[zones] / hosts.lisp

;;; -*-lisp-*-
;;;
;;; distorted.org.uk hosts and networks, and other useful addresses.

;;;--------------------------------------------------------------------------
;;; External hosts.

(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
				 (:ipv6 "2001:ba8:1e3::")))
(defhost mccoy.flatline.org.uk "80.74.241.31")
(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
		     (:ipv6 "2a00:1098:0:80:1000::10")))
(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))

;;;--------------------------------------------------------------------------
;;; Internal addresses.

;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
(defnet distorted.org.uk "172.29.198/23"
  (untrusted "198.0/24"
    (wireless "0/25")
    (iodine "128/28")
    (upn "160/27"))
  (trusted "199.0/24"
    (wired "0/25"
      (unsafe "0/27")
      (dhcp "32/27"))
    (vpn "128/27")
    (its "160/30")
    (colo "176/28")
    (safe "192/27")
    (any "224/27")))

;; Externally routable DMZ from Demon.
(defnet dmz "62.49.204.144/28")

;; Externally routable DMZ from Andrews and Arnold.
(defnet aaisp-gw "81.2.113.195")
(defnet aaisp "81.187.238.128/28")
(defnet aaisp "2001:8b0:c92/48")

;; Externally routed colo range.
(defnet jump "212.13.198.66/28")
(defnet jump "2001:ba8:0:1d9/64")
(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
  (colo "2/64")
  (any "0/64")
  (vpn "6000/64")
  (upn "a000/64"))

;; Hurricane Electric IPv6-inIPv4 tunnel.
(defnet he-tunnel "2001:470:1f08:1b98/64")
(defnet dmz "2001:470:1f09:1b98/64")
(defnet distorted.org.uk-he "2001:470:9740/48"
  (unsafe "1/64")
  (safe "4001/64")
  (untrusted "8001/64"))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.dmz ((:ipv4 dmz 1)))
(defhost radius.dmz (dmz 2))
(defhost roadstar.dmz (dmz 3))
(defhost jem.dmz (dmz 4))
(defhost artist.dmz (dmz 5))
(defhost vampire.dmz (dmz 6))
(defhost universe.dmz (dmz 7))
(defhost ibanez.dmz (dmz 9))
(defhost anon.dmz (dmz 12))
(defhost nat.dmz ((:ipv4 dmz 14)))

(defhost guvnor.aaisp (aaisp-gw 0))
(defhost radius.aaisp (aaisp 1))
(defhost roadstar.aaisp (aaisp 2))
(defhost jem.aaisp (aaisp 3))
(defhost artist.aaisp (aaisp 4))
(defhost vampire.aaisp (aaisp 5))
(defhost universe.aaisp (aaisp 6))
(defhost ibanez.aaisp (aaisp 9))
(defhost anon.aaisp (aaisp 12))
(defhost nat.aaisp ((:ipv4 aaisp 14)))

;; Colocated addresses.
(defhost gate.jump ((:ipv6 jump 2)))
(defhost fender.jump (jump 5))
(defhost precision.jump (jump 6))
(defhost telecaster.jump (jump 7))
(defhost stratocaster.jump (jump 8))
(defhost jazz.jump (jump 9))
(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
(defhost anon.jump (jump 13))
(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))

;; Linode virtual hosts.
(defhost national.linode ((:ipv4 "45.33.118.239")
			  (:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))

;; Unsafe network.
(defhost radius.unsafe (unsafe 1))
(defhost roadstar.unsafe (unsafe 2))
(defhost jem.unsafe (unsafe 3))
(defhost artist.unsafe (unsafe 4))
(defhost vampire.unsafe (unsafe 5))
(defhost universe.unsafe (unsafe 6))
(defhost ibanez.unsafe (unsafe 14))
(defhost groove.unsafe (unsafe 17))

;; Client hosts, with IPv6 addresses.
(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
(defhost crybaby.unsafe ((:ipv6 "2001:470:9740:1:216:eaff:fec2:4cb8")))
(defhost lespaul.unsafe ((:ipv6 "2001:470:9740:1:a00:27ff:fef5:aaef")))
(defhost haze.unsafe ((:ipv6 "2001:470:9740:1:5056:a8ff:fe01:5654")))
(defhost gretsch.unsafe ((:ipv6 "2001:470:9740:1:3a2c:4aff:fe6d:e768")))
(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))

;; Safe network.
(defhost radius.safe (safe 1))
(defhost vampire.safe (safe 2))
(defhost evolution.safe (safe 3))
(defhost grigsby.safe (safe 4))
(defhost carling.safe (safe 5))
(defhost tritan.safe (safe 6))

;; Wireless network.
(defhost radius.untrusted (untrusted 1))
(defhost artist.untrusted (untrusted 2))
(defhost vampire.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
(defhost terror.vpn ((:ipv4 vpn 2)))
(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))

;; Untrusted private network.
(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))

;; Iodine network.
(defhost jazz.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw.its (its 1))
(defhost mz.its (its 2))

;; Internal (VPN) addresses for colocated services.
(defhost fender.colo (colo 1))
(defhost precision.colo (colo 2))
(defhost telecaster.colo (colo 3))
(defhost stratocaster.colo (colo 4))
(defhost jazz.colo (colo 5))

;; Anycast addresses for services.
(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))

;;;--------------------------------------------------------------------------
;;; Host switch.

