Should DOD put IPv6 back on the front burner?

Remember the IPv6 crisis? Four years ago, after the Internet Assigned Numbers Authority (IANA) allocated the last blocks of IPv4 address space to the five regional registries around the world, the need to switch to IPv6 was talked about with the urgency of correcting Y2K date code in December 1999. The message at the time: Get with the new protocols or get left behind on the mobile, everything-connected Internet.

Since then, the issue has dropped mostly off the radar, as engineers found ways to milk more use out of IPv4 addresses and organizations found plenty of other things to worry about. Now, however, IPv6 could be an issue whose time has returned, a point underscored by a recent Defense Department inspector general report on DOD’s failure to keep up with the IPv6 transition.

The report, issued in December 2014 but publicly released in a redacted version earlier this week, notes that DOD made plans for IPv6 conversion in 2003 and hit some of its target dates, including demonstrating IPv6 on the department’s network backbone in 2008. But in recent years the department has missed a series of deadlines, including converting email, Web and Domain Name Systems to IPv6 by the end of fiscal 2012, and using IPv6 for DOD applications and networks by the end of fiscal 2014.

Among the reasons for the drop-off in activity: the costs of the transition, a lack of people trained to handle the protocols, security concerns over running a “dual stack” of both IPv4 and IPv6 during the transition and a lack of coordination among various DOD components. In response comments to the report, DOD also alluded to a lack of a sense of urgency, saying it has enough IPv4 addresses to support future operations.

But as the IG report notes, there are good reasons for making the switch, including IPv6’s better security and support for mobile computing, not to mention the capacity to accommodate all the IP-connected drones, sensors, munitions and countless battlefield systems the military is developing. DOD may have stockpiled plenty of IPv4 addresses for the immediate future, but the number of those addresses is finite and they are running out.

IPv4, which was released in 1978, before most people had heard of the Internet, has a 32-bit address format, which equates to about 4.3 billion IP addresses. When IANA released its last blocks of addresses to the regional registries in 2011, the American Registry for Internet Numbers, which serves North America, had more than 86 million IPv4 addresses available. In February 2014, that number was about 24 million.

As of March 18 this year, ARIN’s blog said it was down to “.31 of a /8.” Translation: A /8 (pronounced “slash eight”) is a block with 16,777,216 addresses, 31 percent of which comes out to about 5.2 million addresses left. According to one site that tracks IPv4 address depletion, ARIN could run out as early as June, following other regional registries, such as the one serving Asia, which ran out in 2011, and Europe, which ran out in 2012.

What happens when IPv4 addresses are used up entirely? Aside from a lack of address space for new devices and applications, one example cropped up in June 2014, when Microsoft ran out of its U.S. IPv4 addresses. Users setting up virtual machines on a U.S. region of the company’s Azure Cloud had their Web pages redirected to international sites, so they appeared to be based outside the United States. Microsoft explained that its U.S. addresses were fully assigned so it had to make use what whatever was available around the world.

IPv6 would eliminate such dilemmas. It uses a 128-bit address format, which produces a nearly unlimited number of IP addresses—the DOD IG’s report puts it at 340 trillion trillion trillion, more than enough to handle the Internet of Things and all of the connected devices DOD is planning as part of its future operations.