;;; Zone file for distorted.org.uk

(load "hosts.lisp" :verbose nil)

;;;--------------------------------------------------------------------------
;;; Network allocations
;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)

(defnet distorted.org.uk 172.29.198.0/23
  (untrusted 256
    (wireless 128)
    (iodine 16))
  (trusted 256
    (fretwank 128
      (unsafe 32)
      (dhcp 32)
      (safe 32))
    (virtual 32)
    (its 4)))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.demon 80.177.3.76)

;; Unsafe network.
(defhost guvnor (unsafe 1))
(defhost metalzone (unsafe 2))
(defhost radius (unsafe 3))
(defhost vampire (unsafe 4))
(defhost roadstar (unsafe 5))
(defhost jem (unsafe 6))
(defhost artist (unsafe 7))
(defhost ibanez (unsafe 14))

;; Safe network.
(defhost tubescreamer (safe 1))
(defhost obsidian (safe 2))

;; Wireless network.
(defhost vampire.untrusted (untrusted 1))
(defhost evolution (untrusted 2))
(defhost radius.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby (virtual 1))
(defhost terror (virtual 2))

;; Iodine network.
(defhost vampire.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw (its 1))
(defhost mz (its 2))

;;;--------------------------------------------------------------------------
;;; Other definitions.

(setf *default-zone-admin* "hostmaster@distorted.org.uk")

(preferred-subnet-case
  (fretwank
   (setf *default-zone-source* 'vampire.distorted.org.uk.)
   (defhost www-frontend metalzone)
   (defhost dns-frontend vampire))
  (t
   (setf *default-zone-source* 'guvnor.distorted.org.uk.)
   (defhost www-frontend guvnor.demon)
   (defhost dns-frontend guvnor.demon)))

;;;--------------------------------------------------------------------------
;;; Main zone definition.

(defzone distorted.org.uk
  ;;
  ;; Nameservers.
  :ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
			 (vampire.ns :ip vampire))
      #-subnet/fretwank ((boyle.ns :ip boyle.nsict.org)
			 (chiark.ns :ip chiark.greenend.org.uk)
			 (guvnor.ns :ip guvnor.demon))
  ;;
  ;; Mail servers.
  ((@ mail lists bugs cryptomail)
   :mx mail
   :srv ((:smtp mail)))
  ;;
  ;; Other services.
  :srv ((:http www)
	(:ftp ftp))
  ;;
  ;; Colocated services.
  ;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
  ;;
  ;; Entry is via little port-forwarding box.
  (guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
  ;;
  ;; Wireless gateway.
  (untrusted :net untrusted)
  (evolution (untrusted :a evolution))
  ;;
  ;; Local services.
  (@ :svc www-frontend)
  ((www ftp wiki git bugs mail db tor i2p rawk vox www-cache)
   (inet :svc guvnor.demon)
   (fretwank :svc vampire))
  ;;
  ;; Internal services.
  ((ntp) (fretwank :svc ibanez))
  ((wpad ntp1 news) (fretwank :svc vampire))
  ;;
  ;; Wired ethernet.
  (fretwank :net fretwank)
  (metalzone (inet :a guvnor.demon)
	     (fretwank :a metalzone))
  (vampire (fretwank :a vampire)
	   (inet :a guvnor.demon)
	   (untrusted :a vampire.untrusted)
	   (iodine :a vampire.iodine))
  (obsidian (fretwank :a obsidian))
  (ibanez (fretwank :a ibanez))
  (radius (fretwank :a radius)
	  (untrusted :a radius.untrusted))
  (roadstar (fretwank :a roadstar))
  (jem (fretwank :a jem))
  (artist (fretwank :a artist))
  (gibson :cname gibson.dhcp)
  (lespaul :cname lespaul.dhcp)
  (firebird :cname firebird.dhcp)
  ;;
  ;; Virtual network.
  (virtual :net virtual)
  (crybaby (virtual :a crybaby))
  (terror (virtual :a terror))
  (iodine :net iodine)
  ;;
  ;; ITS.
  (its :net its)
  (gw (its :a gw))
  (mz (its :a mz))
  ;;
  ;; Delegations.
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  (io :ns ((ns.io :ip dns-frontend))))

;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.

(defrevzone trusted
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :reverse trusted
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  #+subnet/fretwank (@ :cidr-delegation
		       (dhcp
			(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))

(defrevzone untrusted
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :reverse untrusted)

(defzone dhcp.distorted.org.uk
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :net dhcp)

(defzone io.distorted.org.uk
  :ns ((ns :ip dns-frontend))
  (about :txt "Fake zone used for IP-over-DNS tunnelling."))

(defzone dhcp.199.29.172.in-addr.arpa
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))

;;;----- That's all, folks --------------------------------------------------