(preferred-subnet-case
  ((unsafe colo)
   (defhost radius radius.unsafe)
   (defhost precision precision.colo)
   (defhost telecaster telecaster.colo)
   (defhost stratocaster stratocaster.colo)
   (defhost vampire vampire.unsafe))
  (t
   (defhost radius radius.dmz)
   (defhost precision precision.jump)
   (defhost telecaster telecaster.jump)
   (defhost stratocaster stratocaster.jump)
   (defhost vampire vampire.dmz)))

(defhost jaguar jaguar.jump)

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
ff6c53ad MW	1	;;; --lisp--
	2	;;;
	3	;;; distorted.org.uk hosts and networks, and other useful addresses.
	4
	5	;;;--------------------------------------------------------------------------
	6	;;; External hosts.
e80b4c2d	7
0fdd12c7	8	(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
9b7e4069 MW	9	(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
	10	(:ipv6 "2001:ba8:1e3::")))
	11	(defhost mccoy.flatline.org.uk "80.74.241.31")
	12	(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
	13	(:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
	14	(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
	15	(:ipv6 "2a00:1098:0:80:1000::10")))
0fdd12c7	16	(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
ff6c53ad MW	17
	18	;;;--------------------------------------------------------------------------
	19	;;; Internal addresses.
	20
9b7e4069 MW	21	;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	22	(defnet distorted.org.uk "172.29.198/23"
	23	(untrusted "198.0/24"
	24	(wireless "0/25")
9e4bef79 MW	25	(iodine "128/28")
9e4bef79 MW	26	(upn "160/27"))
9b7e4069 MW	27	(trusted "199.0/24"
	28	(wired "0/25"
	29	(unsafe "0/27")
	30	(dhcp "32/27"))
	31	(vpn "128/27")
	32	(its "160/30")
	33	(colo "176/28")
	34	(safe "192/27")
	35	(any "224/27")))
	36
	37	;; Externally routable DMZ from Demon.
	38	(defnet dmz "62.49.204.144/28")
ff6c53ad	39
7c0d1761 MW	40	;; Externally routable DMZ from Andrews and Arnold.
	41	(defnet aaisp-gw "81.2.113.195")
	42	(defnet aaisp "81.187.238.128/28")
	43	(defnet aaisp "2001:8b0:c92/48")
	44
38c2de7c	45	;; Externally routed colo range.
9b7e4069 MW	46	(defnet jump "212.13.198.66/28")
	47	(defnet jump "2001:ba8:0:1d9/64")
	48	(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
	49	(colo "2/64")
	50	(any "0/64")
9e4bef79 MW	51	(vpn "6000/64")
9e4bef79 MW	52	(upn "a000/64"))
38c2de7c	53
9b7e4069 MW	54	;; Hurricane Electric IPv6-inIPv4 tunnel.
	55	(defnet he-tunnel "2001:470:1f08:1b98/64")
	56	(defnet dmz "2001:470:1f09:1b98/64")
	57	(defnet distorted.org.uk-he "2001:470:9740/48"
	58	(unsafe "1/64")
	59	(safe "4001/64")
	60	(untrusted "8001/64"))
ff6c53ad MW	61
	62	;;;--------------------------------------------------------------------------
	63	;;; Host allocations
	64
	65	;; External addresses.
9b7e4069	66	(defhost guvnor.dmz ((:ipv4 dmz 1)))
ff6c53ad MW	67	(defhost radius.dmz (dmz 2))
	68	(defhost roadstar.dmz (dmz 3))
	69	(defhost jem.dmz (dmz 4))
	70	(defhost artist.dmz (dmz 5))
	71	(defhost vampire.dmz (dmz 6))
664e6cf9	72	(defhost universe.dmz (dmz 7))
ff6c53ad	73	(defhost ibanez.dmz (dmz 9))
04db9729	74	(defhost anon.dmz (dmz 12))
9b7e4069	75	(defhost nat.dmz ((:ipv4 dmz 14)))
ff6c53ad	76
7c0d1761 MW	77	(defhost guvnor.aaisp (aaisp-gw 0))
	78	(defhost radius.aaisp (aaisp 1))
	79	(defhost roadstar.aaisp (aaisp 2))
	80	(defhost jem.aaisp (aaisp 3))
	81	(defhost artist.aaisp (aaisp 4))
	82	(defhost vampire.aaisp (aaisp 5))
	83	(defhost universe.aaisp (aaisp 6))
	84	(defhost ibanez.aaisp (aaisp 9))
	85	(defhost anon.aaisp (aaisp 12))
	86	(defhost nat.aaisp ((:ipv4 aaisp 14)))
	87
38c2de7c	88	;; Colocated addresses.
9b7e4069	89	(defhost gate.jump ((:ipv6 jump 2)))
38c2de7c MW	90	(defhost fender.jump (jump 5))
	91	(defhost precision.jump (jump 6))
	92	(defhost telecaster.jump (jump 7))
	93	(defhost stratocaster.jump (jump 8))
	94	(defhost jazz.jump (jump 9))
376a10ac	95	(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
c1f47051	96	(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
0865ffd5	97	(defhost anon.jump (jump 13))
113bdffe	98	(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
38c2de7c	99
b577b999 MW	100	;; Linode virtual hosts.
