[zones] / hosts.lisp

;;; -*-lisp-*-
;;;
;;; distorted.org.uk hosts and networks, and other useful addresses.

;;;--------------------------------------------------------------------------
;;; External hosts.

(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
				 #+chiark-dns-ipv6 (:ipv6 "2001:ba8:1e3::")))
(defhost mccoy.flatline.org.uk "80.74.241.31")
(defhost mythic-ns1 ((:ipv4 "45.33.127.156")
		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
		     (:ipv6 "2a00:1098:0:80:1000::10")))
(defhost mythic-ns3 ((:ipv4 "185.24.221.32")
		     (:ipv6 "2a02:2770:11:0:21a:4aff:febe:759b")))
(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))

;;;--------------------------------------------------------------------------
;;; Internal addresses.

;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
(defnet distorted.org.uk "172.29.198/23"
  (untrusted "198.0/24"
    (wireless "0/25")
    (iodine "128/28")
    (hippo "144/28")
    (upn "160/27"))
  (trusted "199.0/24"
    (wired "0/25"
      (unsafe "0/27")
      (dhcp "32/27"))
    (vpn "128/27")
    (its "160/30")
    (colo "176/28")
    (safe "192/27")
    (any "224/27")))

;; Externally routable DMZ from Andrews and Arnold.
(defnet gw "81.2.113.195")
(defnet dmz "81.187.238.128/28")
(defnet distorted.org.uk-aaisp "2001:8b0:c92/48"
  (unsafe "1/64"
    (dhcp "6468:6370/96"))
  (dmz "fff/64")
  (safe "4001/64")
  (untrusted "8001/64"))

;; Externally routed colo range.
(defnet jump "212.13.198.66/28")
(defnet jump "2001:ba8:0:1d9/64")
(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
  (colo "2/64")
  (any "0/64")
  (vpn "6000/64")
  (upn "a000/64"))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.dmz ((:ipv4 gw 0) (:ipv6 dmz "::1:1")))
(defhost radius.dmz (dmz 1))
(defhost roadstar.dmz (dmz 2))
(defhost jem.dmz (dmz 3))
(defhost artist.dmz (dmz 4))
(defhost vampire.dmz (dmz 5))
(defhost universe.dmz (dmz 6))
(defhost ibanez.dmz (dmz 9))
(defhost anon.dmz (dmz 12))
(defhost nat.dmz ((:ipv4 dmz 14)))

;; Colocated addresses.
(defhost gate.jump ((:ipv6 jump 2)))
(defhost fender.jump (jump 5))
(defhost precision.jump (jump 6))
(defhost telecaster.jump (jump 7))
(defhost stratocaster.jump (jump 8))
(defhost jazz.jump (jump 9))
(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
(defhost anon.jump (jump 13))
(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))

;; Linode virtual hosts.
(defhost national.linode ((:ipv4 "45.33.118.239")
			  (:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))

;; Unsafe network.
(defhost radius.unsafe (unsafe 1))
(defhost roadstar.unsafe (unsafe 2))
(defhost jem.unsafe (unsafe 3))
(defhost artist.unsafe (unsafe 4))
(defhost vampire.unsafe (unsafe 5))
(defhost universe.unsafe (unsafe 6))
(defhost ibanez.unsafe (unsafe 14))
(defhost groove.unsafe (unsafe 17))

;; Client hosts, with IPv6 addresses.
(defhost gibson.unsafe ((:ipv6 unsafe "e269:95ff:fe63:bb4")))
(defhost crybaby.unsafe ((:ipv6 unsafe "216:eaff:fec2:4cb8")))
(defhost lespaul.unsafe ((:ipv6 unsafe "a00:27ff:fef5:aaef")))
(defhost haze.unsafe ((:ipv6 unsafe "5056:a8ff:fe01:5654")))
(defhost gretsch.unsafe ((:ipv6 unsafe "3a2c:4aff:fe6d:e768")))
(defhost invader.safe ((:ipv6 safe "a00:27ff:fe94:a5d7")))
(defhost marauder.safe ((:ipv6 safe "a00:27ff:fe6a:7846")))

;; Safe network.
(defhost radius.safe (safe 1))
(defhost vampire.safe (safe 2))
(defhost evolution.safe (safe 3))
(defhost grigsby.safe (safe 4))
(defhost carling.safe (safe 5))
(defhost tritan.safe (safe 6))

;; Wireless network.
(defhost radius.untrusted (untrusted 1))
(defhost artist.untrusted (untrusted 2))
(defhost vampire.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
(defhost terror.vpn ((:ipv4 vpn 2)))
(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))

;; Untrusted private network.
(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))

;; Iodine network.
(defhost jazz.iodine (iodine 1))

;; Hippotat network.
(defhost jazz.hippo (hippo 1))
(defhost crybaby.hippo (hippo 2))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw.its (its 1))
(defhost mz.its (its 2))

;; Internal (VPN) addresses for colocated services.
(defhost fender.colo (colo 1))
(defhost precision.colo (colo 2))
(defhost telecaster.colo (colo 3))
(defhost stratocaster.colo (colo 4))
(defhost jazz.colo (colo 5))

;; Anycast addresses for services.
(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))

;;;--------------------------------------------------------------------------
;;; Host switch.

