X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/zones/blobdiff_plain/cfecfa5c7026df1806a0725f2fb45b5ed992d4cc..664e6cf95b818fd519f19fa22769072e79cfd5eb:/hosts.lisp

diff --git a/hosts.lisp b/hosts.lisp
index ce50f3d..8576a0b 100644
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -5,60 +5,85 @@
 ;;;--------------------------------------------------------------------------
 ;;; External hosts.
 
-(defhost boyle.nsict.org 85.158.42.162)
-(defhost chiark.greenend.org.uk 212.13.197.229)
-(defhost mccoy.flatline.org.uk 80.74.241.31)
-(defhost mythic-ns1 69.56.173.190)
-(defhost mythic-ns2 93.93.128.67)
+(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
+(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
+				 (:ipv6 "2001:ba8:1e3::")))
+(defhost mccoy.flatline.org.uk "80.74.241.31")
+(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
+		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
+(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
+		     (:ipv6 "2a00:1098:0:80:1000::10")))
+(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
 
 ;;;--------------------------------------------------------------------------
 ;;; Internal addresses.
 
-;; Externally routable DMZ.
-(defnet dmz 62.49.204.144/28)
+;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
+(defnet distorted.org.uk "172.29.198/23"
+  (untrusted "198.0/24"
+    (wireless "0/25")
+    (iodine "128/28")
+    (upn "160/27"))
+  (trusted "199.0/24"
+    (wired "0/25"
+      (unsafe "0/27")
+      (dhcp "32/27"))
+    (vpn "128/27")
+    (its "160/30")
+    (colo "176/28")
+    (safe "192/27")
+    (any "224/27")))
+
+;; Externally routable DMZ from Demon.
+(defnet dmz "62.49.204.144/28")
 
 ;; Externally routed colo range.
-(defnet jump 212.13.198.66/28)
-
-;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
-(defnet distorted.org.uk 172.29.198.0/23
-  (untrusted 256
-    (wireless 128)
-    (iodine 16))
-  (trusted 256
-    (wired 128
-      (unsafe 32)
-      (dhcp 32))
-    (vpn 32)
-    (nil 16
-      (its 4))
-    (colo 16)
-    (safe 32)
-    (any 32)))
+(defnet jump "212.13.198.66/28")
+(defnet jump "2001:ba8:0:1d9/64")
+(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
+  (colo "2/64")
+  (any "0/64")
+  (vpn "6000/64")
+  (upn "a000/64"))
+
+;; Hurricane Electric IPv6-inIPv4 tunnel.
+(defnet he-tunnel "2001:470:1f08:1b98/64")
+(defnet dmz "2001:470:1f09:1b98/64")
+(defnet distorted.org.uk-he "2001:470:9740/48"
+  (unsafe "1/64")
+  (safe "4001/64")
+  (untrusted "8001/64"))
 
 ;;;--------------------------------------------------------------------------
 ;;; Host allocations
 
 ;; External addresses.
-(defhost guvnor.dmz (dmz 1))
+(defhost guvnor.dmz ((:ipv4 dmz 1)))
 (defhost radius.dmz (dmz 2))
 (defhost roadstar.dmz (dmz 3))
 (defhost jem.dmz (dmz 4))
 (defhost artist.dmz (dmz 5))
 (defhost vampire.dmz (dmz 6))
+(defhost universe.dmz (dmz 7))
 (defhost ibanez.dmz (dmz 9))
 (defhost anon.dmz (dmz 12))
-(defhost gate.dmz (dmz 13))
-(defhost nat.dmz (dmz 14))
+(defhost nat.dmz ((:ipv4 dmz 14)))
 
 ;; Colocated addresses.
+(defhost gate.jump ((:ipv6 jump 2)))
 (defhost fender.jump (jump 5))
 (defhost precision.jump (jump 6))
 (defhost telecaster.jump (jump 7))
 (defhost stratocaster.jump (jump 8))
 (defhost jazz.jump (jump 9))
-(defhost richmond.jump (jump 12))
-(defhost blackhole.jump (jump 14))
+(defhost jaguar.jump ((:ipv4 jump 11) (:ipv6 jump "::2:1")))
+(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
+(defhost anon.jump (jump 13))
+(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
+
+;; Linode virtual hosts.
+(defhost national.linode ((:ipv4 "45.33.118.239")
+			  (:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))
 
 ;; Unsafe network.
 (defhost radius.unsafe (unsafe 1))
@@ -66,21 +91,44 @@ (defhost roadstar.unsafe (unsafe 2))
 (defhost jem.unsafe (unsafe 3))
 (defhost artist.unsafe (unsafe 4))
 (defhost vampire.unsafe (unsafe 5))
+(defhost universe.unsafe (unsafe 6))
 (defhost ibanez.unsafe (unsafe 14))
+(defhost groove.unsafe (unsafe 17))
+
+;; Client hosts, with IPv6 addresses.
+(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
+(defhost crybaby.unsafe ((:ipv6 "2001:470:9740:1:216:eaff:fec2:4cb8")))
+(defhost lespaul.unsafe ((:ipv6 "2001:470:9740:1:a00:27ff:fef5:aaef")))
+(defhost haze.unsafe ((:ipv6 "2001:470:9740:1:5056:a8ff:fe01:5654")))
+(defhost gretsch.unsafe ((:ipv6 "2001:470:9740:1:3a2c:4aff:fe6d:e768")))
+(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
+(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
 
 ;; Safe network.
 (defhost radius.safe (safe 1))
 (defhost vampire.safe (safe 2))
 (defhost evolution.safe (safe 3))
+(defhost grigsby.safe (safe 4))
+(defhost carling.safe (safe 5))
+(defhost tritan.safe (safe 6))
 
 ;; Wireless network.
 (defhost radius.untrusted (untrusted 1))
-(defhost evolution.untrusted (untrusted 2))
+(defhost artist.untrusted (untrusted 2))
 (defhost vampire.untrusted (untrusted 3))
 
 ;; Virtual private network.
-(defhost crybaby.vpn (vpn 1))
-(defhost terror.vpn (vpn 2))
+(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
+(defhost terror.vpn ((:ipv4 vpn 2)))
+(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
+(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
+(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
+(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
+(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
+(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
+
+;; Untrusted private network.
+(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))
 
 ;; Iodine network.
 (defhost jazz.iodine (iodine 1))
@@ -98,13 +146,13 @@ (defhost stratocaster.colo (colo 4))
 (defhost jazz.colo (colo 5))
 
 ;; Anycast addresses for services.
-(defhost dns0.any (any 0))
-(defhost dns1.any (any 1))
-(defhost ntp0.any (any 2))
-(defhost ntp1.any (any 3))
-(defhost www-cache.any (any 4))
-(defhost krb0.any (any 5))
-(defhost krb1.any (any 6))
+(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
+(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
+(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
+(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
+(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
+(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
+(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
 
 ;;;--------------------------------------------------------------------------
 ;;; Host switch.
@@ -113,12 +161,16 @@ (preferred-subnet-case
   ((unsafe colo)
    (defhost radius radius.unsafe)
    (defhost precision precision.colo)
+   (defhost telecaster telecaster.colo)
    (defhost stratocaster stratocaster.colo)
    (defhost vampire vampire.unsafe))
   (t
    (defhost radius radius.dmz)
    (defhost precision precision.jump)
+   (defhost telecaster telecaster.jump)
    (defhost stratocaster stratocaster.jump)
    (defhost vampire vampire.dmz)))
 
+(defhost jaguar jaguar.jump)
+
 ;;;----- That's all, folks --------------------------------------------------