DoD research agency leads IPv6 transition

Thursday - 11/11/2010, 7:21am EST

WFED's Max Cacas

Click below to hear the report

Download mp3

By Max Cacas
Reporter
Federal News Radio

When it comes to compliance with the Internet Protocol Version 6 transition mandate for federal agencies, the Defense Research and Engineering Network is way ahead of the curve.

"We took our entire nationwide backbone which at the time was 100 sites, now it's 200 sites, [and] dual-stack enabled it," said John Baird, the IPv6 transition manager for DREN, Wednesday at the Digital Government Institute's "Government IPv6: What to Expect in 2011" conference in Washington. "That's the operations, the security, the configuration management, we have our own network operations center, our own Computer Emergency Readiness Team. We didn't turn it off, and do some ping tests, we've been running 24/7 since 2003."

DREN is running smoothly on IPv4 and IPv6 on its supercomputing networks at a time at a time when the rest of the government faces looming deadlines to make the change.

The Office of Management and Budget and the CIO Council issued IPv6 transition guidance in September. The guidance set a series of deadlines beginning in 2012 when agencies must upgrade public facing external servers and services. By 2014, agencies must move internal client applications and communications infrastructure to IPv6.

This guidance comes after OMB mandated agencies in test IPv6 on their network backbones in June 2008.

Baird said DREN's primary mission is the big reason why his agency wasted no time in embracing the new Internet protocol.

"We are part of a larger program that supports supercomputing for the DoD research community," he said. "We have six large supercomputing centers across the country, and nine other smaller centers and user sites. We developed a process that allows us to go in and quickly dual-stack the infrastructure there."

The term "dual stack" refers to the practice of making IT networks able to handle data traffic from both IPv6 and IPv4.

There is an urgency in the need to prompt agencies to make their transition because the addresses under the IPv4 protocol are being depleted. On the other hand, the IPv6 protocol contains 340 trillion-trillion-trillion device addresses, more than enough to handle the growing number of internet-connected devices.

Baird said that unlike many government agencies that have to support a wide variety of applications, DREN's networks have one core legacy application linking the mix of government, academic and industry members:

"For us that was Kerberos," he said. "Because that's what allows our distributed user community talk to the computers over the network."

Baird said Kerberos is a wide area network used by staff and researchers in 26 states that provides encrypted remote access that users authenticate once.

While there are many to measure DREN's success with their IPv6 transition, Baird said one stands out above the others. "Less than half of the people are close to their computers. That means the rest are remote. They have all been using an IPv6 enabled client kit and don't even know it."

Baird said DREN made it through their transition without a huge uptick in either resources or staff since launching their IPv6 more than seven years ago. And he said the speed with which individual DREN centers transitioned depended on its relative size, with smaller agencies taking as little as a month for a technology-refreshed network.

Baird said the one key to IPv6 success is to "Think Globally," which means CIOs are under mandate to pay close attention to their IPv6 transition such as budget, acquisitions and management, while at the same time, they need to "Act Locally," taking advantage of the opportunity afforded by networks to start small, trying experimental solutions to IPv6 problems and then building upon that success.

(Copyright 2010 by FederalNewsRadio.com. All Rights Reserved.)