X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/c3997955e70ef2caed25330f8eb0cbfe145f8882..376a10ac4c739001a943fc1fc57bcb1ed473ebb9:/distorted.lisp

diff --git a/distorted.lisp b/distorted.lisp
index 2b5e744..a9aa9ab 100644
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -16,7 +16,7 @@
     ;; IPv6 anycast addresses are globally routable, while IPv4 ones aren't.
     (if (zone-preferred-subnet-p (car any-provider))
 	(zone-set-address #'rec (cdr any-provider) :make-ptr-p t)
-	(dolist (addr (host-addrs (host-parse (cdr any-provider))))
+	(do-host (addr (cdr any-provider))
 	  (let ((family (ipaddr-family addr)))
 	    (if (member family *anycast-routable-families*)
 		(zone-set-address #'rec addr
@@ -47,9 +47,11 @@
   ;; Nameservers.
   :ns #+view/inside ((radius.ns :ip radius)
 		     (precision.ns :ip precision)
+		     (telecaster.ns :ip telecaster)
 		     (vampire.ns :ip vampire))
       #-view/inside ((radius.ns :ip radius)
 		     (precision.ns :ip precision)
+		     (telecaster.ns :ip telecaster)
 		     (mythic-beasts-1.ns :ip mythic-ns1)
 		     (mythic-beasts-2.ns :ip mythic-ns2)
 		     (chiark.ns :ip chiark.greenend.org.uk))
@@ -123,7 +125,6 @@
   ;; Entry is via little router box.
   (dmz :net dmz)
   (guvnor (dmz :addr guvnor.dmz))
-  (gate (dmz :addr gate.dmz))
   (nat (dmz :addr nat.dmz))
 
   ;; Wireless gateway.
@@ -141,6 +142,7 @@
   (cabal :svc stratocaster.colo :sshfp "stratocaster")
   ((db ftp) (colo :svc telecaster.colo :sshfp "telecaster")
 	    (jump :svc telecaster.jump :sshfp "telecaster"))
+  (dyndns :svc telecaster.jump :sshfp "telecaster")
 
   ;; Local services.
   ((rawk pifi) (unsafe :svc artist.unsafe)
@@ -164,6 +166,7 @@
   ;; Colocated hosts.
   (colo :net colo)
   (jump :net jump)
+  (gate (jump :addr gate.jump :sshfp "precision"))
   (fender (colo :addr fender.colo :sshfp "fender")
 	  (jump :addr fender.jump :sshfp "fender"))
   (precision (colo :addr precision.colo :sshfp "precision")
@@ -179,10 +182,10 @@
 	(iodine :addr jazz.iodine :sshfp "jazz"))
 
   ;; Media server (on loan to Good Technology HSTG).
-  (jaguar (jump :addr jaguar.jump))
+  (jaguar (jump :addr jaguar.jump :sshfp "jaguar"))
 
   ;; Nicko's server.
-  (richmond (jump :addr richmond.jump))
+  (richmond (jump :svc richmond.jump))
 
   ;; Wired ethernet.
   (unsafe :net unsafe)
@@ -231,44 +234,74 @@
   ;; Delegations.
   (dhcp :ns ((radius.ns.dhcp :ip radius)
 	     (precision.ns.dhcp :ip precision)
+	     (telecaster.ns.dhcp :ip telecaster)
 	     (vampire.ns.dhcp :ip vampire)))
   (dyn :ns ((radius.ns.dyn :ip radius)
 	    (precision.ns.dyn :ip precision)
+	    (telecaster.ns.dyn :ip telecaster)
 	    (vampire.ns.dyn :ip vampire)))
   (dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
 	       (precision.ns.dnserr :ip precision.jump)
+	       (telecaster.ns.dnserr :ip telecaster)
 	       (vampire.ns.dnserr :ip vampire.dmz)))
   (io :ns ((ns.io :ip jazz.jump))))
 
 ;;;--------------------------------------------------------------------------
 ;;; Other subsidiary zones.
 
+(defzone dhcp.distorted.org.uk
+  (gibson :addr gibson.unsafe)
+  (lespaul :addr lespaul.safe)
+  (invader :addr invader.safe)
+  (marauder :addr marauder.safe))
+
+(defzone nicko.org
+  (richmond :addr richmond.jump))
+
 (defrevzone trusted
-  :ns ((radius.ns :ip radius)
-       (precision.ns :ip precision)
-       (vampire.ns :ip vampire))
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
   :reverse unsafe
   :reverse vpn
   :reverse colo
   :reverse its
   :reverse any
-  (dhcp :ns ((radius.ns.dhcp :ip radius)
-	     (precision.ns.dhcp :ip precision)
-	     (vampire.ns.dhcp :ip vampire)))
+  (dhcp :ns (radius.distorted.org.uk.
+	     precision.distorted.org.uk.
+	     telecaster.distorted.org.uk.
+	     vampire.distorted.org.uk.))
   :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *))
 
 (defrevzone dmz
-  :ns ((radius.ns :ip radius)
-       (precision.ns :ip precision)
-       (vampire.ns :ip vampire))
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
   :reverse dmz)
 
 (defrevzone jump
-  :ns ((radius.ns :ip radius)
-       (precision.ns :ip precision)
-       (vampire.ns :ip vampire))
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
   :reverse jump)
 
+(defrevzone distorted.org.uk-he
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
+  :reverse distorted.org.uk-he)
+
+(defrevzone distorted.org.uk-jump
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
+  :reverse distorted.org.uk-jump)
+
 (defzone io.distorted.org.uk
   :ns ((ns :ip jazz.jump))
   (about :txt "Fake zone used for IP-over-DNS tunnelling."))