X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/9b7e40695ec633ee206dd608a3a7e0e410e5f7c8..1b9508ad37b8ea9d28f3135ec55a1833c13584db:/distorted.lisp diff --git a/distorted.lisp b/distorted.lisp index 61f2267..ae8d6ac 100644 --- a/distorted.lisp +++ b/distorted.lisp @@ -16,7 +16,7 @@ ;; IPv6 anycast addresses are globally routable, while IPv4 ones aren't. (if (zone-preferred-subnet-p (car any-provider)) (zone-set-address #'rec (cdr any-provider) :make-ptr-p t) - (dolist (addr (host-addrs (host-parse (cdr any-provider)))) + (do-host (addr (cdr any-provider)) (let ((family (ipaddr-family addr))) (if (member family *anycast-routable-families*) (zone-set-address #'rec addr @@ -47,9 +47,11 @@ ;; Nameservers. :ns #+view/inside ((radius.ns :ip radius) (precision.ns :ip precision) + (telecaster.ns :ip telecaster) (vampire.ns :ip vampire)) #-view/inside ((radius.ns :ip radius) (precision.ns :ip precision) + (telecaster.ns :ip telecaster) (mythic-beasts-1.ns :ip mythic-ns1) (mythic-beasts-2.ns :ip mythic-ns2) (chiark.ns :ip chiark.greenend.org.uk)) @@ -91,10 +93,10 @@ (ntp :cname ntp0) (www-cache :anycast ((any www-cache.any) - (jump telecaster.jump) - (dmz roadstar.dmz) - (unsafe roadstar.unsafe) - (colo telecaster.colo))) + (jump (:ipv4 telecaster.jump)) + (dmz (:ipv4 roadstar.dmz)) + (unsafe (:ipv4 roadstar.unsafe)) + (colo (:ipv4 telecaster.colo)))) (wpad :cname www-cache) (_kerberos :txt "DISTORTED.ORG.UK") @@ -138,8 +140,8 @@ :svc #+view/inside stratocaster.colo #-view/inside stratocaster.jump (cabal :svc stratocaster.colo :sshfp "stratocaster") - ((db ftp) (colo :svc telecaster.colo :sshfp "telecaster") - (jump :svc telecaster.jump :sshfp "telecaster")) + ((db ftp dyndns) (colo :svc telecaster.colo :sshfp "telecaster") + (jump :svc telecaster.jump :sshfp "telecaster")) ;; Local services. ((rawk pifi) (unsafe :svc artist.unsafe) @@ -231,44 +233,71 @@ ;; Delegations. (dhcp :ns ((radius.ns.dhcp :ip radius) (precision.ns.dhcp :ip precision) + (telecaster.ns.dhcp :ip telecaster) (vampire.ns.dhcp :ip vampire))) (dyn :ns ((radius.ns.dyn :ip radius) (precision.ns.dyn :ip precision) + (telecaster.ns.dyn :ip telecaster) (vampire.ns.dyn :ip vampire))) (dnserr :ns ((radius.ns.dnserr :ip radius.dmz) (precision.ns.dnserr :ip precision.jump) + (telecaster.ns.dnserr :ip telecaster) (vampire.ns.dnserr :ip vampire.dmz))) (io :ns ((ns.io :ip jazz.jump)))) ;;;-------------------------------------------------------------------------- ;;; Other subsidiary zones. +(defzone dhcp.distorted.org.uk + (gibson :addr gibson.unsafe) + (lespaul :addr lespaul.safe) + (invader :addr invader.safe) + (marauder :addr marauder.safe)) + (defrevzone trusted - :ns ((radius.ns :ip radius) - (precision.ns :ip precision) - (vampire.ns :ip vampire)) + :ns (radius.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + vampire.distorted.org.uk.) :reverse unsafe :reverse vpn :reverse colo :reverse its :reverse any - (dhcp :ns ((radius.ns.dhcp :ip radius) - (precision.ns.dhcp :ip precision) - (vampire.ns.dhcp :ip vampire))) + (dhcp :ns (radius.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + vampire.distorted.org.uk.)) :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *)) (defrevzone dmz - :ns ((radius.ns :ip radius) - (precision.ns :ip precision) - (vampire.ns :ip vampire)) + :ns (radius.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + vampire.distorted.org.uk.) :reverse dmz) (defrevzone jump - :ns ((radius.ns :ip radius) - (precision.ns :ip precision) - (vampire.ns :ip vampire)) + :ns (radius.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + vampire.distorted.org.uk.) :reverse jump) +(defrevzone distorted.org.uk-he + :ns (radius.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + vampire.distorted.org.uk.) + :reverse distorted.org.uk-he) + +(defrevzone distorted.org.uk-jump + :ns (radius.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + vampire.distorted.org.uk.) + :reverse distorted.org.uk-jump) + (defzone io.distorted.org.uk :ns ((ns :ip jazz.jump)) (about :txt "Fake zone used for IP-over-DNS tunnelling."))