I’ve been eagerly awaiting the release of “Restrepo,” a documentary about American soldiers fighting in Afghanistan.  The reviews have been glowing, likening it to a real-life version of “The Hurt Locker,” which I thought was excellent.  (I began to say that I really enjoyed it, but it’s more accurate to say that I’m very glad I saw it.)  “Restrepo” was co-directed by Sebastian Junger, which got me thinking about “A Perfect Storm,” a similarly painful-to-watch movie (Junger wrote the book).

Which is the long way of explaining why I was thinking of perfect storms recently.  The “perfect storm” of the title is caused by a confluence of weather conditions, and I think we’re looking at similar conditions on the Internet, specifically in the world of DNS.

I’ve spoken and written before about the additional administrative burden imposed by DNSSEC, and the imperative for vendors like Infoblox to provide better tools for managing signing and validation.  I've also written about the scarcity of good system and network administrators.  I’ve talked less, though, about the inevitability of IPv6 and the proliferation of IP-speaking devices in our lives.

Geoff Huston’s IPv4 Address Report currently projects the exhaustion of IPv4 address space in July of 2011.  While it’s been a long time coming, I believe we’ll begin to see IPv6 adoption accelerate late this year and next.

At the same time, we’ve witnessed the astounding adoption of Apple’s latest mobile devices, the iPad and the fourth-generation iPhone.  Apple sold three million iPads in 80 days, or one every 2.3 seconds, and a jaw-dropping 1.7 million iPhone 4s in three days.  Imagine if the supply of iPhone 4s weren’t so limited.  And of course there are many more IP-speaking gizmos making their way into homes and businesses than these i-things.

So let’s examine the equation:

(Greater administrative complexity due to DNSSEC + greater administrative complexity due to IPv6) * (enormous increase in IP devices) = even bigger increase in the amount and complexity of DNS administration

Now my theory is that businesses will deal with this in one of two ways:  They’ll move to solutions that, to the extent possible, automate DNS administration, and where complete automation isn’t possible at least simplify it.  (That, I hope, is where Infoblox comes in.)  Or, if they can’t afford those solutions, they’ll outsource DNS infrastructure to someone else.  For larger companies, the outsourcer may be a company such as AT&T or HP, and DNS just a part of a larger outsourcing arrangement.  For smaller businesses, the outsourcer will increasingly be an Internet-based DNS provider such as Dyn, Neustar or OpenDNS, who provide a web-based front-end to a company’s administrator and insulate him from the intricacies of DNSSEC, IPv6, and managing DNS infrastructure.

What we won't see nearly as much of, I'm afraid, is DIY management of DNS using BIND name servers running on Linux, Unix, or some other general-purpose operating system, and not as much DNS on Microsoft DNS Servers, either.  (I say "I'm afraid" chiefly because these are topics I write about, and it's provided a nice living.  I despair of learning enough about another topic to write a worthwhile book about it.)

Maybe this is just so much sentimentality, like thinking wistfully of the days when I could handle tuning up my own car.  But if my theory's correct, it spells a fundamental change in the way most of us do DNS, and potentially an enormous opportunity for a few companies.  Including, I hope, my own.