IPv6 looms on the horizon
The Social Security Administration is ahead of the pack as agencies get ready for the transition
- By Matthew Weigelt
- Jul 31, 2006
In 2000, senior network advisers at the Social Security Administration saw IPv6
twinkling on the horizon and realized it would be the next frontier in technology. Showing more vision than many agencies, SSA began to prepare for the arrival of IPv6 just as the adrenaline rush to fix the Year 2000 programming bug had begun to fade.
“We knew it was coming,” said Mark O’Donnell, executive operations branch chief in the Office of Telecommunications and System Operations at SSA.
SSA’s program managers wanted to prepare for the new technology in evolutionary phases rather than wait and play a last-minute game of catch-up that would force the agency to make hasty changes. The managers made their choices for technology upgrades by looking forward to the slowly maturing IPv6.
SSA officials knew IPv6 would eventually replace the current protocol used throughout most of the Internet. The technology offers a much larger number of potential Internet addresses, advanced security and other features.
SSA acquired a large block of IPv6 addresses in 2001. Although the agency did not need specific IPv6-ready applications and products at the time, its managers began working to build an IPv6 infrastructure.
Some of the early predictions about IPv6 have faded, but the Office of Management and Budget has set a 2008 deadline for agencies to upgrade their network backbones. Most agencies are struggling to plan and carry out that transition without additional funding while continuing to operate their existing networks.
SSA’s early start gave it an advantage when OMB set a concrete deadline, O’Donnell said. “We were probably two years ahead of them in terms of actively moving to IPv6,” he said.
Where agencies stand along the road
Most agencies have not progressed as SSA has. In a survey released earlier this year, Cisco Systems and Market Connections found that fewer than 8 percent of agencies have completed transition planning, let alone made the transition.
Some agency officials question the need for a transition, given that IPv4 is doing the job. But technology evolves when new versions emerge, said Peter Tseronis, director of network services at the Education Department and co-chairman of the CIO Council’s IPv6 Working Group. “Think about the vision of where the to-be will be,” Tseronis said.
The deadline of June 2008 for agencies to upgrade their network backbones “is necessary to maintain focus on this important issue,” said Karen Evans, OMB’s administrator of e-government and information technology, at a June 29 House Government Reform Committee hearing.
“The transition to IPv6 is already taking place,” Evans added. Many agency networks have IPv6-capable software and hardware. Most operating systems, routers and switches support IPv6.
Nevertheless, the transition will be challenging. Agencies must figure out which hardware they need to replace and what services they can eliminate or consolidate. They must consider how their network supports the agency mission — and all that with little guidance.
The CIO Council’s IPv6 Transition Guide cautions that the switchover will not be easy. “Since IPv6 is the ‘next-generation’ IP and introduces new standards, agencies are faced with the challenge of limited IPv6 transition ‘success stories’ on which to model their enterprise transformation strategy,” it states.
“You are going to encounter problems you’re never going to imagine,” said David Nelson, former deputy CIO at NASA and now an executive at the Input Consulting Group.
Nelson said he agreed that the lack of prior experience to help guide agencies through the IPv6 transition will be one of the toughest challenges. Employees who have made the transition
are in short supply. When agencies find them, they are valuable assets.
In a Cisco/Market Connections survey, 45 percent of respondents said a lack of time and experienced employees is a big challenge as they make the transition to IPv6.
Vic Berger, CDW Government’s lead technologist and field solutions team manager, said many IT departments are stretched and overworked. As if they didn’t have enough to do already, they now must inventory their entire infrastructure and every device that has an IP address. That takes time and diverts them from other duties, he said.
Experts advise taking the seemingly overwhelming task of building an IPv6-capable network backbone one step at a time. “Break it down,” said Tom Patterson, founder and chief executive officer of Command Information, a consulting firm specializing in IPv6. A step-by-step approach will make the transition easier, he said, especially when no additional funding is available for the task.
Back to school
“Far and away, people in the federal government are in the IPv6 education mode,” Patterson said. They need education about how to make the transition and take advantage of the protocol’s features and functions, he said.
A good IPv6 education should convey how the protocol can enhance an agency’s IT and business systems, Patterson said. Technical employees and Senior Executive Service officials should be taught how it will affect them. Technologists, for example, need to understand the security risks related to IPv6. Agencies must develop an overarching IPv6 architecture that can facilitate future technologies.
Senior officials with a business perspective on the transition should have an opportunity to see the business benefits of the IPv6 mandate, Patterson added.
“It comes down to a point where it’s not as mystical as you thought because you are still transmitting the same data from point A to point B,” said Rich Terzigni, senior network adviser at SSA’s Office of Telecommunications and System Operations. For most applications, using IPv4 or IPv6 doesn’t matter, he said.
“Focusing on the big-picture benefits means that IPv6 should be driven from the top down versus from the bottom up,” said Bruce Klein, Cisco’s federal segment vice president. Unfortunately, many agencies believe that IPv6 is an issue for their IT department and not a driver of tangible business benefits, Klein said. That’s the wrong perspective to have, he added. The transition will affect everyone, although in some cases, the impact will not be readily apparent.
SSA has a lab in which O’Donnell and Terzigni test each step in their transition as they build a dual-stack network capable of using either IP version. The lab, as Terzigni described it, is where they kick the tires of the new network. Similar labs have sprung up throughout SSA for employees to test mainframes, communication systems and applications on dual IP networks.
“When we get a network working, [agency offices] are going to upgrade their applications labs so that when they throw in an application on top, crank it through the sausage-maker, it comes out like they want it to in the end,” Terzigni said.
But many say the toughest challenge facing agencies is finding money for the transition. OMB has provided no funding for the conversion, believing that agencies can find the resources. Future benefits on which to build a business case are difficult for agency officials and budget-makers to nail down, especially when the current system works.
“You constantly need to resell your business case,” Tseronis said, adding that the case will solidify as the technology develops.
Because support for an initiative can deflate quickly, Tseronis said agencies should get people who understand IPv6’s value from a variety of perspectives — including information assurance, contract management and enterprise architecture — to demonstrate its impact.
“The huge lesson learned for me is truly taking an IT initiative and treating it as a strategic initiative,” he said.
Chasing the dollars
When OMB issued its mandate in 2005, Tseronis saw it as a challenge for the Education Department. “It was not so much overwhelming, but it was more [a realization that] I’ve got to get the right people on the team,” he said.
The people whose support would be necessary worked in various parts of the department. It was not enough to get managers from the operations and maintenance offices, with whom he often worked. “We had to get the proper champions and senior officers to get behind us,” Tseronis said.
He said he believed he could undertake the challenge, but it wasn’t a task for a single person. Once he brought the chief financial officer and the politically appointed agency leaders aboard as supporters, he had the people whose patronage he needed and who would supply the money.
Funding still lies at the core of much of the IPv6 challenge. About 65 percent of participants in the Cisco/Market Connections survey said that funding and budgets were their top challenges.
“The strong business case of early and rapid implementation has yet to be successfully made,” said Gerald Charles, executive adviser at Cisco Internet Business Solutions Group. “The market focus needs to move from cost and technology issues to business benefits and applications.”