[zones] / hosts.lisp

;;; -*-lisp-*-
;;;
;;; distorted.org.uk hosts and networks, and other useful addresses.

;;;--------------------------------------------------------------------------
;;; External hosts.

(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
				 (:ipv6 "2001:ba8:1e3::")))
(defhost mccoy.flatline.org.uk "80.74.241.31")
(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
		     (:ipv6 "2a00:1098:0:80:1000::10")))
(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))

;;;--------------------------------------------------------------------------
;;; Internal addresses.

;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
(defnet distorted.org.uk "172.29.198/23"
  (untrusted "198.0/24"
    (wireless "0/25")
    (iodine "128/28")
    (upn "160/27"))
  (trusted "199.0/24"
    (wired "0/25"
      (unsafe "0/27")
      (dhcp "32/27"))
    (vpn "128/27")
    (its "160/30")
    (colo "176/28")
    (safe "192/27")
    (any "224/27")))

;; Externally routable DMZ from Demon.
(defnet dmz "62.49.204.144/28")

;; Externally routed colo range.
(defnet jump "212.13.198.66/28")
(defnet jump "2001:ba8:0:1d9/64")
(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
  (colo "2/64")
  (any "0/64")
  (vpn "6000/64")
  (upn "a000/64"))

;; Hurricane Electric IPv6-inIPv4 tunnel.
(defnet he-tunnel "2001:470:1f08:1b98/64")
(defnet dmz "2001:470:1f09:1b98/64")
(defnet distorted.org.uk-he "2001:470:9740/48"
  (unsafe "1/64")
  (safe "4001/64")
  (untrusted "8001/64"))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.dmz ((:ipv4 dmz 1)))
(defhost radius.dmz (dmz 2))
(defhost roadstar.dmz (dmz 3))
(defhost jem.dmz (dmz 4))
(defhost artist.dmz (dmz 5))
(defhost vampire.dmz (dmz 6))
(defhost ibanez.dmz (dmz 9))
(defhost anon.dmz (dmz 12))
(defhost nat.dmz ((:ipv4 dmz 14)))

;; Colocated addresses.
(defhost gate.jump ((:ipv6 jump 2)))
(defhost fender.jump (jump 5))
(defhost precision.jump (jump 6))
(defhost telecaster.jump (jump 7))
(defhost stratocaster.jump (jump 8))
(defhost jazz.jump (jump 9))
(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
(defhost anon.jump (jump 13))
(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))

;; Unsafe network.
(defhost radius.unsafe (unsafe 1))
(defhost roadstar.unsafe (unsafe 2))
(defhost jem.unsafe (unsafe 3))
(defhost artist.unsafe (unsafe 4))
(defhost vampire.unsafe (unsafe 5))
(defhost ibanez.unsafe (unsafe 14))
(defhost groove.unsafe (unsafe 17))

;; Client hosts, with IPv6 addresses.
(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
(defhost crybaby.unsafe ((:ipv6 "2001:470:9740:1:216:eaff:fec2:4cb8")))
(defhost lespaul.unsafe ((:ipv6 "2001:470:9740:1:a00:27ff:fef5:aaef")))
(defhost haze.unsafe ((:ipv6 "2001:470:9740:1:5056:a8ff:fe01:5654")))
(defhost gretsch.unsafe ((:ipv6 "2001:470:9740:1:3a2c:4aff:fe6d:e768")))
(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))

;; Safe network.
(defhost radius.safe (safe 1))
(defhost vampire.safe (safe 2))
(defhost evolution.safe (safe 3))
(defhost grigsby.safe (safe 4))
(defhost carling.safe (safe 5))
(defhost tritan.safe (safe 6))

;; Wireless network.
(defhost radius.untrusted (untrusted 1))
(defhost artist.untrusted (untrusted 2))
(defhost vampire.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
(defhost terror.vpn ((:ipv4 vpn 2)))
(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))

;; Iodine network.
(defhost jazz.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw.its (its 1))
(defhost mz.its (its 2))

;; Internal (VPN) addresses for colocated services.
(defhost fender.colo (colo 1))
(defhost precision.colo (colo 2))
(defhost telecaster.colo (colo 3))
(defhost stratocaster.colo (colo 4))
(defhost jazz.colo (colo 5))

;; Anycast addresses for services.
(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))

;;;--------------------------------------------------------------------------
;;; Host switch.

