Deploy360 19 November 2012

IPv6 Lessons From The US Air Force

By Dan YorkDirector, Internet Technology

US Air Force logoWhat is the US Air Force doing with IPv6?  What lessons have they learned in their IPv6 deployment so far?

In a ReadWrite article in August titled “How The Air Force Is Flying Toward IPv6,” writer David Strom spoke with Doug Fry, the engineering lead for the USAF Transition Management Office (TMO), about the challenges the USAF faces as well as the lessons they have learned.  I found the article’s description of the scale quite interesting:

The Air Force base furthest along in the transition process is Eglin in the Florida panhandle, which also happens to be the service’s largest base – covering more than 600 square miles and employing more than 30,000 people. To give you an idea of the size of the base, it has 30,000 individual IP addresses assigned, to a wide mix of both computing and embedded equipment. There are two core networks, 14 access layer devices, and 5000 in-building switches. That is a lot of gear to migrate over to the new networking protocols.

Indeed that is a lot of gear!  The article goes on to list 8 lessons the Air Force learned.  The article has the full descriptions, but I’ll summarize them here:

  1. Don’t go with your first address plan, but think about ways that you can make it more hierarchical and improve it.
  2. Make sure your core and IOS routers are all IPv6 compatible and can run dual stack protocols.
  3. Make sure all your monitoring equipment is up to snuff.
  4. Now is the time to make sure your entire network documentation actually reflects what is actually deployed.
  5. Upgrade your router firmware or replace them to handle IPv6.
  6. Build a test lab that replicates your entire network if you can afford to.
  7. Understand how things will change when you add new desktops or network infrastructure to your IPv6 network.
  8. Finally, participate in the next World IPv6 Day in June and other experiments to prove out your installation and deployment plans.

Good thoughts from people in the process of deploying IPv6. We look forward to reading future articles as they move forward with their IPv6 deployment across all their bases.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...