What Are the Advantages of IPv6?
IPv6 offers significant benefits:
- Larger address space and future-proofed networks
The astronomical increase in unique IP addresses spells the end for address exhaustion, using NAT or paying premium prices to purchase blocks of public IP addresses. That’s one of the main reasons forward-thinking companies such as Microsoft have stood at the vanguard of full IPv6 implementation.
- More efficient addressing and routing
IPv6 simplifies network operations and improves routing efficiency thanks to its hierarchical addressing, enhanced packet handling and autoconfiguration. IPv6 also simplifies application development and enhances performance in an IPv6-only network because NAT no longer hinders traffic flows.
- Enhanced security
Internet Protocol Security (IPSec), which is optional in IPv4, is built into the stack in IPv6, creating a more secure network environment. Encryption is provided by the Encapsulating Security Payload (ESP) and authentication via Authentication Headers (AH); these protect packet contents from modification.
- Improved quality of service
Flow labels and priority fields in the IPv6 header can identify packets requiring special handling, such as default quality of service. For real-time IoT applications, IPv6 ensures more efficient data transmission, reduced latency and enhanced network performance.
RELATED: The AirServer Connect 2 generates a small, local wireless network for presenters.
What Does OMB M-21-07 Mandate?
The Office of Management and Budget Memorandum 21-07 mandates that 80 percent of IP-enabled assets on federal networks operate in IPv6-only environments by the end of fiscal 2025. The directive applies to all existing information systems, including those used, managed or operated by a contractor, another agency or other organizations on behalf of the federal government. The OMB memo spells out requirements for completing operational deployments of IPv6 and identifies potential obstacles.
Key requirements include:
- All newly acquired networked federal information systems must be IPv6-enabled at the time of deployment.
- Any systems that cannot be converted to IPv6 must be identified and justified. Schedules for replacing or retiring those systems must be developed.
- All external partners must identify systems that interface with networked federal information systems and develop plans to migrate them to IPv6.
- Public or external-facing services — and services such as web, email, Domain Name System and internal client apps that communicate with public internet services — must be upgraded as soon as practical.
Agencies may find it useful to make a more gradual transition through dual-stacking — where IPv4 and IPv6 run concurrently on the same network — as the environment moves to full IPv6. Teams will need to update network policies and tools to handle IPv6 effectively.
MORE FROM FEDTECH: Dual-stacking is key to a successful IPv6 transition.
How Can Agencies Prepare Their Networks?
A comprehensive audit of the existing infrastructure will uncover IPv4 dependencies and help teams build a transition plan. Engage with vendors to ensure hardware and software are compatible, and thoroughly train staff on security threats as well as mitigation strategies.
Testing is the key to transition success: Look to the National Institute of Standards and Technology IPv6 Deployment Monitor and IPv6 client tester site for guidance. OMB’s Guidance for Program Management of Agency Transition to an IPv6-only Environment document advises agencies that will award contracts for services required to meet the mandate. Look to General Services Administration resources when developing contracts for IPv6-compliant equipment, governmentwide acquisition contracts and commercial IT products and services. The Internet Assigned Numbers Authority (IANA), the Federal IPv6 Task Force and its list of frequently asked questions, IPv6.com and the North American Network Operators’ Group also offer a wealth of information on navigating the switch. Once the transition is complete, continuous monitoring will be needed to optimize IPv6 network performance.