(preferred-subnet-case
  ((unsafe colo)
   (defhost radius radius.unsafe)
   (defhost precision precision.colo)
   (defhost telecaster telecaster.colo)
   (defhost stratocaster stratocaster.colo)
   (defhost vampire vampire.unsafe))
  (t
   (defhost radius radius.dmz)
   (defhost precision precision.jump)
   (defhost telecaster telecaster.jump)
   (defhost stratocaster stratocaster.jump)
   (defhost vampire vampire.dmz)))

(defhost jaguar jaguar.jump)

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
ff6c53ad MW	1	;;; --lisp--
	2	;;;
	3	;;; distorted.org.uk hosts and networks, and other useful addresses.
	4
	5	;;;--------------------------------------------------------------------------
	6	;;; External hosts.
e80b4c2d	7
0fdd12c7	8	(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
9b7e4069 MW	9	(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
	10	(:ipv6 "2001:ba8:1e3::")))
	11	(defhost mccoy.flatline.org.uk "80.74.241.31")
	12	(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
	13	(:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
	14	(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
	15	(:ipv6 "2a00:1098:0:80:1000::10")))
0fdd12c7	16	(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
ff6c53ad MW	17
	18	;;;--------------------------------------------------------------------------
	19	;;; Internal addresses.
	20
9b7e4069 MW	21	;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	22	(defnet distorted.org.uk "172.29.198/23"
	23	(untrusted "198.0/24"
	24	(wireless "0/25")
9e4bef79 MW	25	(iodine "128/28")
9e4bef79 MW	26	(upn "160/27"))
9b7e4069 MW	27	(trusted "199.0/24"
	28	(wired "0/25"
	29	(unsafe "0/27")
	30	(dhcp "32/27"))
	31	(vpn "128/27")
	32	(its "160/30")
	33	(colo "176/28")
	34	(safe "192/27")
	35	(any "224/27")))
	36
	37	;; Externally routable DMZ from Demon.
	38	(defnet dmz "62.49.204.144/28")
ff6c53ad	39
38c2de7c	40	;; Externally routed colo range.
9b7e4069 MW	41	(defnet jump "212.13.198.66/28")
	42	(defnet jump "2001:ba8:0:1d9/64")
	43	(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
	44	(colo "2/64")
	45	(any "0/64")
9e4bef79 MW	46	(vpn "6000/64")
9e4bef79 MW	47	(upn "a000/64"))
38c2de7c	48
9b7e4069 MW	49	;; Hurricane Electric IPv6-inIPv4 tunnel.
	50	(defnet he-tunnel "2001:470:1f08:1b98/64")
	51	(defnet dmz "2001:470:1f09:1b98/64")
	52	(defnet distorted.org.uk-he "2001:470:9740/48"
	53	(unsafe "1/64")
	54	(safe "4001/64")
	55	(untrusted "8001/64"))
ff6c53ad MW	56
	57	;;;--------------------------------------------------------------------------
	58	;;; Host allocations
	59
	60	;; External addresses.
9b7e4069	61	(defhost guvnor.dmz ((:ipv4 dmz 1)))
ff6c53ad MW	62	(defhost radius.dmz (dmz 2))
	63	(defhost roadstar.dmz (dmz 3))
	64	(defhost jem.dmz (dmz 4))
	65	(defhost artist.dmz (dmz 5))
	66	(defhost vampire.dmz (dmz 6))
	67	(defhost ibanez.dmz (dmz 9))
04db9729	68	(defhost anon.dmz (dmz 12))
9b7e4069	69	(defhost nat.dmz ((:ipv4 dmz 14)))
ff6c53ad	70
38c2de7c	71	;; Colocated addresses.
9b7e4069	72	(defhost gate.jump ((:ipv6 jump 2)))
38c2de7c MW	73	(defhost fender.jump (jump 5))
	74	(defhost precision.jump (jump 6))
	75	(defhost telecaster.jump (jump 7))
	76	(defhost stratocaster.jump (jump 8))
	77	(defhost jazz.jump (jump 9))
376a10ac	78	(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
c1f47051	79	(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
0865ffd5	80	(defhost anon.jump (jump 13))
113bdffe	81	(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
38c2de7c	82
ff6c53ad MW	83	;; Unsafe network.
	84	(defhost radius.unsafe (unsafe 1))
	85	(defhost roadstar.unsafe (unsafe 2))
	86	(defhost jem.unsafe (unsafe 3))
	87	(defhost artist.unsafe (unsafe 4))
