Nalini Elkins 2020-06-22 03:32:55
How will your organization be impacted by the Office of Management and Budget (OMB) stated direction of IPv6-only for the U.S. Federal Government? The executives of every enterprise must ask themselves, “Do you do business with any government agencies? Do you want to, or want to continue to, do so? What will your organization do when the Federal Government agencies it connects to asks that the connection be via IPv6? Do you connect to Medicare? Do you connect to the Federal Reserve? Maybe the IRS?”
The OMB is essentially calling for an implementation plan to have 80 percent of the IP-enabled resources on Federal networks be IPv6-only by 2025. If resources cannot be converted, then the Federal agency is required to have a plan to retire them. If you want to read the Call for Comment yourself, you can go to (1) https://www.federalregister.gov/documents/2020/03/02/2020-04202/request-for-comments-on-updated-guidancefor-completing-the-transition-to-the-nextgeneration and (2) https://www.cio.gov/assets/resources/internet-protocol-version6-draft.pdf.
The CEO of the American Registry for Internet Numbers (ARIN), John Curran, states, “ARIN recognizes the leadership demonstrated by the U.S. Government in planning for IPv6-only operations, and we believe it is necessary for all organizations to pay attention to this trend, and recognize that an increasing percentage of networks will rely on IPv6 to connect users to the internet.”
For an enterprise which must connect to a Federal agency via IPv6, various partial solutions (short of full IPv6 implementation) do exist. Why not take the opportunity to start thinking and planning for a network that positions itself to become IPv6-enabled and then IPv6-only since it can save costs? Google and Facebook communicate using IPv6 and have also taken steps to turn off IPv4 throughout their networks. We could do worse than to follow their lead.
This point is underscored by Latif Ladid, Founder and President, IPv6 Forum (http://www.ipv6forum.org). He says, “IPv6 is used now by over 1 billion users around the world without even knowing it. Some countries are experiencing 60 percent or greater IPv6 penetration. The remaining 40 percent lies in the hands of the enterprise world to fulfill the complete adoption of IPv6. Making the ultimate switch to an IPv6-only internet permits the deprecation of the IPv4 internet as recommended by the U.S. OMB, and reduces the costly and complex maintenance of two parallel networks. The management of the enterprises should consider reducing CAPEX and OPEX by looking at the examples of the top internet technology enterprises that have already implemented IPv6-only in-house.”
IPv6 implementation is not limited to the large internet-based companies. Some brick-and-mortar enterprises have spoken publicly about their efforts in adoption and migration to IPv6. You may be interested in the recent presentation by Wells Fargo Bank at the National Cybersecurity Center of Excellence (NCCOE) at the National Institute of Standards and Technology (NIST) where they spoke candidly about “the good (almost painless) and the bad (feature gaps)” in their journey. (https://www.nccoe.nist.gov/sites/default/files/04-Burns-IPv6 at a Large Enterprise 2019.pdf)
Having said that, Wells Fargo remains a relatively isolated early adopter. Many brickand- mortar enterprises globally have delayed transitioning to IPv6. Their reluctance is understandable. It seemed there was no compelling immediate business reason. That is, no profit but only costs to be borne in terms of network transition and retraining people. As some have put it—what is the killer app that requires IPv6?
Many organizations in the U.S. also have large blocks of unused IPv4 addresses. They were not running out of IPv4 addresses, so why change? The possibility that change may bring with it unknown and intractable problems looms large. While consciously deferring, no efforts were made to become aware of IPv6 and the benefits it can provide. No blame is to be attached here. The day-to-day life at enterprises is filled with troubleshooting, patching security vulnerabilities and just trying to keep the network active. Where is the time to plan for the future?
The author had a recent conversation with a senior architect at a major U.S. Federal Government agency regarding transitioning to IPv6. The architect said that one of their mission-critical computer applications was written in the 1970s. While they have the source code, no one at the agency is familiar with the application, nor do they have the funds to hire external resources. So, there may well be some U.S. Federal agencies that will have trouble fulfilling the OMB mandate without additional assistance.
Much as one might wish otherwise, a great many organizations in the Western world are in a position where no one in the organization is familiar with some of the applications they use, nor do they have funds to hire external assistance. The problem may be that of “First Mover Disadvantage.” The U.S. and Europe were first to computerize processes in the 1970s using mainframe technology; yet, as we have moved to a world of cell phone apps, the initial applications remain.
First Mover Disadvantage may also be applied to the network infrastructure built on IPv6. Emerging economies, such as India’s, not having the luxury of seemingly unlimited IPv4 addresses, have moved to adopt IPv6. The story of Reliance Jio, the largest mobile provider in India, may prove instructive.
