Researchers involved with Moonv6, the world’s largest native IPv6 test bed, have demonstrated that the Network Time Protocol runs over IPv6, the long anticipated upgrade to the Internet’s main protocol.
Moonv6 is a joint operation of the University of New Hampshire, the U.S. Defense Department, the North American IPv6 Task Force and the Internet2 university consortium. Moonv6 was founded in 2002 and consists of 80 servers, switches and routers located at 10 military and university sites that span from New Hampshire to Arizona.
Companies involved in the latest Moonv6 tests include Fortinet, QLogic, Nominum, Check Point, Extreme, Spectracom, Agilent, IBM and Lucent.
In a series of tests run in July, the Moonv6 team focused on the NTP, which is used to synchronize the timing of network equipment for regular network operations as well as antihacking and disaster recovery efforts. NTP ensures that all devices on a network are synchronized to Universal Coordinated Time (UTC).
Moonv6 researchers set up a wide-area link between the University of New Hampshire and the military’s Joint Interoperability Test Center at Fort Huachuca, Ariz. to run NTP over both regular IP (known as IPv4) and the emerging IPv6.
"This is the first time anyone has demonstrated NTP over an IPv6 WAN," says Erica Williamsen, an IPv6 engineer at the UNH Interoperability Lab. "Both sites were able to synchronize time."
Capt. Jeremy Duncan, a communications interoperability and integration officer with the U.S. Marine Corps, says Fort Huachuca had two servers running NTP, one server running IPv6 and the other running IPV4. Both servers were doing updates via NTP, which was tested in native IPv6 and dual-stack IPv4/IPv6 modes.
"It worked fine," Duncan says. "We didn’t see any issues functionally."
Glenn Burdett, new business development manager with Moonv6 participant Spectracom, says the researchers also tested management services such as the use of Dynamic Host Configuration Protocol (DHCP) Version 6 with NTP running over IPv6.
"We did other network protocol tests such as syslog and symmetric key," Burdett says. "The bulk of the testing was to prove out NTP, to make sure that machines could be synched up over the LAN and the WAN."
Burdett says NTP is a critical component of network operations for government agencies such as the Defense Department and enterprises with vital computer security needs.
Spectracom sells an NTP appliance called the 9200 Series NetClock Time Server.
"To support information assurance, you want a hardware appliance for NTP that provides highly reliable time synchronization for routers, switches, virus scrubbers, domain controllers, etc.," Burdett says. "If there is any network glitch or vulnerability or some sort of question in your network, you want to know that all the logs have been synchronized to UTC down to microsecond accuracy."
NTP is used with security protocols such as Kerberos, which requires host computers to be time synchronized, as well as time-sensitive applications such as stock trading, streaming video and 911 calls.
Spectracom announced in August its new 9200 series NetClock Time Server, which has new management capabilities as well as support for IPv6. The IPv6 Forum certified Spectracom’s product as IPv6 Ready.
"We’re seeing [demand for IPv6] from the Defense Department. So that was our major reason to move on it," Burdett says. "We’re also expecting that we’ll see demand internationally and ultimately in the U.S. market."
During the July tests, Moonv6 researchers continued testing several other protocols including DNS, DHCP Version 6 and IPSec over native and dual-stack IPv6. Moonv6 participants run two major tests each year on core and application services for IPv6.
Meanwhile, the U.S. military continues security testing on the Moonv6 test bed through August 18.
"We’re doing a PKI and IPSec integration experiment," Duncan says. "We’re doing that to highlight the usefulness of automatic key exchange using the IKE Version 2 protocol with Microsoft Vista servers and clients in the PKI infrastructure that [Defense Department] relies on."
Moonv6 was designed to help boost commercial deployment of IPv6, which is lagging in the United States behind Europe and Asia. The first major U.S. organization to commit to IPv6 is the Defense Department, which has a policy that requires all of its network hardware and software to be IPv6 compliant by 2008. All other U.S. federal agencies are under a similar mandate enacted last year.
Developed by the IETF, IPv6 promises easier administration, tighter security and an enhanced addressing scheme over IPv4, the Internet’s current protocol. IPv6, which uses a 128-bit addressing scheme, supports a virtually limitless number of uniquely identified systems on the 'Net, while IPv4 supports only a few billion systems because it uses a 32-bit addressing scheme.