distorted.lisp: Now using LetsEncrypt certificates on other servers.

[zones] / hosts.lisp

diff --git a/hosts.lisp b/hosts.lisp
index 28dd2bf..78b3b3d 100644 (file)
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -22,7 +22,8 @@
 (defnet distorted.org.uk "172.29.198/23"
   (untrusted "198.0/24"
     (wireless "0/25")
 (defnet distorted.org.uk "172.29.198/23"
   (untrusted "198.0/24"
     (wireless "0/25")

-    (iodine "128/28"))
+    (iodine "128/28")
+    (upn "160/27"))

   (trusted "199.0/24"
     (wired "0/25"
       (unsafe "0/27")
   (trusted "199.0/24"
     (wired "0/25"
       (unsafe "0/27")


@@ -42,7 +43,8 @@
 (defnet distorted.org.uk-jump "2001:ba8:1d9/48"
   (colo "2/64")
   (any "0/64")
 (defnet distorted.org.uk-jump "2001:ba8:1d9/48"
   (colo "2/64")
   (any "0/64")

-  (vpn "6000/64"))
+  (vpn "6000/64")
+  (upn "a000/64"))

 
 ;; Hurricane Electric IPv6-inIPv4 tunnel.
 (defnet he-tunnel "2001:470:1f08:1b98/64")
 
 ;; Hurricane Electric IPv6-inIPv4 tunnel.
 (defnet he-tunnel "2001:470:1f08:1b98/64")


@@ -73,11 +75,15 @@
 (defhost telecaster.jump (jump 7))
 (defhost stratocaster.jump (jump 8))
 (defhost jazz.jump (jump 9))
 (defhost telecaster.jump (jump 7))
 (defhost stratocaster.jump (jump 8))
 (defhost jazz.jump (jump 9))

-(defhost jaguar.jump ((:ipv4 jump 11)))
-(defhost richmond.jump ((:ipv4 jump 12)))
+(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
+(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))

 (defhost anon.jump (jump 13))
 (defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
 
 (defhost anon.jump (jump 13))
 (defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
 

+;; Linode virtual hosts.
+(defhost national.linode ((:ipv4 "45.33.118.239")
+                         (:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))
+

 ;; Unsafe network.
 (defhost radius.unsafe (unsafe 1))
 (defhost roadstar.unsafe (unsafe 2))
 ;; Unsafe network.
 (defhost radius.unsafe (unsafe 1))
 (defhost roadstar.unsafe (unsafe 2))


@@ -85,17 +91,24 @@
 (defhost artist.unsafe (unsafe 4))
 (defhost vampire.unsafe (unsafe 5))
 (defhost ibanez.unsafe (unsafe 14))
 (defhost artist.unsafe (unsafe 4))
 (defhost vampire.unsafe (unsafe 5))
 (defhost ibanez.unsafe (unsafe 14))

+(defhost groove.unsafe (unsafe 17))

 
 ;; Client hosts, with IPv6 addresses.
 (defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
 
 ;; Client hosts, with IPv6 addresses.
 (defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))

-(defhost lespaul.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fef5:aaef")))
+(defhost crybaby.unsafe ((:ipv6 "2001:470:9740:1:216:eaff:fec2:4cb8")))
+(defhost lespaul.unsafe ((:ipv6 "2001:470:9740:1:a00:27ff:fef5:aaef")))
+(defhost haze.unsafe ((:ipv6 "2001:470:9740:1:5056:a8ff:fe01:5654")))
+(defhost gretsch.unsafe ((:ipv6 "2001:470:9740:1:3a2c:4aff:fe6d:e768")))

 (defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
 (defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
 
 ;; Safe network.
 (defhost radius.safe (safe 1))
 (defhost vampire.safe (safe 2))
 (defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
 (defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
 
 ;; Safe network.
 (defhost radius.safe (safe 1))
 (defhost vampire.safe (safe 2))

-(defhost evolution.safe ((:ipv4 safe 3)))
+(defhost evolution.safe (safe 3))
+(defhost grigsby.safe (safe 4))
+(defhost carling.safe (safe 5))
+(defhost tritan.safe (safe 6))

 
 ;; Wireless network.
 (defhost radius.untrusted (untrusted 1))
 
 ;; Wireless network.
 (defhost radius.untrusted (untrusted 1))


@@ -103,9 +116,17 @@
 (defhost vampire.untrusted (untrusted 3))
 
 ;; Virtual private network.
 (defhost vampire.untrusted (untrusted 3))
 
 ;; Virtual private network.

-(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:0")))
+(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))

 (defhost terror.vpn ((:ipv4 vpn 2)))
 (defhost terror.vpn ((:ipv4 vpn 2)))

-(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:0")))
+(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
+(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
+(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
+(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
+(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
+(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
+
+;; Untrusted private network.
+(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))

 
 ;; Iodine network.
 (defhost jazz.iodine (iodine 1))
 
 ;; Iodine network.
 (defhost jazz.iodine (iodine 1))


@@ -123,13 +144,13 @@
 (defhost jazz.colo (colo 5))
 
 ;; Anycast addresses for services.
 (defhost jazz.colo (colo 5))
 
 ;; Anycast addresses for services.

-(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:0")))
-(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:0")))
-(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:0")))
-(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:0")))
-(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:0")))
-(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:0")))
-(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:0")))
+(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
+(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
+(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
+(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
+(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
+(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
+(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))

 
 ;;;--------------------------------------------------------------------------
 ;;; Host switch.
 
 ;;;--------------------------------------------------------------------------
 ;;; Host switch.


@@ -148,4 +169,6 @@
    (defhost stratocaster stratocaster.jump)
    (defhost vampire vampire.dmz)))
 
    (defhost stratocaster stratocaster.jump)
    (defhost vampire vampire.dmz)))
 

+(defhost jaguar jaguar.jump)
+

 ;;;----- That's all, folks --------------------------------------------------
 ;;;----- That's all, folks --------------------------------------------------