In approximately two years, Reliance Jio singlehandedly took India to the leadership position in IPv6 penetration of any large economy by having an IPv6-only backbone. Take a look at Akamai’s State of the Internet Report on IPv6 adoption (https://www.akamai.com/uk/en/resources/our-thinking/state-of-the-internet-report/state-of-theinternet-ipv6-adoption-visualizati).
As you can see, India is second only to Mayotte, a region of France (see Figure 1). Mayotte is a small island with a population of about 273,000. India has a population of nearly 1.4 billion people. India has a young population and wide cell phone penetration.
When visiting any of the technology hubs in India, the presence of Western organizations is inescapable. The large banks, technology companies, retailers all have a presence in India. Many of these organizations are islands of IPv4 amid the sea of IPv6 in India. The decision to move to IPv6 is made in the U.S.— not by the overseas operation.
In fact, many, if not most, provider networks (ISPs) in the U.S. as well as worldwide, are IPv6-capable. Looking at measurements from the World IPv6 launch (https://www.worldipv6launch.org/measurements) shows the IPv6 deployment by ISP throughout the world (see Figure 2).
Despite being connected to IPv6-capable backbones (wireless and wireline) in much of the world, enterprises are IPv4-only islands in a sea of IPv6 connectivity—even in the developing world.
Part of the problem with the adoption of IPv6 is also one of the persistent issues in internet governance and standards—the lack of involvement by large brick-and-mortar industries in creating those standards. Such industries are the backbone of the economic system yet are not involved in internet governance. The lack of adoption of IPv6 at such enterprises highlights this problem clearly.
This is a tricky area, as enterprises are not specialists in internet standards and do not clearly understand how and why they should be involved. That is, it takes a lot of work and it does not add to the bottom line (in the short term) to have people involved.
The problem is that the internet is a shared resource or common good, much as a local park or historical site is. The often cited “tragedy of the commons” may be at play. The tragedy of the commons is a situation in a shared-resource system where individual users, acting independently according to their own self-interest, behave contrary to the common good of all users by depleting or spoiling the shared resource through their collective action” (https://en.wikipedia.org/wiki/Tragedy_of_the_commons). That is, no one person is responsible for a shared resource, so no one takes responsibility for maintaining it. Yet, the internet and the internet protocols must evolve. If they become ossified, then new enhancements for security and performance cannot happen. The lessons of COVID-19 should teach us that we are not isolated individuals; rather, we impact each other in a complicated web. Without the internet, the pandemic would have impacted us far more negatively than it has.
Just as we have shared resources, we have shared problems. The problems of technical debt at large enterprises, the difficulty of conversion and migration to new protocols and the speed of technical change are all problems, not of any one organization, that we as a technical community need to collaborate to solve. As Martin Luther King said, “We must live together as brothers or perish together as fools.”
One place such problems can be solved is via the internet standards bodies. The Internet Engineering Task Force (IETF) has a history of solving extremely complex, global problems. Fred Baker, former Chair of the IETF, who was involved in many of the congestion-related issues facing the internet, states, “Enterprise networks are an important part of the internet ecosystem. They do not need to solve their problems on their own. We must work together globally to solve some of their difficult problems.”
In fact, some technologists have formed a non-profit consortium with the express intent of helping large enterprises navigate these waters. Cathy Aronson, Board Chair of Industry Network Technology Council (INTC), says, “INTC is a nonprofit membership organization founded in 2019 to bring enterprises, academia and government organizations together to promote education and collaboration on current and evolving Internet Standards in a vendorneutral environment.”
The migration to IPv6 will not happen overnight. Conversion to IPv6 will likely surface underlying fault lines in large organizations—much as COVID-19 has done in many countries. There has been a great deal of hype and overselling of IPv6 protocol features. Yet, the truth remains enterprises in the West have a disproportionate impact on the state of global technology. We must evolve. IPv6 really does have important features, such as embedded performance and diagnostics, which can help enterprises. We need to work together to deeply consider the real problems and create real solutions. Many in the technology community stand ready to help.
ARIN has funded INTC to do free IPv6 training for enterprises. Hundreds of people from all over the world have already attended. For the next grant cycle, we are exploring taking on the area of application conversion. We hope to work with all the Internet Registries on this (ARIN, LACNIC, RIPE, AFRINIC and APNIC). We also hope to have five large organizations from each of these internet regions working with us. We can then start to tackle these common problems quietly and methodically.
Please contact president@industrynetcouncil.org or chair@industrynetcouncil.org if you want to be involved.
Nalini Elkins is President of the non-profit industry consortium, Industry Network Technology Council (www.industrynetcouncil.org). she has worked in telecommunications for over 30 years. she is a software developer and author of Internet standards, specializing in IPv6 and performance metrics for large broadband networks. email: president@industrynetcouncil.org
©Enterprise Systems Media. View All Articles.