

Tim Winters,

UNH-IOL

The internet — running IPv4 — has, with few exceptions, run out of addresses. Created in 1998, IPv6 fixes the problem. IPv6 implementation has been slow, particularly among businesses. To move IPv6 implementation along, NIST issued on July 12 a call for comment to USGv6 Revision 1. The intent of the revision and NIST IPv6 Profile is to have all U.S. government-connected devices and systems use IPv6 within two years, explained profile co-author Tim Winters of UNH-IOL in a call with EE Times on July 17.



Despite its 20-year existence, IPv6 still has just 25% of internet-connected networks with that capability, according to Internet Society. Winters noted that data centers and mobile-network service providers have IPv6 capability. “IPv6 is now native on smartphones, but enterprises have been slow to migrate,” he said. Data centers and service providers, however, must still connect to IPv4 user equipment even though many core networks are now native IPv6. Edge networks (Figure 1 ) carry IPv4 over IPv6 to the network cores.





Figure 1. Data centers and service providers typically run IPv6 in their core networks. Devices running IPv4 need translators at the network edge to convert to IPv6. Native IPv6 devices can communicate with the core.





“The U.S. government wants all of its equipment running native IPv6 within two years,” said Winters. Equipment that does not currently support IPv6 will need to be upgraded or replaced and then certified for compliance. To support that effort, NIST has published a capabilities table that specifies which capabilities are required, which varies depending on the class of network equipment.



The NIST IPv6 Profile is out for public review and comment. It consists of two documents. NIST Special Publication 500-267Ar1 Revision 1 2018 Draft provides technical specs. A yet-unpublished document, USGv6 Profile (DRAFT NIST SP-500-267Br1), will, according to Winters, mention areas where the U.S. government wants to require more than what's contained in the base profile. Areas such as IPSec/TLS and Network Management will be required. Network equipment manufacturers, especially those not selling to the U.S. government, will likely choose the former document. Both documents reflect improvements to IPv6 made since the original IPv6 Profile published in 2008. Figure 2 shows a flowchart of the certification process.





Figure 2. The USG IPv6 program incorporates profiles, test plans, and technical requirements. Source: NIST.





In preparation for the revised profiles, the UNH-IOL is updating its equipment and test plans. In particular, the test lab will add testing for low-power IoT devices and for applications/services such as network monitoring that will run over IPv6.



— Martin Rowe covers test and measurement for EE Times and EDN. Contact him at martin.rowe@aspencore.com



Related articles: