[zones] / distorted.lisp

;;; Zone file for distorted.org.uk

(load "hosts" :verbose nil)

;;;--------------------------------------------------------------------------
;;; Network allocations
;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)

(defnet distorted.org.uk 172.29.198.0/23
  (untrusted 256
    (wireless 128)
    (iodine 16))
  (trusted 256
    (fretwank 128
      (unsafe 32)
      (dhcp 32)
      (safe 32))
    (virtual 32)
    (its 4)))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.demon 80.177.3.76)

;; Unsafe network.
(defhost guvnor (unsafe 1))
(defhost metalzone (unsafe 2))
;;(defhost evolution.fretwank (unsafe 3))
(defhost vampire (unsafe 4))

;; Safe network.
(defhost tubescreamer (safe 1))
(defhost obsidian (safe 2))

;; Wireless network.
(defhost vampire.untrusted (untrusted 1))
(defhost evolution (untrusted 2))

;; Virtual private network.
(defhost crybaby (virtual 1))

;; Iodine network.
(defhost vampire.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw (its 1))
(defhost mz (its 2))

;;;--------------------------------------------------------------------------
;;; Other definitions.

(setf *default-zone-admin* "hostmaster@distorted.org.uk")

(preferred-subnet-case
  (fretwank
   (setf *default-zone-source* 'vampire.distorted.org.uk.)
   (defhost www-frontend metalzone)
   (defhost dns-frontend vampire))
  (t
   (setf *default-zone-source* 'guvnor.distorted.org.uk.)
   (defhost www-frontend guvnor.demon)
   (defhost dns-frontend guvnor.demon)))

;;;--------------------------------------------------------------------------
;;; Main zone definition.

(defzone distorted.org.uk
  ;;
  ;; Nameservers
  :ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
			 (vampire.ns :ip vampire))
      #-subnet/fretwank ((boyle.ns :ip boyle.nsict.org)
			 (chiark.ns :ip chiark.greenend.org.uk)
			 (guvnor.ns :ip guvnor.demon))
  ;;
  ;; Mail servers
  ((@ mail lists bugs cryptomail)
   :mx mail
   :srv ((:smtp mail)))
  ;;
  ;; Other services
  :srv ((:http www)
	(:ftp ftp))
  ;;
  ;; Colocated services
  ;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
  ;;
  ;; Entry is via little port-forwarding box
  (guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
  ;;
  ;; Wireless gateway
  (untrusted :net untrusted)
  (evolution (untrusted :a evolution))
  ;;
  ;; Local services
  (@ :svc www-frontend)
  ((www ftp wiki git bugs mail)
   (inet :svc guvnor.demon)
   (fretwank :svc metalzone))
  ((db tor i2p rawk)
   (inet :svc guvnor.demon)
   (fretwank :svc vampire))
  (vox (inet :svc guvnor.demon) (fretwank :svc vampire))
  ;;
  ;; Internal services
  ((ntp1) (fretwank :svc metalzone))
  ((www-cache wpad ntp news) (fretwank :svc vampire))
  ;;
  ;; Wired ethernet
  (fretwank :net fretwank)
  (metalzone (inet :a guvnor.demon)
	     (fretwank :a metalzone))
  (vampire (fretwank :a vampire)
	   (untrusted :a vampire.untrusted)
	   (iodine :a vampire.iodine))
  (obsidian (fretwank :a obsidian))
  ;;
  ;; Virtual network
  (virtual :net virtual)
  (crybaby (virtual :a crybaby))
  (iodine :net iodine)
  ;;
  ;; ITS
  (its :net its)
  (gw (its :a gw))
  (mz (its :a mz))
  ;;
  ;; Delegations
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  (io :ns ((ns.io :ip dns-frontend))))

;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.