	101	(defhost national.linode ((:ipv4 "45.33.118.239")
	102	(:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))
	103
ff6c53ad MW	104	;; Unsafe network.
	105	(defhost radius.unsafe (unsafe 1))
	106	(defhost roadstar.unsafe (unsafe 2))
	107	(defhost jem.unsafe (unsafe 3))
	108	(defhost artist.unsafe (unsafe 4))
	109	(defhost vampire.unsafe (unsafe 5))
664e6cf9	110	(defhost universe.unsafe (unsafe 6))
ff6c53ad	111	(defhost ibanez.unsafe (unsafe 14))
f409e9c5	112	(defhost groove.unsafe (unsafe 17))
ff6c53ad	113
55f161b6 MW	114	;; Client hosts, with IPv6 addresses.
55f161b6 MW	115	(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
812706bd	116	(defhost crybaby.unsafe ((:ipv6 "2001:470:9740:1:216:eaff:fec2:4cb8")))
2d7b9fe6	117	(defhost lespaul.unsafe ((:ipv6 "2001:470:9740:1:a00:27ff:fef5:aaef")))
3e38779f MW	118	(defhost haze.unsafe ((:ipv6 "2001:470:9740:1:5056:a8ff:fe01:5654")))
3e38779f MW	119	(defhost gretsch.unsafe ((:ipv6 "2001:470:9740:1:3a2c:4aff:fe6d:e768")))
55f161b6 MW	120	(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
	121	(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
	122
ff6c53ad	123	;; Safe network.
d8536712 MW	124	(defhost radius.safe (safe 1))
d8536712 MW	125	(defhost vampire.safe (safe 2))
1f20839b	126	(defhost evolution.safe (safe 3))
c32d96fa MW	127	(defhost grigsby.safe (safe 4))
	128	(defhost carling.safe (safe 5))
	129	(defhost tritan.safe (safe 6))
ff6c53ad MW	130
	131	;; Wireless network.
	132	(defhost radius.untrusted (untrusted 1))
0302997e	133	(defhost artist.untrusted (untrusted 2))
ff6c53ad MW	134	(defhost vampire.untrusted (untrusted 3))
	135
	136	;; Virtual private network.
727a746f	137	(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
9b7e4069	138	(defhost terror.vpn ((:ipv4 vpn 2)))
727a746f	139	(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
5a33b178	140	(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
aa779726 MW	141	(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
	142	(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
	143	(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
	144	(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
ff6c53ad	145
b577b999 MW	146	;; Untrusted private network.
	147	(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))
	148
ff6c53ad	149	;; Iodine network.
17c95de9	150	(defhost jazz.iodine (iodine 1))
ff6c53ad MW	151
	152	;; Special network for ITS.
	153	;; It doesn't understand point-to-point links, so we need a little net.
	154	(defhost gw.its (its 1))
	155	(defhost mz.its (its 2))
	156
38c2de7c MW	157	;; Internal (VPN) addresses for colocated services.
	158	(defhost fender.colo (colo 1))
	159	(defhost precision.colo (colo 2))
	160	(defhost telecaster.colo (colo 3))
	161	(defhost stratocaster.colo (colo 4))
	162	(defhost jazz.colo (colo 5))
	163
345c0f69	164	;; Anycast addresses for services.
727a746f MW	165	(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
	166	(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
	167	(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
	168	(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
	169	(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
	170	(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
	171	(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
345c0f69	172
ff6c53ad MW	173	;;;--------------------------------------------------------------------------
	174	;;; Host switch.
	175
	176	(preferred-subnet-case
c0430253	177	((unsafe colo)
ff6c53ad	178	(defhost radius radius.unsafe)
f0209b9c	179	(defhost precision precision.colo)
1b9508ad	180	(defhost telecaster telecaster.colo)
4c25329e	181	(defhost stratocaster stratocaster.colo)
c0430253 MW	182	(defhost vampire vampire.unsafe))
	183	(t
	184	(defhost radius radius.dmz)
f0209b9c	185	(defhost precision precision.jump)
1b9508ad	186	(defhost telecaster telecaster.jump)
4c25329e	187	(defhost stratocaster stratocaster.jump)
c0430253	188	(defhost vampire vampire.dmz)))
ff6c53ad	189
033baee0 MW	190	(defhost jaguar jaguar.jump)
033baee0 MW	191
ff6c53ad	192	;;;----- That's all, folks --------------------------------------------------