X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/4acd48907a06f598a4c76817e9f75022107021fc..652c34bee0d154a6e646bf878fc5f0e23267da30:/hosts.lisp

diff --git a/hosts.lisp b/hosts.lisp
index 6287e8b..da03f74 100644
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -1,6 +1,143 @@
-;; Static IP addresses for various useful hosts
+;;; -*-lisp-*-
+;;;
+;;; distorted.org.uk hosts and networks, and other useful addresses.
 
-(defhost guvnor.distorted.org.uk 80.177.3.76)
-(defhost boyle.nsict.org 85.158.42.162)
-(defhost chiark.greenend.org.uk 193.201.200.170)
-(defhost mccoy.flatline.org.uk 80.74.241.31)
+;;;--------------------------------------------------------------------------
+;;; External hosts.
+
+(defhost boyle.nsict.org "85.158.42.162")
+(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
+				 (:ipv6 "2001:ba8:1e3::")))
+(defhost mccoy.flatline.org.uk "80.74.241.31")
+(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
+		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
+(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
+		     (:ipv6 "2a00:1098:0:80:1000::10")))
+(defhost gandi-ns6 "217.70.177.40")
+
+;;;--------------------------------------------------------------------------
+;;; Internal addresses.
+
+;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
+(defnet distorted.org.uk "172.29.198/23"
+  (untrusted "198.0/24"
+    (wireless "0/25")
+    (iodine "128/28"))
+  (trusted "199.0/24"
+    (wired "0/25"
+      (unsafe "0/27")
+      (dhcp "32/27"))
+    (vpn "128/27")
+    (its "160/30")
+    (colo "176/28")
+    (safe "192/27")
+    (any "224/27")))
+
+;; Externally routable DMZ from Demon.
+(defnet dmz "62.49.204.144/28")
+
+;; Externally routed colo range.
+(defnet jump "212.13.198.66/28")
+(defnet jump "2001:ba8:0:1d9/64")
+(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
+  (colo "2/64")
+  (any "0/64")
+  (vpn "6000/64"))
+
+;; Hurricane Electric IPv6-inIPv4 tunnel.
+(defnet he-tunnel "2001:470:1f08:1b98/64")
+(defnet dmz "2001:470:1f09:1b98/64")
+(defnet distorted.org.uk-he "2001:470:9740/48"
+  (unsafe "1/64")
+  (safe "4001/64")
+  (untrusted "8001/64"))
+
+;;;--------------------------------------------------------------------------
+;;; Host allocations
+
+;; External addresses.
+(defhost guvnor.dmz ((:ipv4 dmz 1)))
+(defhost radius.dmz (dmz 2))
+(defhost roadstar.dmz (dmz 3))
+(defhost jem.dmz (dmz 4))
+(defhost artist.dmz (dmz 5))
+(defhost vampire.dmz (dmz 6))
+(defhost ibanez.dmz (dmz 9))
+(defhost anon.dmz (dmz 12))
+(defhost nat.dmz ((:ipv4 dmz 14)))
+
+;; Colocated addresses.
+(defhost gate.jump ((:ipv6 jump 2)))
+(defhost fender.jump (jump 5))
+(defhost precision.jump (jump 6))
+(defhost telecaster.jump (jump 7))
+(defhost stratocaster.jump (jump 8))
+(defhost jazz.jump (jump 9))
+(defhost jaguar.jump ((:ipv4 jump 11)))
+(defhost richmond.jump ((:ipv4 jump 12)))
+(defhost anon.jump (jump 13))
+(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump #xffff)))
+
+;; Unsafe network.
+(defhost radius.unsafe (unsafe 1))
+(defhost roadstar.unsafe (unsafe 2))
+(defhost jem.unsafe (unsafe 3))
+(defhost artist.unsafe (unsafe 4))
+(defhost vampire.unsafe (unsafe 5))
+(defhost ibanez.unsafe (unsafe 14))
+
+;; Safe network.
+(defhost radius.safe (safe 1))
+(defhost vampire.safe (safe 2))
+(defhost evolution.safe ((:ipv4 safe 3)))
+
+;; Wireless network.
+(defhost radius.untrusted (untrusted 1))
+(defhost artist.untrusted (untrusted 2))
+(defhost vampire.untrusted (untrusted 3))
+
+;; Virtual private network.
+(defhost crybaby.vpn (vpn 1))
+(defhost terror.vpn ((:ipv4 vpn 2)))
+(defhost orange.vpn (vpn 3))
+
+;; Iodine network.
+(defhost jazz.iodine (iodine 1))
+
+;; Special network for ITS.
+;; It doesn't understand point-to-point links, so we need a little net.
+(defhost gw.its (its 1))
+(defhost mz.its (its 2))
+
+;; Internal (VPN) addresses for colocated services.
+(defhost fender.colo (colo 1))
+(defhost precision.colo (colo 2))
+(defhost telecaster.colo (colo 3))
+(defhost stratocaster.colo (colo 4))
+(defhost jazz.colo (colo 5))
+
+;; Anycast addresses for services.
+(defhost dns0.any (any 0))
+(defhost dns1.any (any 1))
+(defhost ntp0.any (any 2))
+(defhost ntp1.any (any 3))
+(defhost www-cache.any (any 4))
+(defhost krb0.any (any 5))
+(defhost krb1.any (any 6))
+
+;;;--------------------------------------------------------------------------
+;;; Host switch.
+
+(preferred-subnet-case
+  ((unsafe colo)
+   (defhost radius radius.unsafe)
+   (defhost precision precision.colo)
+   (defhost stratocaster stratocaster.colo)
+   (defhost vampire vampire.unsafe))
+  (t
+   (defhost radius radius.dmz)
+   (defhost precision precision.jump)
+   (defhost stratocaster stratocaster.jump)
+   (defhost vampire vampire.dmz)))
+
+;;;----- That's all, folks --------------------------------------------------