;;; Zone file for distorted.org.uk
-(load "hosts" :verbose nil)
+(load "hosts.lisp" :verbose nil)
+
+;;;--------------------------------------------------------------------------
+;;; Network allocations
+;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
+
+(defnet inet 62.49.204.144/28)
-;; Network allocations
-;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
(defnet distorted.org.uk 172.29.198.0/23
(untrusted 256
- (wireless 64))
+ (wireless 128)
+ (iodine 16))
(trusted 256
(fretwank 128
(unsafe 32)
(dhcp 32)
(safe 32))
- (virtual 32)))
+ (virtual 32)
+ (its 4)))
-;; Host allocations
-(defhost guvnor.demon 80.177.3.76)
+;;;--------------------------------------------------------------------------
+;;; Host allocations
-(defhost guvnor (unsafe 1))
-(defhost metalzone (unsafe 2))
-(defhost evolution (unsafe 3))
-(defhost vampire (unsafe 4))
+;; External addresses.
+(defhost guvnor.inet (inet 1))
+(defhost radius.inet (inet 2))
+(defhost roadstar.inet (inet 3))
+(defhost jem.inet (inet 4))
+(defhost artist.inet (inet 5))
+(defhost vampire.inet (inet 6))
+(defhost ibanez.inet (inet 9))
+(defhost gate.inet (inet 13))
+(defhost nat.inet (inet 14))
+;; Unsafe network.
+(defhost radius (unsafe 1))
+(defhost roadstar (unsafe 2))
+(defhost jem (unsafe 3))
+(defhost artist (unsafe 4))
+(defhost vampire (unsafe 5))
+(defhost ibanez (unsafe 14))
+
+;; Safe network.
(defhost tubescreamer (safe 1))
(defhost obsidian (safe 2))
-(defhost evolution.wireless (wireless 1))
+;; Wireless network.
+(defhost radius.untrusted (untrusted 1))
+(defhost evolution (untrusted 2))
+(defhost vampire.untrusted (untrusted 3))
+
+;; Virtual private network.
+(defhost crybaby (virtual 1))
+(defhost terror (virtual 2))
-(defhost fuzzface (virtual 1))
-(defhost mz (virtual 2))
+;; Iodine network.
+(defhost vampire.iodine (iodine 1))
+
+;; Special network for ITS.
+;; It doesn't understand point-to-point links, so we need a little net.
+(defhost gw (its 1))
+(defhost mz (its 2))
+
+;;;--------------------------------------------------------------------------
+;;; Other definitions.
(setf *default-zone-admin* "hostmaster@distorted.org.uk")
+(setf *default-zone-source* 'vampire.distorted.org.uk.)
(preferred-subnet-case
(fretwank
- (setf *default-zone-source* 'metalzone.distorted.org.uk.)
- (defhost www-frontend metalzone))
+ (defhost www-frontend vampire)
+ (defhost dns-frontend vampire))
(t
- (setf *default-zone-source* 'guvnor.distorted.org.uk.)
- (defhost www-frontend guvnor.demon)))
+ (defhost www-frontend vampire.inet)
+ (defhost dns-frontend vampire.inet)))
+
+;;;--------------------------------------------------------------------------
+;;; Main zone definition.
(defzone distorted.org.uk
;;
- ;; Nameservers
- :ns #+subnet/fretwank
- ((metalzone.ns :ip metalzone)
- (vampire.ns :ip vampire))
- #-subnet/fretwank
- ((boyle.ns :ip boyle.nsict.org)
- (chiark.ns :ip chiark.greenend.org.uk)
- (guvnor.ns :ip guvnor.demon))
+ ;; Nameservers.
+ :ns #+view/fretwank ((vampire.ns :ip vampire))
+ #-view/fretwank ((mythic-beasts-1.ns :ip mythic-ns1)
+ (mythic-beasts-2.ns :ip mythic-ns2)
+ (chiark.ns :ip chiark.greenend.org.uk)
+ (radius.ns :ip radius.inet)
+ (vampire.ns :ip vampire.inet))
;;
- ;; Mail servers
- ((@ mail lists bugs cryptomail) :mx mail)
+ ;; Mail servers.
+ ((@ mail lists bugs cryptomail)
+ :mx mail
+ :srv ((:smtp mail)))
;;
- ;; Colocated services
- ;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
+ ;; Other services.
+ :srv ((:http www)
+ (:ftp ftp))
;;
- ;; Entry is via little port-forwarding box
- (guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
+ ;; Entry is via little router box.
+ (inet :net inet)
+ (guvnor (inet :a guvnor.inet) (fretwank :svc gate.inet))
+ (gate (inet :a gate.inet))
+ (nat (inet :a nat.inet))
;;
- ;; Wireless gateway
- (evolution (fretwank :a evolution) (wireless :a evolution.wireless))
+ ;; Wireless gateway.
+ (untrusted :net untrusted)
+ (evolution (untrusted :a evolution))
;;
- ;; Local services
- (@ :svc www-frontend)
- ((www ftp git bugs mail rawk)
- (inet :svc guvnor.demon)
- (fretwank :svc metalzone))
+ ;; Local services.
+ :svc www-frontend
+ ((www ftp wiki git bugs mail db tor i2p rawk vox www-cache)
+ (inet :svc vampire.inet)
+ (fretwank :svc vampire))
;;
- ;; Internal services
- (news (fretwank :svc metalzone))
- (www-cache (fretwank :svc vampire))
+ ;; Internal services.
+ ((ntp) (fretwank :svc ibanez))
+ ((wpad ntp1 news) (fretwank :svc vampire))
;;
- ;; Wired ethernet
- (metalzone (inet :a guvnor.demon) (fretwank :a metalzone))
- (vampire (fretwank :a vampire))
- (tubescreamer (fretwank :a tubescreamer))
+ ;; Wired ethernet.
+ (fretwank :net fretwank)
+ (vampire (fretwank :a vampire)
+ (inet :a vampire.inet)
+ (untrusted :a vampire.untrusted)
+ (iodine :a vampire.iodine))
(obsidian (fretwank :a obsidian))
- (fuzzface (virtual :a fuzzface))
- (mz (virtual :a mz))
+ (ibanez (fretwank :a ibanez)
+ (inet :a ibanez.inet))
+ (radius (fretwank :a radius)
+ (inet :a radius.inet)
+ (untrusted :a radius.untrusted))
+ (roadstar (fretwank :a roadstar)
+ (inet :a roadstar.inet))
+ (jem (fretwank :a jem)
+ (inet :a jem.inet))
+ (artist (fretwank :a artist)
+ (inet :a artist.inet))
+ (gibson :cname gibson.dhcp)
+ (lespaul :cname lespaul.dhcp)
+ (firebird :cname firebird.dhcp)
+ (marauder :cname marauder.dhcp)
+ (invader :cname invader.dhcp)
;;
- ;; Delegations
- #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
+ ;; Virtual network.
+ (virtual :net virtual)
+ (crybaby (virtual :a crybaby))
+ (terror (virtual :a terror))
+ (iodine :net iodine)
;;
- ;; Networks
- (fretwank :net fretwank)
- (wireless :net wireless)
- (virtual :net virtual))
+ ;; ITS.
+ (its :net its)
+ (gw (its :a gw))
+ (mz (its :a mz))
+ ;;
+ ;; Delegations.
+ #+view/fretwank (dhcp :ns (vampire.ns))
+ (io :ns ((ns.io :ip dns-frontend))))
+
+;;;--------------------------------------------------------------------------
+;;; Other subsidiary zones.
(defrevzone trusted
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
+ :ns ((vampire.ns :ip vampire))
:reverse trusted
- #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
- #+subnet/fretwank (@ :cidr-delegation
- (dhcp
- (dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))
+ #+view/fretwank (dhcp :ns (metalzone.ns vampire.ns))
+ #+view/fretwank (@ :cidr-delegation
+ (dhcp
+ (dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))
(defrevzone untrusted
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
+ :ns ((vampire.ns :ip vampire))
:reverse untrusted)
+(defrevzone inet
+ :reverse inet)
+
(defzone dhcp.distorted.org.uk
- :ns (metalzone.ns.distorted.org.uk.
- vampire.ns.distorted.org.uk.)
+ :ns ((vampire.ns :ip vampire))
:net dhcp)
+(defzone io.distorted.org.uk
+ :ns ((ns :ip dns-frontend))
+ (about :txt "Fake zone used for IP-over-DNS tunnelling."))
+
(defzone dhcp.199.29.172.in-addr.arpa
- :ns (metalzone.ns.199.29.172.in-addr.arpa.
- vampire.ns.199.29.172.in-addr.arpa.))
+ :ns ((vampire.ns :ip vampire)))
+
+;;;----- That's all, folks --------------------------------------------------