The multi-year switch to IPv6

Floating Blocks in digital space representing IPv6

The move from IPv4 to IPv6 is not a simple changeover but a multi-year process that involves significant time and investment from government bodies and large corporations.

This process started as far back as 2003 within the U.S. government and has continued to gain more traction in recent years slowly, says Ralph Wallace, Principal Enterprise Architect (IPv6 Lead) for Verizon Public Sector.

IPv6 is an Internet Protocol version that defines 128-bit IP addresses and can account for an almost limitless number of unique devices, making them directly addressable over the Internet.

Wallace has been working with IPv6 since at least 2004 and in his last position at IRS led the deployment of IPv6 across the revenue service and the rest of the U.S. government.

This includes a 99% dual-stack deployment, with the upcoming capability to remove IPv4 from the network. He was instrumental in the 2020 v6-only memo as well as a significant part of the 2012 USG adoption of the IPv6 plan.

Slow and steady wins the IPv6 adoption race

Wallace notes that about 50% of the visitors using the IRS website today are using IPv6. He added that this has been a slow and steady adoption that is now speeding up, thanks partly to a concerted effort by various government departments to make it a priority.

This process has seen further prioritisation within the last two years as the federal government sees it as a security issue and now requests various departments to report on their progress towards upgrading to IPv6. At this pace, he sees 20% adoption by the end of 2023.

One of the biggest hurdles to convincing companies to adopt the standard is showing a positive return on investment, and now that it’s possible to demonstrate this thanks to better data, he sees it speeding up in the coming years. Wallace added that IPv6 can save businesses tens of millions of dollars per year.

Cybersecurity issues

Speaking specifically on IPv6 adoption by the government, Wallace said that there are distinct differences between IPv6 and IPv6 cybersecurity elements. These include:

    • Ensuring that plans for full support for the production of IPv6 services are included in all IT security plans, architectures and acquisitions.

    • Ensure that all systems that support enterprise security services (Eg. identity and access management systems, firewalls and intrusion detection/protection systems, end-point security systems, security incident and event management systems, access control and policy enforcement systems, threat intelligence and reputation systems) are IPv6 capable and are capable of operating in IPv6-only environments.

    • Follow applicable Federal policies, guidance and industry best practice guidance for the secure development and operation of IPv6 networks. Ensure that all security and privacy policy assessment, authorisation and monitoring processes fully address the production of IPv6 in Federal information systems.

The end of IPv4

Wallace said that the finalisation of IPv6 as a new standard would effectively happen over three key stages in the coming years:

    • Most application software and non-backbone devices will automatically switch to IPv6 when they are upgraded/refreshed;
    • Network backbone devices will support both IPv4 and IPv6 network communications while applications and other devices transition;
    • IPv4 is sunsetted.

You can read more about the move to IPv6 and how it will unlock the true power of the BSV Blockchain here.