This strategy only works if the products we can buy now are in fact IPv6 capable. Yes, they have some minimal v6 capabilities, but seriously lack features and functions essential for our communications. It is possible that many of the devices will be software-upgradable to add capabilities like security, network management and CoS, but there's no guarantee that the products we can purchase today, which currently lack these IPv6 capabilities, won't have to be replaced to get IPv6 capability. DoD started on this strategy in 2003, with the mandate "Thou shalt buy IPv6-capable products." Nothing purchased in 2003 is adequate to accomplish IPv6, unless you want to accept 0.2% throughput capability and no features (2 Mbps on Gigabit Ethernet links). The situation is a little better now, but still critically lacking. Yes, the strategy is sound, as soon as the products exist to purchase.
The main point of this article is that the Feds are not implementing IPv6 as mandated. What the article fails to reveal is that industry is not making IPv6 products that will encourage implementation of IPv6. If I want to implement IPv6 on my production network, I have to step backwards in capability from my IPv4 network. When the mandates were first published (DoD in 2003, OMB in 2005), the expectation was that industry would rush to produce IPv6 capabilities, equivalent or better than currently available in IPv4. Reality has been quite different. The Department of Defense and the US Govt just don't have the influencing power over industry that they once had, because they make up a much smaller percentage of the marketplace now.
What we need from industry are advanced capabilities in IPv6 products - products that utilize IPv6 mobility and auto-configuration, and of course security, in ways that IPv4 cannot. When applications exist that can do things in IPv6 that they cannot do in IPv4, then the incentive to migrate will finally be positive. Right now, we can't even get basic security capabilities for our IPv6 networks. Network management over IPv6 is all but non-existent and advanced IPv4 features, like multicast and prioritization, are supported in only a few IPv6 products. Security, though, is the biggest hold-up, and it isn't because OMB did not mandate implementation of IPv6 security. It is because the commercial products don't exist. Federal agencies are not going to implement IPv6 with gaping security holes.
The DoD and OMB mandates provided a target on the wall, a target that we are obviously not going to hit, but one that we continue to at least aim at. Hopefully the target will continue to provide incentive to industry to provide the IPv6 products needed, not only by the first responders (DoD, Emergency workers), but by all of the federal government.
Slashdot Mirror
This strategy only works if the products we can buy now are in fact IPv6 capable. Yes, they have some minimal v6 capabilities, but seriously lack features and functions essential for our communications. It is possible that many of the devices will be software-upgradable to add capabilities like security, network management and CoS, but there's no guarantee that the products we can purchase today, which currently lack these IPv6 capabilities, won't have to be replaced to get IPv6 capability. DoD started on this strategy in 2003, with the mandate "Thou shalt buy IPv6-capable products." Nothing purchased in 2003 is adequate to accomplish IPv6, unless you want to accept 0.2% throughput capability and no features (2 Mbps on Gigabit Ethernet links). The situation is a little better now, but still critically lacking. Yes, the strategy is sound, as soon as the products exist to purchase.
What we need from industry are advanced capabilities in IPv6 products - products that utilize IPv6 mobility and auto-configuration, and of course security, in ways that IPv4 cannot. When applications exist that can do things in IPv6 that they cannot do in IPv4, then the incentive to migrate will finally be positive. Right now, we can't even get basic security capabilities for our IPv6 networks. Network management over IPv6 is all but non-existent and advanced IPv4 features, like multicast and prioritization, are supported in only a few IPv6 products. Security, though, is the biggest hold-up, and it isn't because OMB did not mandate implementation of IPv6 security. It is because the commercial products don't exist. Federal agencies are not going to implement IPv6 with gaping security holes.
The DoD and OMB mandates provided a target on the wall, a target that we are obviously not going to hit, but one that we continue to at least aim at. Hopefully the target will continue to provide incentive to industry to provide the IPv6 products needed, not only by the first responders (DoD, Emergency workers), but by all of the federal government.