[zones] / hosts.lisp

;;; -*-lisp-*-
;;;
;;; distorted.org.uk hosts and networks, and other useful addresses.

;;;--------------------------------------------------------------------------
;;; External hosts.

(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
				 (:ipv6 "2001:ba8:1e3::")))
(defhost mccoy.flatline.org.uk "80.74.241.31")
(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
		     (:ipv6 "2a00:1098:0:80:1000::10")))
(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))

;;;--------------------------------------------------------------------------
;;; Internal addresses.

;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
(defnet distorted.org.uk "172.29.198/23"
  (untrusted "198.0/24"
    (wireless "0/25")
    (iodine "128/28"))
  (trusted "199.0/24"
    (wired "0/25"
      (unsafe "0/27")
      (dhcp "32/27"))
    (vpn "128/27")
    (its "160/30")
    (colo "176/28")
    (safe "192/27")
    (any "224/27")))

;; Externally routable DMZ from Demon.
(defnet dmz "62.49.204.144/28")

;; Externally routed colo range.
(defnet jump "212.13.198.66/28")
(defnet jump "2001:ba8:0:1d9/64")
(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
  (colo "2/64")
  (any "0/64")
  (vpn "6000/64"))

;; Hurricane Electric IPv6-inIPv4 tunnel.
(defnet he-tunnel "2001:470:1f08:1b98/64")
(defnet dmz "2001:470:1f09:1b98/64")
(defnet distorted.org.uk-he "2001:470:9740/48"
  (unsafe "1/64")
  (safe "4001/64")
  (untrusted "8001/64"))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.dmz ((:ipv4 dmz 1)))
(defhost radius.dmz (dmz 2))
(defhost roadstar.dmz (dmz 3))
(defhost jem.dmz (dmz 4))
(defhost artist.dmz (dmz 5))
(defhost vampire.dmz (dmz 6))
(defhost ibanez.dmz (dmz 9))
(defhost anon.dmz (dmz 12))
(defhost nat.dmz ((:ipv4 dmz 14)))

;; Colocated addresses.
(defhost gate.jump ((:ipv6 jump 2)))
(defhost fender.jump (jump 5))
(defhost precision.jump (jump 6))
(defhost telecaster.jump (jump 7))
(defhost stratocaster.jump (jump 8))
(defhost jazz.jump (jump 9))
(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
(defhost anon.jump (jump 13))
(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))

;; Unsafe network.
(defhost radius.unsafe (unsafe 1))
(defhost roadstar.unsafe (unsafe 2))
(defhost jem.unsafe (unsafe 3))
(defhost artist.unsafe (unsafe 4))
(defhost vampire.unsafe (unsafe 5))
(defhost ibanez.unsafe (unsafe 14))

;; Client hosts, with IPv6 addresses.
(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
(defhost lespaul.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fef5:aaef")))
(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))

;; Safe network.
(defhost radius.safe (safe 1))
(defhost vampire.safe (safe 2))
(defhost evolution.safe ((:ipv4 safe 3)))

;; Wireless network.
(defhost radius.untrusted (untrusted 1))
(defhost artist.untrusted (untrusted 2))
(defhost vampire.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
(defhost terror.vpn ((:ipv4 vpn 2)))
(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
(defhost groove.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))

;; Iodine network.
(defhost jazz.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw.its (its 1))
(defhost mz.its (its 2))

;; Internal (VPN) addresses for colocated services.
(defhost fender.colo (colo 1))
(defhost precision.colo (colo 2))
(defhost telecaster.colo (colo 3))
(defhost stratocaster.colo (colo 4))
(defhost jazz.colo (colo 5))

;; Anycast addresses for services.
(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))

;;;--------------------------------------------------------------------------
;;; Host switch.

(preferred-subnet-case
  ((unsafe colo)
   (defhost radius radius.unsafe)
   (defhost precision precision.colo)
   (defhost telecaster telecaster.colo)
   (defhost stratocaster stratocaster.colo)
   (defhost vampire vampire.unsafe))
  (t
   (defhost radius radius.dmz)
   (defhost precision precision.jump)
   (defhost telecaster telecaster.jump)
   (defhost stratocaster stratocaster.jump)
   (defhost vampire vampire.dmz)))

(defhost jaguar jaguar.jump)