(defrevzone trusted
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :reverse trusted
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  #+subnet/fretwank (@ :cidr-delegation
		       (dhcp
			(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))

(defrevzone untrusted
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :reverse untrusted)

(defzone dhcp.distorted.org.uk
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :net dhcp)

(defzone io.distorted.org.uk
  :ns ((ns :ip dns-frontend))
  (about :txt "Fake zone used for IP-over-DNS tunnelling."))

(defzone dhcp.199.29.172.in-addr.arpa
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
e80b4c2d MW	1	;;; Zone file for distorted.org.uk
	2
	3	(load "hosts" :verbose nil)
	4
b1d5c6c2 MW	5	;;;--------------------------------------------------------------------------
	6	;;; Network allocations
	7	;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	8
e80b4c2d	9	(defnet distorted.org.uk 172.29.198.0/23
fc0ce2ed MW	10	(untrusted 256
	11	(wireless 128)
	12	(iodine 16))
e80b4c2d MW	13	(trusted 256
	14	(fretwank 128
	15	(unsafe 32)
	16	(dhcp 32)
	17	(safe 32))
b1d5c6c2 MW	18	(virtual 32)
	19	(its 4)))
	20
	21	;;;--------------------------------------------------------------------------
	22	;;; Host allocations
e80b4c2d	23
b1d5c6c2	24	;; External addresses.
4acd4890	25	(defhost guvnor.demon 80.177.3.76)
2bc217e8	26
b1d5c6c2	27	;; Unsafe network.
2bc217e8 MW	28	(defhost guvnor (unsafe 1))
2bc217e8 MW	29	(defhost metalzone (unsafe 2))
8ef3dea5	30	;;(defhost evolution.fretwank (unsafe 3))
2bc217e8 MW	31	(defhost vampire (unsafe 4))
2bc217e8 MW	32
b1d5c6c2	33	;; Safe network.
2bc217e8 MW	34	(defhost tubescreamer (safe 1))
	35	(defhost obsidian (safe 2))
	36
b1d5c6c2	37	;; Wireless network.
e07781f9 MW	38	(defhost vampire.untrusted (untrusted 1))
e07781f9 MW	39	(defhost evolution (untrusted 2))
2bc217e8	40
b1d5c6c2	41	;; Virtual private network.
8ca446b5	42	(defhost crybaby (virtual 1))
b1d5c6c2	43
fc0ce2ed MW	44	;; Iodine network.
	45	(defhost vampire.iodine (iodine 1))
	46
b1d5c6c2 MW	47	;; Special network for ITS.
	48	;; It doesn't understand point-to-point links, so we need a little net.
	49	(defhost gw (its 1))
	50	(defhost mz (its 2))
	51
	52	;;;--------------------------------------------------------------------------
	53	;;; Other definitions.
e80b4c2d MW	54
e80b4c2d MW	55	(setf default-zone-admin "hostmaster@distorted.org.uk")
2bc217e8 MW	56
	57	(preferred-subnet-case
	58	(fretwank
e07781f9	59	(setf default-zone-source 'vampire.distorted.org.uk.)
995d75b4 MW	60	(defhost www-frontend metalzone)
995d75b4 MW	61	(defhost dns-frontend vampire))
2bc217e8 MW	62	(t
2bc217e8 MW	63	(setf default-zone-source 'guvnor.distorted.org.uk.)
995d75b4 MW	64	(defhost www-frontend guvnor.demon)
995d75b4 MW	65	(defhost dns-frontend guvnor.demon)))
e80b4c2d	66
b1d5c6c2 MW	67	;;;--------------------------------------------------------------------------
	68	;;; Main zone definition.
	69
e80b4c2d MW	70	(defzone distorted.org.uk
	71	;;
	72	;; Nameservers
cddf1fa1 MW	73	:ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
	74	(vampire.ns :ip vampire))
