X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/c3997955e70ef2caed25330f8eb0cbfe145f8882..1b9508ad37b8ea9d28f3135ec55a1833c13584db:/distorted.lisp

diff --git a/distorted.lisp b/distorted.lisp
index 2b5e744..ae8d6ac 100644
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -16,7 +16,7 @@
     ;; IPv6 anycast addresses are globally routable, while IPv4 ones aren't.
     (if (zone-preferred-subnet-p (car any-provider))
 	(zone-set-address #'rec (cdr any-provider) :make-ptr-p t)
-	(dolist (addr (host-addrs (host-parse (cdr any-provider))))
+	(do-host (addr (cdr any-provider))
 	  (let ((family (ipaddr-family addr)))
 	    (if (member family *anycast-routable-families*)
 		(zone-set-address #'rec addr
@@ -47,9 +47,11 @@
   ;; Nameservers.
   :ns #+view/inside ((radius.ns :ip radius)
 		     (precision.ns :ip precision)
+		     (telecaster.ns :ip telecaster)
 		     (vampire.ns :ip vampire))
       #-view/inside ((radius.ns :ip radius)
 		     (precision.ns :ip precision)
+		     (telecaster.ns :ip telecaster)
 		     (mythic-beasts-1.ns :ip mythic-ns1)
 		     (mythic-beasts-2.ns :ip mythic-ns2)
 		     (chiark.ns :ip chiark.greenend.org.uk))
@@ -91,10 +93,10 @@
   (ntp :cname ntp0)
 
   (www-cache :anycast ((any www-cache.any)
-		       (jump telecaster.jump)
-		       (dmz roadstar.dmz)
-		       (unsafe roadstar.unsafe)
-		       (colo telecaster.colo)))
+		       (jump (:ipv4 telecaster.jump))
+		       (dmz (:ipv4 roadstar.dmz))
+		       (unsafe (:ipv4 roadstar.unsafe))
+		       (colo (:ipv4 telecaster.colo))))
   (wpad :cname www-cache)
 
   (_kerberos :txt "DISTORTED.ORG.UK")
@@ -123,7 +125,6 @@
   ;; Entry is via little router box.
   (dmz :net dmz)
   (guvnor (dmz :addr guvnor.dmz))
-  (gate (dmz :addr gate.dmz))
   (nat (dmz :addr nat.dmz))
 
   ;; Wireless gateway.
@@ -139,8 +140,8 @@
   :svc #+view/inside stratocaster.colo
        #-view/inside stratocaster.jump
   (cabal :svc stratocaster.colo :sshfp "stratocaster")
-  ((db ftp) (colo :svc telecaster.colo :sshfp "telecaster")
-	    (jump :svc telecaster.jump :sshfp "telecaster"))
+  ((db ftp dyndns) (colo :svc telecaster.colo :sshfp "telecaster")
+		   (jump :svc telecaster.jump :sshfp "telecaster"))
 
   ;; Local services.
   ((rawk pifi) (unsafe :svc artist.unsafe)
@@ -164,6 +165,7 @@
   ;; Colocated hosts.
   (colo :net colo)
   (jump :net jump)
+  (gate (jump :addr gate.jump :sshfp "precision"))
   (fender (colo :addr fender.colo :sshfp "fender")
 	  (jump :addr fender.jump :sshfp "fender"))
   (precision (colo :addr precision.colo :sshfp "precision")
@@ -231,44 +233,71 @@
   ;; Delegations.
   (dhcp :ns ((radius.ns.dhcp :ip radius)
 	     (precision.ns.dhcp :ip precision)
+	     (telecaster.ns.dhcp :ip telecaster)
 	     (vampire.ns.dhcp :ip vampire)))
   (dyn :ns ((radius.ns.dyn :ip radius)
 	    (precision.ns.dyn :ip precision)
+	    (telecaster.ns.dyn :ip telecaster)
 	    (vampire.ns.dyn :ip vampire)))
   (dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
 	       (precision.ns.dnserr :ip precision.jump)
+	       (telecaster.ns.dnserr :ip telecaster)
 	       (vampire.ns.dnserr :ip vampire.dmz)))
   (io :ns ((ns.io :ip jazz.jump))))
 
 ;;;--------------------------------------------------------------------------
 ;;; Other subsidiary zones.
 
+(defzone dhcp.distorted.org.uk
+  (gibson :addr gibson.unsafe)
+  (lespaul :addr lespaul.safe)
+  (invader :addr invader.safe)
+  (marauder :addr marauder.safe))
+
 (defrevzone trusted
-  :ns ((radius.ns :ip radius)
-       (precision.ns :ip precision)
-       (vampire.ns :ip vampire))
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
   :reverse unsafe
   :reverse vpn
   :reverse colo
   :reverse its
   :reverse any
-  (dhcp :ns ((radius.ns.dhcp :ip radius)
-	     (precision.ns.dhcp :ip precision)
-	     (vampire.ns.dhcp :ip vampire)))
+  (dhcp :ns (radius.distorted.org.uk.
+	     precision.distorted.org.uk.
+	     telecaster.distorted.org.uk.
+	     vampire.distorted.org.uk.))
   :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *))
 
 (defrevzone dmz
-  :ns ((radius.ns :ip radius)
-       (precision.ns :ip precision)
-       (vampire.ns :ip vampire))
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
   :reverse dmz)
 
 (defrevzone jump
-  :ns ((radius.ns :ip radius)
-       (precision.ns :ip precision)
-       (vampire.ns :ip vampire))
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
   :reverse jump)
 
+(defrevzone distorted.org.uk-he
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
+  :reverse distorted.org.uk-he)
+
+(defrevzone distorted.org.uk-jump
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
+  :reverse distorted.org.uk-jump)
+
 (defzone io.distorted.org.uk
   :ns ((ns :ip jazz.jump))
   (about :txt "Fake zone used for IP-over-DNS tunnelling."))