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
ff6c53ad MW	1	;;; --lisp--
	2	;;;
	3	;;; distorted.org.uk hosts and networks, and other useful addresses.
	4
	5	;;;--------------------------------------------------------------------------
	6	;;; External hosts.
e80b4c2d	7
0fdd12c7	8	(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
9b7e4069 MW	9	(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
	10	(:ipv6 "2001:ba8:1e3::")))
	11	(defhost mccoy.flatline.org.uk "80.74.241.31")
	12	(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
	13	(:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
	14	(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
	15	(:ipv6 "2a00:1098:0:80:1000::10")))
0fdd12c7	16	(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
ff6c53ad MW	17
	18	;;;--------------------------------------------------------------------------
	19	;;; Internal addresses.
	20
9b7e4069 MW	21	;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	22	(defnet distorted.org.uk "172.29.198/23"
	23	(untrusted "198.0/24"
	24	(wireless "0/25")
	25	(iodine "128/28"))
	26	(trusted "199.0/24"
	27	(wired "0/25"
	28	(unsafe "0/27")
	29	(dhcp "32/27"))
	30	(vpn "128/27")
	31	(its "160/30")
	32	(colo "176/28")
	33	(safe "192/27")
	34	(any "224/27")))
	35
	36	;; Externally routable DMZ from Demon.
	37	(defnet dmz "62.49.204.144/28")
ff6c53ad	38
38c2de7c	39	;; Externally routed colo range.
9b7e4069 MW	40	(defnet jump "212.13.198.66/28")
	41	(defnet jump "2001:ba8:0:1d9/64")
	42	(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
	43	(colo "2/64")
	44	(any "0/64")
	45	(vpn "6000/64"))
38c2de7c	46
9b7e4069 MW	47	;; Hurricane Electric IPv6-inIPv4 tunnel.
	48	(defnet he-tunnel "2001:470:1f08:1b98/64")
	49	(defnet dmz "2001:470:1f09:1b98/64")
	50	(defnet distorted.org.uk-he "2001:470:9740/48"
	51	(unsafe "1/64")
	52	(safe "4001/64")
	53	(untrusted "8001/64"))
ff6c53ad MW	54
	55	;;;--------------------------------------------------------------------------
	56	;;; Host allocations
	57
	58	;; External addresses.
9b7e4069	59	(defhost guvnor.dmz ((:ipv4 dmz 1)))
ff6c53ad MW	60	(defhost radius.dmz (dmz 2))
	61	(defhost roadstar.dmz (dmz 3))
	62	(defhost jem.dmz (dmz 4))
	63	(defhost artist.dmz (dmz 5))
	64	(defhost vampire.dmz (dmz 6))
	65	(defhost ibanez.dmz (dmz 9))
04db9729	66	(defhost anon.dmz (dmz 12))
9b7e4069	67	(defhost nat.dmz ((:ipv4 dmz 14)))
ff6c53ad	68
38c2de7c	69	;; Colocated addresses.
9b7e4069	70	(defhost gate.jump ((:ipv6 jump 2)))
38c2de7c MW	71	(defhost fender.jump (jump 5))
	72	(defhost precision.jump (jump 6))
	73	(defhost telecaster.jump (jump 7))
	74	(defhost stratocaster.jump (jump 8))
	75	(defhost jazz.jump (jump 9))
376a10ac	76	(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
c1f47051	77	(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
0865ffd5	78	(defhost anon.jump (jump 13))
113bdffe	79	(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
38c2de7c	80
ff6c53ad MW	81	;; Unsafe network.
	82	(defhost radius.unsafe (unsafe 1))
	83	(defhost roadstar.unsafe (unsafe 2))
	84	(defhost jem.unsafe (unsafe 3))
	85	(defhost artist.unsafe (unsafe 4))
	86	(defhost vampire.unsafe (unsafe 5))
	87	(defhost ibanez.unsafe (unsafe 14))
	88
55f161b6 MW	89	;; Client hosts, with IPv6 addresses.
	90	(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
	91	(defhost lespaul.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fef5:aaef")))
	92	(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
	93	(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
	94
ff6c53ad	95	;; Safe network.
d8536712 MW	96	(defhost radius.safe (safe 1))
d8536712 MW	97	(defhost vampire.safe (safe 2))
9b7e4069	98	(defhost evolution.safe ((:ipv4 safe 3)))
ff6c53ad MW	99
	100	;; Wireless network.
	101	(defhost radius.untrusted (untrusted 1))
0302997e	102	(defhost artist.untrusted (untrusted 2))
ff6c53ad MW	103	(defhost vampire.untrusted (untrusted 3))
	104
	105	;; Virtual private network.
727a746f	106	(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
9b7e4069	107	(defhost terror.vpn ((:ipv4 vpn 2)))
727a746f	108	(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
5a33b178	109	(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
3584cfba	110	(defhost groove.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
ff6c53ad MW	111
ff6c53ad MW	112	;; Iodine network.
17c95de9	113	(defhost jazz.iodine (iodine 1))
ff6c53ad MW	114
	115	;; Special network for ITS.
	116	;; It doesn't understand point-to-point links, so we need a little net.
	117	(defhost gw.its (its 1))
	118	(defhost mz.its (its 2))
	119
38c2de7c MW	120	;; Internal (VPN) addresses for colocated services.
	121	(defhost fender.colo (colo 1))
	122	(defhost precision.colo (colo 2))
	123	(defhost telecaster.colo (colo 3))
	124	(defhost stratocaster.colo (colo 4))
	125	(defhost jazz.colo (colo 5))
	126
345c0f69	127	;; Anycast addresses for services.
727a746f MW	128	(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
	129	(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
	130	(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
	131	(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
	132	(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
	133	(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
	134	(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
345c0f69	135
ff6c53ad MW	136	;;;--------------------------------------------------------------------------
	137	;;; Host switch.
	138
	139	(preferred-subnet-case
c0430253	140	((unsafe colo)
ff6c53ad	141	(defhost radius radius.unsafe)
f0209b9c	142	(defhost precision precision.colo)
1b9508ad	143	(defhost telecaster telecaster.colo)
4c25329e	144	(defhost stratocaster stratocaster.colo)
c0430253 MW	145	(defhost vampire vampire.unsafe))
	146	(t
	147	(defhost radius radius.dmz)
f0209b9c	148	(defhost precision precision.jump)
1b9508ad	149	(defhost telecaster telecaster.jump)
4c25329e	150	(defhost stratocaster stratocaster.jump)
c0430253	151	(defhost vampire vampire.dmz)))
ff6c53ad	152
033baee0 MW	153	(defhost jaguar jaguar.jump)
033baee0 MW	154
ff6c53ad	155	;;;----- That's all, folks --------------------------------------------------