6Sense: Generating New Possibilities in the New Internet.
Produced by: IPv6 Summit, Inc.

DoD IPv6 Technology Insertion Program
Dr. Charles Lynch, Chief DoD IPv6 Transition Office and
Dr. Osama Mowafi, VP and CTO Networks, SI International Inc.

The Department of Defense (DoD) IPv6 Transition Office (TO) was established by direction of the Office of the Secretary of Defense (OSD) in March 2004 to provide overall coordination, common engineering solutions, and technical guidance for the adoption of IPv6 across the DoD. The DoD communications infrastructure is a complex system of systems that will require reengineering from the network layer up to the application layer to support IPv6. Engineering guidance and coordination is needed to ensure that each component system follows a set of standards and common procedures to achieve overall system integration and interoperability. The DoD IPv6 TO is leading the engineering initiative to examine common technical solutions for IPv6 technology insertion to support an integrated and coherent transition.

Members of the DoD IPv6 TO and support staff will present the status of current efforts on December 9th at the 2004 IPv6 Summit in Reston, VA. Topics to be presented include:

  • The DoD definition of IPv6 capable,

  • DoD IPv6 standards analysis,

  • DoD IPv6 Information Assurance (IA) risk management,

  • DoD IPv6 test and evaluation planning,

  • DoD IPv6 Domain Name System (DNS) infrastructure planning,

  • DoD IPv6 applications transition planning, and

  • DoD IPv6 ad hoc networking.

1. The DoD definition of IPv6 capable
“As of October 1, 2003, all Global Information Grid (GIG) assets being developed, procured, or acquired shall be IPv6 capable” as stated in the June 2003 DoD Memorandum from the Assistant Secretary of Defense/CIO Mr. John Stenbit. The DoD IPv6 TO is developing the process to establish and define IPv6 Capable. This definition is intended to assist with network engineering and implementation efforts by specifying the common foundational IPv6 requirements needed for technical interoperability; the DoD acquisition community by establishing the baseline qualifying criteria; and the vendor community by announcing the critical IPv6 technologies needed by the DoD. The IPv6 Capable definition under development will be a multi-dimensional matrix of requirements linking approved standards as captured in the Joint Technical Architecture (JTA); program phase such as Authority to Operate (AO) and Operational Capability (OC); functional class such as router, host, security device, software; and level of IPv6 functionality indicating complexity and completeness of implementation.
 
2. DoD IPv6 standards analysis
A significant component of the IPv6 Capable effort will be continuous analysis of and participation in the activities of IPv6 standards organizations. The DoD IPv6 TO will coordinate between the DoD and industry IPv6 stake holders to champion the development and use of international standards for IPv6. Further, the standardization process influenced by DoD operational requirements is viewed by the DoD IPv6 TO as a method of facilitating the development and growth of IPv6 technology. Categories of critical need to the DoD during the IPv6 transition have been identified by the DoD IPv6 TO and both existing and maturing standards have been mapped to and prioritized within each topic area. The TO will continue to evaluate standards development and monitor the evolution of the Joint Technical Architecture.

3. DoD IPv6 Information Assurance (IA) risk management
Information Assurance (IA) for IPv6 deployments requires that all the applicable network security threats and vulnerabilities associated with IPv6 are enumerated and understood, and that risk be sufficiently mitigated in order to meet DoD certification and accreditation criteria before achieving Approval to Operate (AO). The DoD IPv6 TO has developed a security risk management framework and process that will help DoD managers perform and document security risk management for IPv6 network deployments.

4. DoD IPv6 test and evaluation planning
The DoD IPv6 TO is developing a comprehensive System Engineering Management Plan (SEMP) to coordinate the complex set of activities needed to transition the DoD infrastructure to IPv6. A critical component of the overall plan is the Test and Evaluation (T&E) Master Plan, also under development within the TO. The T&E Plan identifies test activities required to achieve the critical milestones such as Authority to Operate and the subsequent levels of advanced IPv6 integration. Specifically, the plan fosters research and development in the DoD IPv6 requirements definition as well as test methodologies, tools, and techniques. To optimize resources, the T&E plan relies on a collaborative test environment distributed among the DoD components, agencies, and services with the DoD IPv6 TO acting as the central coordinator.

5. DoD IPv6 Domain Name System (DNS) infrastructure planning
The existing DNS environment within the DoD is not yet prepared for the adoption of IPv6. The DoD IPv6 TO is actively planning and preparing for the transition to IPv6 while respecting that stability of the existing operational DoD system is an essential and prime concern. The IPv6 DNS augmentation template that is being developed for each delegation point preserves existing IPv4 capabilities while introducing IPv6 capabilities for those systems that are IPv6 aware. The template will be deployed first at the .MIL delegation, starting at the apex of the DoD DNS responsibility and then in an iterative manner through the rest of the DoD maintained DNS delegation hierarchy. Since the capabilities of DNS support vary from delegation to delegation, an audit will be conducted of the entire DoD DNS hierarchy to ensure all DNS service within the DoD operate to a common threshold of conformance.
 
6. DoD IPv6 applications transition planning
It is critical that a common approach and methodology be used across the DoD for application transition planning. The DoD IPv6 TO has developed guidance for the initial planning and an audit process to be conducted by the managers and engineers responsible for application transition. The purpose of this audit is to assess which systems can start the transition to IPv6 and identify commercial/government-off-the-shelf (COTS/GOTS), network infrastructure, and cross agency/system transition dependencies. In addition, the audit will provide better planning data for resource estimates.

7. DoD IPv6 ad hoc networking
An essential characteristic of DoD operational communications that differentiates it from commercial services is tactical mobility and ad hoc networking in adverse environments. Recognizing the importance of dynamic mobile ad hoc networking to the success of DoD tactical net-centric warfare, the DoD IPv6 TO is defining the characteristics, objectives, benefits, and issues associated with mobile ad hoc IPv6 networking. The TO is identifying the technical status of IPv6 technology and surveying industry implementations to evaluate IPv6 support for full scale operational deployment of mobile mesh tactical networks. In addition to identifying the features of IPv6 that potentially improve combat capabilities, the DoD IPv6 TO is defining the metrics to measure such improvements.