	75	#-subnet/fretwank ((boyle.ns :ip boyle.nsict.org)
	76	(chiark.ns :ip chiark.greenend.org.uk)
	77	(guvnor.ns :ip guvnor.demon))
e80b4c2d MW	78	;;
e80b4c2d MW	79	;; Mail servers
96c2a692 MW	80	((@ mail lists bugs cryptomail)
	81	:mx mail
	82	:srv ((:smtp mail)))
	83	;;
	84	;; Other services
	85	:srv ((:http www)
	86	(:ftp ftp))
e80b4c2d MW	87	;;
e80b4c2d MW	88	;; Colocated services
a060fed3	89	;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
e80b4c2d MW	90	;;
e80b4c2d MW	91	;; Entry is via little port-forwarding box
a060fed3	92	(guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
985aff77 MW	93	;;
985aff77 MW	94	;; Wireless gateway
8ca446b5	95	(untrusted :net untrusted)
8ef3dea5	96	(evolution (untrusted :a evolution))
e80b4c2d MW	97	;;
e80b4c2d MW	98	;; Local services
a060fed3	99	(@ :svc www-frontend)
fc0ce2ed	100	((www ftp wiki git bugs mail)
a060fed3 MW	101	(inet :svc guvnor.demon)
a060fed3 MW	102	(fretwank :svc metalzone))
995d75b4	103	((db tor i2p rawk)
0ac996f4 MW	104	(inet :svc guvnor.demon)
0ac996f4 MW	105	(fretwank :svc vampire))
8722942b	106	(vox (inet :svc guvnor.demon) (fretwank :svc vampire))
a060fed3 MW	107	;;
a060fed3 MW	108	;; Internal services
ca779f0a MW	109	((ntp1) (fretwank :svc metalzone))
ca779f0a MW	110	((www-cache wpad ntp news) (fretwank :svc vampire))
e80b4c2d MW	111	;;
e80b4c2d MW	112	;; Wired ethernet
b1d5c6c2	113	(fretwank :net fretwank)
fc0ce2ed MW	114	(metalzone (inet :a guvnor.demon)
	115	(fretwank :a metalzone))
	116	(vampire (fretwank :a vampire)
	117	(untrusted :a vampire.untrusted)
	118	(iodine :a vampire.iodine))
4acd4890	119	(obsidian (fretwank :a obsidian))
b1d5c6c2 MW	120	;;
	121	;; Virtual network
	122	(virtual :net virtual)
8ca446b5	123	(crybaby (virtual :a crybaby))
fc0ce2ed	124	(iodine :net iodine)
e80b4c2d	125	;;
b1d5c6c2 MW	126	;; ITS
	127	(its :net its)
	128	(gw (its :a gw))
	129	(mz (its :a mz))
b3f75214	130	;;
b1d5c6c2	131	;; Delegations
fc0ce2ed	132	#+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
995d75b4	133	(io :ns ((ns.io :ip dns-frontend))))
b1d5c6c2 MW	134
	135	;;;--------------------------------------------------------------------------
	136	;;; Other subsidiary zones.
e80b4c2d MW	137
e80b4c2d MW	138	(defrevzone trusted
2bc217e8	139	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
b3f75214 MW	140	:reverse trusted
	141	#+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
	142	#+subnet/fretwank (@ :cidr-delegation
	143	(dhcp
	144	(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))
	145
e80b4c2d	146	(defrevzone untrusted
2bc217e8	147	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
8ca446b5	148	:reverse untrusted)
b3f75214 MW	149
b3f75214 MW	150	(defzone dhcp.distorted.org.uk
340f4f62	151	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
b3f75214 MW	152	:net dhcp)
b3f75214 MW	153
995d75b4 MW	154	(defzone io.distorted.org.uk
	155	:ns ((ns :ip dns-frontend))
	156	(about :txt "Fake zone used for IP-over-DNS tunnelling."))
	157
b3f75214	158	(defzone dhcp.199.29.172.in-addr.arpa
340f4f62	159	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))
5094e793	160
b1d5c6c2	161	;;;----- That's all, folks --------------------------------------------------