(preferred-subnet-case
  ((unsafe colo)
   (defhost radius radius.unsafe)
   (defhost vampire vampire.unsafe)
   (defhost precision precision.colo)
   (defhost telecaster telecaster.colo)
   (defhost stratocaster stratocaster.colo)
   (defhost national national.upn))
  (t
   (defhost radius radius.dmz)
   (defhost vampire vampire.dmz)
   (defhost precision precision.jump)
   (defhost telecaster telecaster.jump)
   (defhost stratocaster stratocaster.jump)
   (defhost national national.linode)))

(defhost jaguar jaguar.jump)

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
ff6c53ad MW	1	;;; --lisp--
	2	;;;
	3	;;; distorted.org.uk hosts and networks, and other useful addresses.
	4
	5	;;;--------------------------------------------------------------------------
	6	;;; External hosts.
e80b4c2d	7
0fdd12c7	8	(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
9b7e4069	9	(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
cf1a8815	10	#+chiark-dns-ipv6 (:ipv6 "2001:ba8:1e3::")))
9b7e4069	11	(defhost mccoy.flatline.org.uk "80.74.241.31")
2c712ad4	12	(defhost mythic-ns1 ((:ipv4 "45.33.127.156")
9b7e4069 MW	13	(:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
	14	(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
	15	(:ipv6 "2a00:1098:0:80:1000::10")))
fdcd43da MW	16	(defhost mythic-ns3 ((:ipv4 "185.24.221.32")
fdcd43da MW	17	(:ipv6 "2a02:2770:11:0:21a:4aff:febe:759b")))
0fdd12c7	18	(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
ff6c53ad MW	19
	20	;;;--------------------------------------------------------------------------
	21	;;; Internal addresses.
	22
9b7e4069 MW	23	;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	24	(defnet distorted.org.uk "172.29.198/23"
	25	(untrusted "198.0/24"
	26	(wireless "0/25")
9e4bef79	27	(iodine "128/28")
df1d9fe1	28	(hippo "144/28")
9e4bef79	29	(upn "160/27"))
9b7e4069 MW	30	(trusted "199.0/24"
	31	(wired "0/25"
	32	(unsafe "0/27")
	33	(dhcp "32/27"))
	34	(vpn "128/27")
	35	(its "160/30")
	36	(colo "176/28")
	37	(safe "192/27")
	38	(any "224/27")))
	39
7c0d1761	40	;; Externally routable DMZ from Andrews and Arnold.
f5c3343e MW	41	(defnet gw "81.2.113.195")
	42	(defnet dmz "81.187.238.128/28")
	43	(defnet distorted.org.uk-aaisp "2001:8b0:c92/48"
b0eb5b79 MW	44	(unsafe "1/64"
b0eb5b79 MW	45	(dhcp "6468:6370/96"))
f5c3343e MW	46	(dmz "fff/64")
	47	(safe "4001/64")
	48	(untrusted "8001/64"))
7c0d1761	49
38c2de7c	50	;; Externally routed colo range.
9b7e4069 MW	51	(defnet jump "212.13.198.66/28")
	52	(defnet jump "2001:ba8:0:1d9/64")
	53	(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
	54	(colo "2/64")
	55	(any "0/64")
9e4bef79 MW	56	(vpn "6000/64")
9e4bef79 MW	57	(upn "a000/64"))
38c2de7c	58
ff6c53ad MW	59	;;;--------------------------------------------------------------------------
	60	;;; Host allocations
	61
	62	;; External addresses.
f5c3343e MW	63	(defhost guvnor.dmz ((:ipv4 gw 0) (:ipv6 dmz "::1:1")))
	64	(defhost radius.dmz (dmz 1))
	65	(defhost roadstar.dmz (dmz 2))
	66	(defhost jem.dmz (dmz 3))
	67	(defhost artist.dmz (dmz 4))
	68	(defhost vampire.dmz (dmz 5))
	69	(defhost universe.dmz (dmz 6))
ff6c53ad	70	(defhost ibanez.dmz (dmz 9))
04db9729	71	(defhost anon.dmz (dmz 12))
9b7e4069	72	(defhost nat.dmz ((:ipv4 dmz 14)))
ff6c53ad	73
38c2de7c	74	;; Colocated addresses.
9b7e4069	75	(defhost gate.jump ((:ipv6 jump 2)))
38c2de7c MW	76	(defhost fender.jump (jump 5))
	77	(defhost precision.jump (jump 6))
	78	(defhost telecaster.jump (jump 7))
	79	(defhost stratocaster.jump (jump 8))
	80	(defhost jazz.jump (jump 9))
376a10ac	81	(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
c1f47051	82	(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
0865ffd5	83	(defhost anon.jump (jump 13))
113bdffe	84	(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
38c2de7c	85
b577b999 MW	86	;; Linode virtual hosts.
	87	(defhost national.linode ((:ipv4 "45.33.118.239")
	88	(:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))
	89
ff6c53ad MW	90	;; Unsafe network.
	91	(defhost radius.unsafe (unsafe 1))
	92	(defhost roadstar.unsafe (unsafe 2))
