distorted.lisp: Make roadstar the official house web proxy.

[zones] / hosts.lisp

;;; -*-lisp-*-
;;;
;;; distorted.org.uk hosts and networks, and other useful addresses.

;;;--------------------------------------------------------------------------
;;; External hosts.

(defhost boyle.nsict.org 85.158.42.162)
(defhost chiark.greenend.org.uk 212.13.197.229)
(defhost mccoy.flatline.org.uk 80.74.241.31)
(defhost mythic-ns1 69.56.173.190)
(defhost mythic-ns2 93.93.128.67)

;;;--------------------------------------------------------------------------
;;; Internal addresses.

;; Externally routable DMZ.
(defnet dmz 62.49.204.144/28)

;; Externally routed colo range.
(defnet jump 212.13.198.66/28)

;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
(defnet distorted.org.uk 172.29.198.0/23
  (untrusted 256
    (wireless 128)
    (iodine 16))
  (trusted 256
    (wired 128
      (unsafe 32)
      (dhcp 32))
    (vpn 32)
    (nil 16
      (its 4))
    (colo 16)
    (safe 32)
    (any 32)))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.dmz (dmz 1))
(defhost radius.dmz (dmz 2))
(defhost roadstar.dmz (dmz 3))
(defhost jem.dmz (dmz 4))
(defhost artist.dmz (dmz 5))
(defhost vampire.dmz (dmz 6))
(defhost ibanez.dmz (dmz 9))
(defhost iodine.dmz (dmz 11))
(defhost anon.dmz (dmz 12))
(defhost gate.dmz (dmz 13))
(defhost nat.dmz (dmz 14))

;; Colocated addresses.
(defhost fender.jump (jump 5))
(defhost precision.jump (jump 6))
(defhost telecaster.jump (jump 7))
(defhost stratocaster.jump (jump 8))
(defhost jazz.jump (jump 9))
(defhost richmond.jump (jump 12))
(defhost blackhole.jump (jump 14))

;; Unsafe network.
(defhost radius.unsafe (unsafe 1))
(defhost roadstar.unsafe (unsafe 2))
(defhost jem.unsafe (unsafe 3))
(defhost artist.unsafe (unsafe 4))
(defhost vampire.unsafe (unsafe 5))
(defhost ibanez.unsafe (unsafe 14))

;; Safe network.
(defhost radius.safe (safe 1))
(defhost vampire.safe (safe 2))
(defhost evolution.safe (safe 3))

;; Wireless network.
(defhost radius.untrusted (untrusted 1))
(defhost evolution.untrusted (untrusted 2))
(defhost vampire.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby.vpn (vpn 1))
(defhost terror.vpn (vpn 2))

;; Iodine network.
(defhost vampire.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw.its (its 1))
(defhost mz.its (its 2))

;; Internal (VPN) addresses for colocated services.
(defhost fender.colo (colo 1))
(defhost precision.colo (colo 2))
(defhost telecaster.colo (colo 3))
(defhost stratocaster.colo (colo 4))
(defhost jazz.colo (colo 5))

;; Anycast addresses for services.
(defhost dns0.any (any 0))
(defhost dns1.any (any 1))
(defhost ntp0.any (any 2))
(defhost ntp1.any (any 3))
(defhost www-cache.any (any 4))

;;;--------------------------------------------------------------------------
;;; Host switch.

(preferred-subnet-case
  ((unsafe colo)
   (defhost radius radius.unsafe)
   (defhost precision precision.colo)
   (defhost stratocaster stratocaster.colo)
   (defhost vampire vampire.unsafe))
  (t
   (defhost radius radius.dmz)
   (defhost precision precision.jump)
   (defhost stratocaster stratocaster.jump)
   (defhost vampire vampire.dmz)))

;;;----- That's all, folks --------------------------------------------------