X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/ff6c53ad07d4f9987d648085e8c0656fa825322d..c3997955e70ef2caed25330f8eb0cbfe145f8882:/hosts.lisp

diff --git a/hosts.lisp b/hosts.lisp
index 7393a7c..5b90533 100644
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -10,6 +10,7 @@
 (defhost mccoy.flatline.org.uk 80.74.241.31)
 (defhost mythic-ns1 69.56.173.190)
 (defhost mythic-ns2 93.93.128.67)
+(defhost gandi-ns6 217.70.177.40)
 
 ;;;--------------------------------------------------------------------------
 ;;; Internal addresses.
@@ -17,6 +18,9 @@
 ;; Externally routable DMZ.
 (defnet dmz 62.49.204.144/28)
 
+;; Externally routed colo range.
+(defnet jump 212.13.198.66/28)
+
 ;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
 (defnet distorted.org.uk 172.29.198.0/23
   (untrusted 256
@@ -25,10 +29,13 @@
   (trusted 256
     (wired 128
       (unsafe 32)
-      (dhcp 32)
-      (safe 32))
-    (virtual 32)
-    (its 4)))
+      (dhcp 32))
+    (vpn 32)
+    (nil 16
+      (its 4))
+    (colo 16)
+    (safe 32)
+    (any 32)))
 
 ;;;--------------------------------------------------------------------------
 ;;; Host allocations
@@ -41,9 +48,21 @@
 (defhost artist.dmz (dmz 5))
 (defhost vampire.dmz (dmz 6))
 (defhost ibanez.dmz (dmz 9))
+(defhost anon.dmz (dmz 12))
 (defhost gate.dmz (dmz 13))
 (defhost nat.dmz (dmz 14))
 
+;; Colocated addresses.
+(defhost fender.jump (jump 5))
+(defhost precision.jump (jump 6))
+(defhost telecaster.jump (jump 7))
+(defhost stratocaster.jump (jump 8))
+(defhost jazz.jump (jump 9))
+(defhost jaguar.jump (jump 11))
+(defhost richmond.jump (jump 12))
+(defhost anon.jump (jump 13))
+(defhost blackhole.jump (jump 14))
+
 ;; Unsafe network.
 (defhost radius.unsafe (unsafe 1))
 (defhost roadstar.unsafe (unsafe 2))
@@ -53,35 +72,57 @@
 (defhost ibanez.unsafe (unsafe 14))
 
 ;; Safe network.
-(defhost tubescreamer.safe (safe 1))
-(defhost obsidian.safe (safe 2))
+(defhost radius.safe (safe 1))
+(defhost vampire.safe (safe 2))
+(defhost evolution.safe (safe 3))
 
 ;; Wireless network.
 (defhost radius.untrusted (untrusted 1))
-(defhost evolution.untrusted (untrusted 2))
+(defhost artist.untrusted (untrusted 2))
 (defhost vampire.untrusted (untrusted 3))
 
 ;; Virtual private network.
-(defhost crybaby.virtual (virtual 1))
-(defhost terror.virtual (virtual 2))
+(defhost crybaby.vpn (vpn 1))
+(defhost terror.vpn (vpn 2))
+(defhost orange.vpn (vpn 3))
 
 ;; Iodine network.
-(defhost vampire.iodine (iodine 1))
+(defhost jazz.iodine (iodine 1))
 
 ;; Special network for ITS.
 ;; It doesn't understand point-to-point links, so we need a little net.
 (defhost gw.its (its 1))
 (defhost mz.its (its 2))
 
+;; Internal (VPN) addresses for colocated services.
+(defhost fender.colo (colo 1))
+(defhost precision.colo (colo 2))
+(defhost telecaster.colo (colo 3))
+(defhost stratocaster.colo (colo 4))
+(defhost jazz.colo (colo 5))
+
+;; Anycast addresses for services.
+(defhost dns0.any (any 0))
+(defhost dns1.any (any 1))
+(defhost ntp0.any (any 2))
+(defhost ntp1.any (any 3))
+(defhost www-cache.any (any 4))
+(defhost krb0.any (any 5))
+(defhost krb1.any (any 6))
+
 ;;;--------------------------------------------------------------------------
 ;;; Host switch.
 
 (preferred-subnet-case
-  (dmz
-   (defhost radius radius.dmz)
-   (defhost vampire vampire.dmz))
-  (t
+  ((unsafe colo)
    (defhost radius radius.unsafe)
-   (defhost vampire vampire.unsafe)))
+   (defhost precision precision.colo)
+   (defhost stratocaster stratocaster.colo)
+   (defhost vampire vampire.unsafe))
+  (t
+   (defhost radius radius.dmz)
+   (defhost precision precision.jump)
+   (defhost stratocaster stratocaster.jump)
+   (defhost vampire vampire.dmz)))
 
 ;;;----- That's all, folks --------------------------------------------------