HomeNewsArticle Display

AFNIC prepares Air Force for IPv6 transition

U.S. Air Force Graphic/Travis Nuckolls

U.S. Air Force Graphic/Travis Nuckolls

SCOTT AIR FORCE BASE, Ill. -- The Air Force is preparing to undergo a major transition of its non-secure internet protocol router network, or NIPRNet, and if it goes as planned, you'll never notice.

The Air Force Network Integration Center is leading the Air Force's transition from the current Internet Protocol addressing format IPv4 to IPv6, and laying the groundwork to ensure the switch happens seamlessly. While the transition will remain transparent to Airmen, IPv6 will ensure continued global communication and enable new capabilities for the warfighter by providing a vastly larger number of network addresses to support new, intelligent appliances, sensors and effects.

Internet Protocol is the way in which computers and other networked devices identify themselves and communicate over the Internet. All devices - including computers, game consoles, phones and printers - connected to the Internet are assigned unique IP addresses. IPv4 is the current standard but its 32-bit address format provides only about 4.3 billion unique addresses. With the skyrocketing global demand for IP addresses to accommodate Web-enabled devices, IPv4 addresses are about to run out. However, IPv6 has a 128-bit address space that provides about 340 undecillion unique addresses, i.e., 340 followed by 36 zeros - basically unlimited. The protocol also integrates some capabilities and security features that were not initially part of IPv4.

The Department of Defense recognized in the early 2000s that an eventual transition to the next version of Internet Protocol would be required, not only to gain more addresses, but to continue vital communication with allies and the commercial world. It will also provide better visibility of and protection against adversaries and hackers with IPv6.

"The DoD has enough [IPv4] addresses to support itself; however, those we communicate with also need addresses," said Doug Fry, AFNIC's IPv6 Lead Engineer. "If they no longer have IPv4 addresses, then we can't communicate with them."

In 2003, the Air Force Chief Information Officer designated the Air Force Network Integration Center (then known as the Air Force Communications Agency) as the Transition Management Office for the service's IPv6 upgrade. As such, a team of AFNIC engineers and support personnel track Air Force information technology investments and guide programs to ensure they are prepared for the transition, properly pursue funding and implement IPv6 capability. They also developed the Air Force's IPv6 transition policy and actively assist in conversions of base networks across the Air Force.

"Since IPv6 and IPv4 do not talk to each other, we have to add a v6 address to everything that already has a v4 address," said Dave Kristof, AFNIC's IPv6 Contract Lead. "The plan is to go 'dual stack' and run both address schemes in parallel for the next 10 to 15 years."

"For day-to-day business when you send an e-mail or surf the Web, you won't know whether you're using v4 or v6; you shouldn't have to care," said Mr. Fry. "But the vision is to allow warfighters the ability to do far more things with the network."

According to Mr. Fry, transitions will occur in three phases, or milestone objectives. AFNIC's IPv6 team is currently focused on helping bases comply with IPv6 requirements and transition to the first level Milestone Objective (MO1). Eglin Air Force Base, Fla., volunteered to be the first to transition; its MO1 implementation in 2009 converted all infrastructure equipment and went very smoothly. The entire base network, to include all core services, will transition to IPv6 in the near future. Travis AFB, Calif., is the only other base that has completed an MO1 thus far; a few other bases will begin MO1 implementation soon.

"Planning the transition is the longest part of the implementation," said Tiffiny Smith, an AFNIC IPv6 Information Assurance Consultant. "However, once a base has ensured its equipment is IPv6 capable, completed the necessary documentation and approvals, and obtained their address space, the actual implementation can be completed within three days by two technicians." She added that the total implementation time depends on many factors but, on average, the entire process to convert a base takes about nine months.

To help expedite the deployment of IPv6 across the federal government, the U.S. Office of Management and Budget recently mandated that public-facing Web servers (such as base public websites) be IPv6 enabled by fiscal year 2012 with the remainder of the NIPRNet enabled by fiscal year 2014. To help demonstrate that the new timeline is not an overwhelming task, three DoD Websites, including www.af.mil, will participate in "World IPv6 Day" in June. According to the Internet Society, on June 8 several major organizations will offer their content over IPv6 as a "test flight" to raise awareness and motivate organizations across the industry to prepare services for IPv6 to ensure a successful transition. This test will likely be transparent to Airmen, as the Internet address and information will look exactly the same as it does via IPv4. In fact, the only way people will be able to tell if their base has transitioned is by checking their computer's IP address.

"The goal is to make the transition transparent to the user," said Mr. Fry. He added that while the Air Force's transition will remain transparent, it's important for Airmen to realize that IPv6 is not just a DoD effort, it's worldwide and personal equipment will eventually need to be upgraded by users to be IPv6 capable.

"IPv6 is an enabler just like electricity was when it came into houses 100 years ago," said Mr. Fry. "It was first used to turn on lights so people could read, but was eventually used to turn on refrigerators, microwaves, computers, etc. While IPv6 doesn't have a 'killer app' driving its need, it's a 'killer enabler' that's going to allow us to do far more with the network in the future."