Home / Blogs

Implications of DoD IPv6 Mandate on IPv4 Market

Recent Department of Defense IPv4 activity and announcements about IPv6 indicate a shift in their perspective and suggest potential impacts on the IPv4 address market. The shift could include the release of up to 175 million IPv4 addresses in the coming years, creating a risk of a glut in the market. For perspective, the market has transferred 380 million addresses over eleven years.

DoD Adopts IPv6 Mandate

In June 2021 the United States Department of Defense (U.S. DoD) adopted the Office of Management and Budget (OMB) directive from 19 November 2020 (DoD DTM 21-004 adopts OMB M-21-07). This directive is different from previous efforts, because it has the support of civilian agency leadership and the DoD.

The OMB memo says both agencies will issue an agency-wide IPv6 policy by the end of 2021. This IPv6 policy must require that, no later than the Fiscal Year 2023, all new networked Federal information systems must be IPv6-enabled at the time they are deployed. Plus, the policy will state the agency’s strategic intent to phase out the use of IPv4 for all systems.

Under past efforts, if a vendor checked a box saying a computer or software worked with IPv6, the requirement was met. This directive defines “IPv6-enabled” as “IPv6 is turned on for production use.” Claiming that a device or service is capable of using IPv6 does not satisfy the requirement.

The plan must also include plans for IP-enabled assest on Federal networks:

  1. At least 20% operating in IPv6-only environments by the end of FY 2023;
  2. At least 50% operating in IPv6-only environments by the end of FY 2024;
  3. At least 80% operating in IPv6-only environments by the end of FY 2025; and
  4. A schedule for replacing or retiring Federal information systems that cannot be converted to use IPv6.

Again learning from earlier corner cutting, “IPv6-only” is defined as a state where IPv4 is not in use. The memo does allow for IPv4 transition mechanisms (such as NAT64, SIIT-DC, 464xlat, MAP-T, MAP-E), but the backend systems should be IPv6-only.

Phasing out IPv4 means most of those addresses will be useless to the U.S. military and government. Some other activity hints at what they might do with those addresses.

Exploring IPv4 Sale

In late 2019, the U.S. House of Representatives passed the National Defense Authorization Act (NDAA) to fund the DoD for 2021, with text requiring the DoD to sell off all of its hundreds of millions of IPv4 addresses. This line did not survive reconciliation with the Senate, but it shows that some in Congress are aware of the existence of billions of dollars of addresses in government coffers. In reviewing the bill, the Congressional Budget Office (CBO) noted, “DoD would have to amend its existing agreement with the American Registry for Internet Numbers (ARIN), which requires DoD to release unneeded IP addresses to ARIN for redistribution.” This may well have been what killed the line in committee.

Regarding that agreement, ARIN CEO John Curran said in a public email, “The provisions were never intended to constrain the USG/DoD any differently than any other party in the registry and given the availability of the transfer policies in the number resource policy manual we have made plain to the USG/DoD that ARIN is neither encouraging nor an impediment to the transfer of IPv4 number resources at this time.”

So those addresses could still find their way to the address market.

The DoD has apparently taken this possibility seriously. In January 2021, a previously unknown company began “announcing” DoD IPv4 space on the Internet (technical jargon for “looks like they’re using it”). In April 2021, the DoD said the announcement was to “assess, evaluate, and prevent unauthorized use of DoD IP address space.”

A surprising number of companies use unannounced DoD IPv4 space for internal, private, or “walled garden” networks—scenarios where the addresses will only be used internally, not on the Internet. But some devices connect both to walled gardens and to the Internet. If DoD addresses were sold and used on the Internet, those devices would have conflicts: do they send traffic to the private network or the public Internet? So this project is exactly the due diligence one would expect before the DoD released its IPv4 addresses.

If the DoD won’t need 20-80% of its IPv4 addresses in the next 2-4 years, it looks like the Department of Defense will release some of its IPv4 addresses. What then?

Long Term Price Risk for IPv4 Sellers

Civilian agencies who achieve 20%—80% IPv6-only deployment between 2023 to 2025, even with some holdback for translation, will find themselves with a surplus of IPv4 addresses. Under federal government rules, those addresses may have to be “returned” to the DoD, having an even greater surplus.

If Congress made the DoD offer its 175 million IPv4 addresses on the market, the big buyers would likely buy as much as needed. There would be little remaining demand for /8 – /13 blocks and DoD might even have to sell down to /16, virtually eliminating the mid market. If civilian agencies with /16 blocks release chunks of their space, there’s a similar threat to the small market. That much address space would sate the market for several years, based on historical transfer rates.

Source: RIR Transfer Logs

Many IPv4 address holders have indicated a desire to lease addresses as prices are rising. This can be a great strategy to maximize returns, but the longer they wait, the higher the risk that the DoD will make those addresses worthless at the end of the lease. The risk is lowest now and increases year by year.

Of course, a rush to sell now could backfire if the U.S. government and DoD don’t ultimately release their addresses. People in the US government who are advancing the IPv6 initiatives are aware of market dynamics. They may also be reluctant to flood the market with IPv4 addresses, just as their efforts to move to IPv6-only are culminating.

Most financial advisors argue against trying to time the market. Don’t worry about price fluctuations: decisions to buy or sell should be based on fundamentals and demonstrable needs.

By Lee Howard, Senior Vice President at IPv4.Global

Filed Under

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

DoD IPv6 implementation is not about lacking space Ardan Michael Blum  –  May 19, 2022 4:11 PM

The reason(s) are classified but you can read between the lines that IPv6 was made with security in mind, so, when implemented correctly, it is more secure than IPv4.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Domain Management

Sponsored byMarkMonitor

IPv4 Markets

Sponsored byIPXO

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign