;;; Zone file for distorted.org.uk
-(load "hosts" :verbose nil)
+(load "hosts.lisp" :verbose nil)
;;;--------------------------------------------------------------------------
;;; Network allocations
(defnet distorted.org.uk 172.29.198.0/23
(untrusted 256
- (wireless 64))
+ (wireless 128)
+ (iodine 16))
(trusted 256
(fretwank 128
(unsafe 32)
;; Unsafe network.
(defhost guvnor (unsafe 1))
(defhost metalzone (unsafe 2))
-(defhost evolution (unsafe 3))
+(defhost radius (unsafe 3))
(defhost vampire (unsafe 4))
+(defhost roadstar (unsafe 5))
+(defhost jem (unsafe 6))
+(defhost artist (unsafe 7))
;; Safe network.
(defhost tubescreamer (safe 1))
(defhost obsidian (safe 2))
+(defhost ibanez (safe 3))
;; Wireless network.
-(defhost evolution.wireless (wireless 1))
+(defhost vampire.untrusted (untrusted 1))
+(defhost evolution (untrusted 2))
;; Virtual private network.
-(defhost fuzzface (virtual 1))
+(defhost crybaby (virtual 1))
+(defhost terror (virtual 2))
+
+;; Iodine network.
+(defhost vampire.iodine (iodine 1))
;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(preferred-subnet-case
(fretwank
- (setf *default-zone-source* 'metalzone.distorted.org.uk.)
- (defhost www-frontend metalzone))
+ (setf *default-zone-source* 'vampire.distorted.org.uk.)
+ (defhost www-frontend metalzone)
+ (defhost dns-frontend vampire))
(t
(setf *default-zone-source* 'guvnor.distorted.org.uk.)
- (defhost www-frontend guvnor.demon)))
+ (defhost www-frontend guvnor.demon)
+ (defhost dns-frontend guvnor.demon)))
;;;--------------------------------------------------------------------------
;;; Main zone definition.
(defzone distorted.org.uk
;;
- ;; Nameservers
+ ;; Nameservers.
:ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
(vampire.ns :ip vampire))
#-subnet/fretwank ((boyle.ns :ip boyle.nsict.org)
(chiark.ns :ip chiark.greenend.org.uk)
(guvnor.ns :ip guvnor.demon))
;;
- ;; Mail servers
+ ;; Mail servers.
((@ mail lists bugs cryptomail)
:mx mail
:srv ((:smtp mail)))
;;
- ;; Other services
+ ;; Other services.
:srv ((:http www)
(:ftp ftp))
;;
- ;; Colocated services
+ ;; Colocated services.
;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
;;
- ;; Entry is via little port-forwarding box
+ ;; Entry is via little port-forwarding box.
(guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
;;
- ;; Wireless gateway
- (wireless :net wireless)
- (evolution (fretwank :a evolution) (wireless :a evolution.wireless))
+ ;; Wireless gateway.
+ (untrusted :net untrusted)
+ (evolution (untrusted :a evolution))
;;
- ;; Local services
+ ;; Local services.
(@ :svc www-frontend)
- ((www ftp wiki git bugs mail rawk)
+ ((www ftp wiki git bugs mail)
(inet :svc guvnor.demon)
(fretwank :svc metalzone))
- ((db)
+ ((db tor i2p rawk vox www-cache)
(inet :svc guvnor.demon)
(fretwank :svc vampire))
- (vox (inet :svc guvnor.demon) (fretwank :svc vampire))
;;
- ;; Internal services
- ((news ntp) (fretwank :svc metalzone))
- ((www-cache wpad ntp1) (fretwank :svc vampire))
+ ;; Internal services.
+ ((ntp1) (fretwank :svc metalzone))
+ ((wpad ntp news) (fretwank :svc vampire))
;;
- ;; Wired ethernet
+ ;; Wired ethernet.
(fretwank :net fretwank)
- (metalzone (inet :a guvnor.demon) (fretwank :a metalzone))
- (vampire (fretwank :a vampire))
- (tubescreamer (fretwank :a tubescreamer))
+ (metalzone (inet :a guvnor.demon)
+ (fretwank :a metalzone))
+ (vampire (fretwank :a vampire)
+ (untrusted :a vampire.untrusted)
+ (iodine :a vampire.iodine))
(obsidian (fretwank :a obsidian))
+ (ibanez (fretwank :a ibanez))
+ (radius (fretwank :a radius))
+ (roadstar (fretwank :a roadstar))
+ (jem (fretwank :a jem))
+ (artist (fretwank :a artist))
+ (gibson :cname gibson.dhcp)
+ (lespaul :cname lespaul.dhcp)
+ (firebird :cname firebird.dhcp)
;;
- ;; Virtual network
+ ;; Virtual network.
(virtual :net virtual)
- (fuzzface (virtual :a fuzzface))
+ (crybaby (virtual :a crybaby))
+ (terror (virtual :a terror))
+ (iodine :net iodine)
;;
- ;; ITS
+ ;; ITS.
(its :net its)
(gw (its :a gw))
(mz (its :a mz))
;;
- ;; Delegations
- #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns)))
+ ;; Delegations.
+ #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
+ (io :ns ((ns.io :ip dns-frontend))))
;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.
(defrevzone untrusted
:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
- #+subnet/fretwank (wireless :ns (metalzone.ns vampire.ns))
- #+subnet/fretwank (@ :cidr-delegation
- (wireless
- (wireless
- 198.29.172.wireless.198.29.172.in-addr.arpa))))
+ :reverse untrusted)
(defzone dhcp.distorted.org.uk
:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
:net dhcp)
+(defzone io.distorted.org.uk
+ :ns ((ns :ip dns-frontend))
+ (about :txt "Fake zone used for IP-over-DNS tunnelling."))
+
(defzone dhcp.199.29.172.in-addr.arpa
:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))
-(defzone wireless.198.29.172.in-addr.arpa
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
- :reverse ((wireless :bytes 4)))
-
;;;----- That's all, folks --------------------------------------------------