	93	(defhost jem.unsafe (unsafe 3))
	94	(defhost artist.unsafe (unsafe 4))
	95	(defhost vampire.unsafe (unsafe 5))
664e6cf9	96	(defhost universe.unsafe (unsafe 6))
ff6c53ad	97	(defhost ibanez.unsafe (unsafe 14))
f409e9c5	98	(defhost groove.unsafe (unsafe 17))
ff6c53ad	99
55f161b6	100	;; Client hosts, with IPv6 addresses.
f5c3343e MW	101	(defhost gibson.unsafe ((:ipv6 unsafe "e269:95ff:fe63:bb4")))
	102	(defhost crybaby.unsafe ((:ipv6 unsafe "216:eaff:fec2:4cb8")))
	103	(defhost lespaul.unsafe ((:ipv6 unsafe "a00:27ff:fef5:aaef")))
	104	(defhost haze.unsafe ((:ipv6 unsafe "5056:a8ff:fe01:5654")))
	105	(defhost gretsch.unsafe ((:ipv6 unsafe "3a2c:4aff:fe6d:e768")))
	106	(defhost invader.safe ((:ipv6 safe "a00:27ff:fe94:a5d7")))
	107	(defhost marauder.safe ((:ipv6 safe "a00:27ff:fe6a:7846")))
55f161b6	108
ff6c53ad	109	;; Safe network.
d8536712 MW	110	(defhost radius.safe (safe 1))
d8536712 MW	111	(defhost vampire.safe (safe 2))
1f20839b	112	(defhost evolution.safe (safe 3))
c32d96fa MW	113	(defhost grigsby.safe (safe 4))
	114	(defhost carling.safe (safe 5))
	115	(defhost tritan.safe (safe 6))
ff6c53ad MW	116
	117	;; Wireless network.
	118	(defhost radius.untrusted (untrusted 1))
0302997e	119	(defhost artist.untrusted (untrusted 2))
ff6c53ad MW	120	(defhost vampire.untrusted (untrusted 3))
	121
	122	;; Virtual private network.
727a746f	123	(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
9b7e4069	124	(defhost terror.vpn ((:ipv4 vpn 2)))
727a746f	125	(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
5a33b178	126	(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
aa779726 MW	127	(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
	128	(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
	129	(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
	130	(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
ff6c53ad	131
b577b999 MW	132	;; Untrusted private network.
	133	(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))
	134
ff6c53ad	135	;; Iodine network.
17c95de9	136	(defhost jazz.iodine (iodine 1))
ff6c53ad	137
df1d9fe1 MW	138	;; Hippotat network.
	139	(defhost jazz.hippo (hippo 1))
	140	(defhost crybaby.hippo (hippo 2))
	141
ff6c53ad MW	142	;; Special network for ITS.
	143	;; It doesn't understand point-to-point links, so we need a little net.
	144	(defhost gw.its (its 1))
	145	(defhost mz.its (its 2))
	146
38c2de7c MW	147	;; Internal (VPN) addresses for colocated services.
	148	(defhost fender.colo (colo 1))
	149	(defhost precision.colo (colo 2))
	150	(defhost telecaster.colo (colo 3))
	151	(defhost stratocaster.colo (colo 4))
	152	(defhost jazz.colo (colo 5))
	153
345c0f69	154	;; Anycast addresses for services.
727a746f MW	155	(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
	156	(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
	157	(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
	158	(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
	159	(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
	160	(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
	161	(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
345c0f69	162
ff6c53ad MW	163	;;;--------------------------------------------------------------------------
	164	;;; Host switch.
	165
	166	(preferred-subnet-case
c0430253	167	((unsafe colo)
ff6c53ad	168	(defhost radius radius.unsafe)
76a134ee	169	(defhost vampire vampire.unsafe)
f0209b9c	170	(defhost precision precision.colo)
1b9508ad	171	(defhost telecaster telecaster.colo)
1a8dfbe2 MW	172	(defhost stratocaster stratocaster.colo)
1a8dfbe2 MW	173	(defhost national national.upn))
c0430253 MW	174	(t
c0430253 MW	175	(defhost radius radius.dmz)
76a134ee	176	(defhost vampire vampire.dmz)
f0209b9c	177	(defhost precision precision.jump)
1b9508ad	178	(defhost telecaster telecaster.jump)
1a8dfbe2 MW	179	(defhost stratocaster stratocaster.jump)
1a8dfbe2 MW	180	(defhost national national.linode)))
ff6c53ad	181
033baee0 MW	182	(defhost jaguar jaguar.jump)
033baee0 MW	183
ff6c53ad	184	;;;----- That's all, folks --------------------------------------------------