	88	(defhost vampire.unsafe (unsafe 5))
	89	(defhost ibanez.unsafe (unsafe 14))
f409e9c5	90	(defhost groove.unsafe (unsafe 17))
ff6c53ad	91
55f161b6 MW	92	;; Client hosts, with IPv6 addresses.
55f161b6 MW	93	(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
812706bd	94	(defhost crybaby.unsafe ((:ipv6 "2001:470:9740:1:216:eaff:fec2:4cb8")))
2d7b9fe6	95	(defhost lespaul.unsafe ((:ipv6 "2001:470:9740:1:a00:27ff:fef5:aaef")))
3e38779f MW	96	(defhost haze.unsafe ((:ipv6 "2001:470:9740:1:5056:a8ff:fe01:5654")))
3e38779f MW	97	(defhost gretsch.unsafe ((:ipv6 "2001:470:9740:1:3a2c:4aff:fe6d:e768")))
55f161b6 MW	98	(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
	99	(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
	100
ff6c53ad	101	;; Safe network.
d8536712 MW	102	(defhost radius.safe (safe 1))
d8536712 MW	103	(defhost vampire.safe (safe 2))
1f20839b	104	(defhost evolution.safe (safe 3))
c32d96fa MW	105	(defhost grigsby.safe (safe 4))
	106	(defhost carling.safe (safe 5))
	107	(defhost tritan.safe (safe 6))
ff6c53ad MW	108
	109	;; Wireless network.
	110	(defhost radius.untrusted (untrusted 1))
0302997e	111	(defhost artist.untrusted (untrusted 2))
ff6c53ad MW	112	(defhost vampire.untrusted (untrusted 3))
	113
	114	;; Virtual private network.
727a746f	115	(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
9b7e4069	116	(defhost terror.vpn ((:ipv4 vpn 2)))
727a746f	117	(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
5a33b178	118	(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
aa779726 MW	119	(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
	120	(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
	121	(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
	122	(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
ff6c53ad MW	123
ff6c53ad MW	124	;; Iodine network.
17c95de9	125	(defhost jazz.iodine (iodine 1))
ff6c53ad MW	126
	127	;; Special network for ITS.
	128	;; It doesn't understand point-to-point links, so we need a little net.
	129	(defhost gw.its (its 1))
	130	(defhost mz.its (its 2))
	131
38c2de7c MW	132	;; Internal (VPN) addresses for colocated services.
	133	(defhost fender.colo (colo 1))
	134	(defhost precision.colo (colo 2))
	135	(defhost telecaster.colo (colo 3))
	136	(defhost stratocaster.colo (colo 4))
	137	(defhost jazz.colo (colo 5))
	138
345c0f69	139	;; Anycast addresses for services.
727a746f MW	140	(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
	141	(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
	142	(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
	143	(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
	144	(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
	145	(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
	146	(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
345c0f69	147
ff6c53ad MW	148	;;;--------------------------------------------------------------------------
	149	;;; Host switch.
	150
	151	(preferred-subnet-case
c0430253	152	((unsafe colo)
ff6c53ad	153	(defhost radius radius.unsafe)
f0209b9c	154	(defhost precision precision.colo)
1b9508ad	155	(defhost telecaster telecaster.colo)
4c25329e	156	(defhost stratocaster stratocaster.colo)
c0430253 MW	157	(defhost vampire vampire.unsafe))
	158	(t
	159	(defhost radius radius.dmz)
f0209b9c	160	(defhost precision precision.jump)
1b9508ad	161	(defhost telecaster telecaster.jump)
4c25329e	162	(defhost stratocaster stratocaster.jump)
c0430253	163	(defhost vampire vampire.dmz)))
ff6c53ad	164
033baee0 MW	165	(defhost jaguar jaguar.jump)
033baee0 MW	166
ff6c53ad	167	;;;----- That's all, folks --------------------------------------------------