Making the Switch

Getting agencies ready for the Internet's next generation won't be easy.

It's the next big thing, though nobody quite knows how to use it yet. The Office of Management and Budget has made it into a can't-miss deadline, even though it's inevitable. It's going to change everything, but outside of technologists, few have heard of it. It's Internet protocol version 6, the newest way to send information over a network.

An August 2005 OMB mandate requires federal agencies to have enabled their network backbones to handle traffic from the next generation of Internet protocol by June 30, 2008. The directive has generated both attention and consternation. Attention because proponents say it's genuinely forward-thinking. Consternation because OMB has told agencies they'll get no more money to make the switch. It's another unfunded mandate, some agency officials say, one more in a growing pile. "One crisis at a time," says an agency manager.

But wise people say to consider the OMB directive as just the first step in what will be a years-long migration to IPv6.

Ordinarily, the way computers divide data into tiny packets for transmission through routers is of little concern to most people. Today's Internet protocol, version 4, has worked fine for decades. But it's approaching obsolescence. The number of available IP addresses under IPv4-4.3 billion-could run out sometime between 2008 and 2013 (though that estimate doesn't take into account unused IP addresses warehoused by hoarders). Networks already must resort to workarounds for squeezing out extra connectivity by having many computers share a single IP address through middlebox devices interposed between users and the Internet. IPv6 can restore the original Internet vision of end-to-end connectivity by increasing potential IP addresses to 340 trillion trillion trillion-or 340 undecillion-more than the stars visible in our universe (about 70 sextillion).

It's a revolutionary leap, supporters say. Soon, everything will have an e-mail address: watches, soldiers' rifles, pallets of materiel, the printer down the hall and the coffee machine. People will be always connected-truly mobile anywhere they go, unchained from the desktop. The disappearance of middleboxes can enable far easier peer-to-peer sharing, creating possibilities such as videoconferencing on demand. And IPv6 contains other features, including authentication and encryption at the user level, making local area networks safer. IPv6 devices automatically configure themselves into networks, too.

The first step is to get the infrastructure ready, which is what OMB is pushing agencies to do by 2008. But agencies can satisfy the directive without converting fully to IPv6 by having on hand a machine able to handle IPv6 traffic. This is why OMB says agencies don't need additional funds-the executive agency isn't calling for a forklift upgrade, just some judicious tweaking. In fact, the extent to which IPv6 really needs to penetrate federal networks to satisfy OMB's compliance checkers is debatable.

"This is going to take a number of years and we're going to proliferate it on an as-needed basis," says David Cheplick, IPv6 transition manager at the Veterans Affairs Department.

Even minimal compliance costs money, however, and creates complications of its own. "It's not going to be, from a network management perspective, cost free," Cheplick says. In fact, a January Commerce Department IPv6 task force report predicted that as long as organizations support both protocols, network operation costs will increase. Security vulnerabilities will escalate, too, in the short term, because hackers reveal new exploits and technology staffs lack experience with the latest protocol. Human labor by far will constitute the largest expense in the IPv6 transition, the report added. OMB is not accounting for those costs, critics say, because it is treating the transition as merely a technology refresh.

Even full compliance with the OMB directive by itself does little to foster a world of billions and billions of talking devices. For that to occur, IPv6 must go beyond network backbones to user devices. The real question about the future of IPv6 in the federal government, say some agency officials, is what will happen after the June 2008 deadline. What should happen, says Pete Tseronis, the Education Department's director of network services, is a series of milestones leading to native IPv6 predominance in federal IT systems.

Getting budget offices to sign on to such a vision of the future is tough, agency officials admit. So far, IPv6 is no more than unrealized potential. The current system works fine for now. And application developers have yet to design the killer application that will make everybody rush to switch. But look at all the IPv4 applications available that once weren't even considered plausible, officials say. "Start now, so you get yourself ready in three to five years to be able to support [IPv6]," Cheplick says.

Tseronis agrees, saying, "This story has just begun."