv6 in the near future, Bennett said. But he said the IPv6 protocol offers lower latency and better connections for mobile users.

IPv6 also can provide the addresses needed for remote sensors, when and if Defense starts to deploy such sensors widely, he added.

The switch to IPv6 came at almost no cost to DISA, in what Bennett called "new money." He said all IPv6 network gear was purchased in technology refreshment cycles, with IPv6 adding only a nominal cost to the equipment DISA had to purchase to keep its networks up to date.

NEXT STORY: Pentagon looks to militarize the cloud