-;; Static IP addresses for various useful hosts
+;;; -*-lisp-*-
+;;;
+;;; distorted.org.uk hosts and networks, and other useful addresses.
+
+;;;--------------------------------------------------------------------------
+;;; External hosts.
-(defhost guvnor.distorted.org.uk 80.177.3.76)
(defhost boyle.nsict.org 85.158.42.162)
-(defhost chiark.greenend.org.uk 193.201.200.170)
+(defhost chiark.greenend.org.uk 212.13.197.229)
(defhost mccoy.flatline.org.uk 80.74.241.31)
+(defhost mythic-ns1 69.56.173.190)
+(defhost mythic-ns2 93.93.128.67)
+
+;;;--------------------------------------------------------------------------
+;;; Internal addresses.
+
+;; Externally routable DMZ.
+(defnet dmz 62.49.204.144/28)
+
+;; Externally routed colo range.
+(defnet jump 212.13.198.66/28)
+
+;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
+(defnet distorted.org.uk 172.29.198.0/23
+ (untrusted 256
+ (wireless 128)
+ (iodine 16))
+ (trusted 256
+ (wired 128
+ (unsafe 32)
+ (dhcp 32))
+ (virtual 32)
+ (nil 16
+ (its 4))
+ (colo 16)
+ (safe 32)))
+
+;;;--------------------------------------------------------------------------
+;;; Host allocations
+
+;; External addresses.
+(defhost guvnor.dmz (dmz 1))
+(defhost radius.dmz (dmz 2))
+(defhost roadstar.dmz (dmz 3))
+(defhost jem.dmz (dmz 4))
+(defhost artist.dmz (dmz 5))
+(defhost vampire.dmz (dmz 6))
+(defhost ibanez.dmz (dmz 9))
+(defhost anon.dmz (dmz 12))
+(defhost gate.dmz (dmz 13))
+(defhost nat.dmz (dmz 14))
+
+;; Colocated addresses.
+(defhost fender.jump (jump 5))
+(defhost precision.jump (jump 6))
+(defhost telecaster.jump (jump 7))
+(defhost stratocaster.jump (jump 8))
+(defhost jazz.jump (jump 9))
+
+;; Unsafe network.
+(defhost radius.unsafe (unsafe 1))
+(defhost roadstar.unsafe (unsafe 2))
+(defhost jem.unsafe (unsafe 3))
+(defhost artist.unsafe (unsafe 4))
+(defhost vampire.unsafe (unsafe 5))
+(defhost ibanez.unsafe (unsafe 14))
+
+;; Safe network.
+(defhost radius.safe (safe 1))
+(defhost vampire.safe (safe 2))
+(defhost evolution.safe (safe 3))
+
+;; Wireless network.
+(defhost radius.untrusted (untrusted 1))
+(defhost evolution.untrusted (untrusted 2))
+(defhost vampire.untrusted (untrusted 3))
+
+;; Virtual private network.
+(defhost crybaby.virtual (virtual 1))
+(defhost terror.virtual (virtual 2))
+
+;; Iodine network.
+(defhost vampire.iodine (iodine 1))
+
+;; Special network for ITS.
+;; It doesn't understand point-to-point links, so we need a little net.
+(defhost gw.its (its 1))
+(defhost mz.its (its 2))
+
+;; Internal (VPN) addresses for colocated services.
+(defhost fender.colo (colo 1))
+(defhost precision.colo (colo 2))
+(defhost telecaster.colo (colo 3))
+(defhost stratocaster.colo (colo 4))
+(defhost jazz.colo (colo 5))
+
+;;;--------------------------------------------------------------------------
+;;; Host switch.
+
+(preferred-subnet-case
+ (dmz
+ (defhost radius radius.dmz)
+ (defhost vampire vampire.dmz))
+ (t
+ (defhost radius radius.unsafe)
+ (defhost vampire vampire.unsafe)))
+
+;;;----- That's all, folks --------------------------------------------------
~mdw / zones / blobdiff