I have a couple public subnets assigned to my physical rackspace as part of my consultancy. I lease a /27 and a /29 (and technically a /30, but that’s just for my top-of-rack firewall / router). Not a huge portion of the internet by any means, but it’s my little world of TCP/IP connectivity on the big, scary internets and I like to treat it preciously.
Of course, someone else in the past has had ownership of these addresses. Who? I don’t really know, nor do I care to know. I just care, so some minor extent, about the reputation of my IP addresses right now. I say “minor” because I’m not doing mail services from the servers, except for one that runs a forum and needs to send notifications of new posts and signups to the forum members. Other than that, it’s not a big deal unless I manage to snag a higher profile client that uses a range of IPs that have such a poor reputation that major blacklisting services are blocking access to the website or service… which seems unlikely for a gaggle of reasons.
One day recently I was doing a port and address audit on the internal and customer servers and appliances in my rack. I used a simple invocation of nmap to check and see if my syntax for passing an entire subnet was correct.
nmap -sL 192.168.1.0/24
To quote the nmap documentation:
-sL: List Scan – simply list targets to scan
What the man page doesn’t say explicitly is that, unless the -n option is selected along with -sL, a reverse DNS lookup is performed on each host that the invocation was given. Imagine my surprise when I saw a laundry list of unfamiliar DNS names associated with my subnet’s IP addresses. Apparently the previous users of the IP addresses in my subnet still had vestiges of their history in rDNS that had never been removed.
DNS is important, mmkay? Yes, theoretically with every host that occupies an IP address I should send a request to my datacenter to change the reverse records, but sometimes when testing and sandboxing, that doesn’t happen. Then when a mysterious problem crops up that could be due to rDNS not matching forward lookups, you send yourself to the hospital with a concussion from a devastating facepalm.
You can bet I’ll be contacting my datacenter about this little issue. In my opinion, this shouldn’t have happened at all. Maybe I’m picky, but I think customers should be handed netblocks that don’t have ghosts of their former owners haunting the premises.
Nevertheless, your homework right now is to
nmap -sL your public IP subnets and see if all of your rDNS entries match with your expectations. Aaaaand… go! (I’d be curious to know what your experience is as well.)