From 9b7e40695ec633ee206dd608a3a7e0e410e5f7c8 Mon Sep 17 00:00:00 2001 Message-Id: <9b7e40695ec633ee206dd608a3a7e0e410e5f7c8.1713411317.git.mdw@distorted.org.uk> From: Mark Wooding Date: Tue, 15 Apr 2014 18:15:35 +0100 Subject: [PATCH] Publish IPv6 addresses for hosts which can cope. Organization: Straylight/Edgeware From: Mark Wooding --- distorted.lisp | 2 +- hosts.lisp | 81 ++++++++++++++++++++++++++++++-------------------- 2 files changed, 49 insertions(+), 34 deletions(-) diff --git a/distorted.lisp b/distorted.lisp index 2b5e744..61f2267 100644 --- a/distorted.lisp +++ b/distorted.lisp @@ -123,7 +123,6 @@ (defzone distorted.org.uk ;; Entry is via little router box. (dmz :net dmz) (guvnor (dmz :addr guvnor.dmz)) - (gate (dmz :addr gate.dmz)) (nat (dmz :addr nat.dmz)) ;; Wireless gateway. @@ -164,6 +163,7 @@ (defzone distorted.org.uk ;; Colocated hosts. (colo :net colo) (jump :net jump) + (gate (jump :addr gate.jump :sshfp "precision")) (fender (colo :addr fender.colo :sshfp "fender") (jump :addr fender.jump :sshfp "fender")) (precision (colo :addr precision.colo :sshfp "precision") diff --git a/hosts.lisp b/hosts.lisp index 5b90533..da03f74 100644 --- a/hosts.lisp +++ b/hosts.lisp @@ -5,43 +5,58 @@ ;;;-------------------------------------------------------------------------- ;;; External hosts. -(defhost boyle.nsict.org 85.158.42.162) -(defhost chiark.greenend.org.uk 212.13.197.229) -(defhost mccoy.flatline.org.uk 80.74.241.31) -(defhost mythic-ns1 69.56.173.190) -(defhost mythic-ns2 93.93.128.67) -(defhost gandi-ns6 217.70.177.40) +(defhost boyle.nsict.org "85.158.42.162") +(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229") + (:ipv6 "2001:ba8:1e3::"))) +(defhost mccoy.flatline.org.uk "80.74.241.31") +(defhost mythic-ns1 ((:ipv4 "69.56.173.190") + (:ipv6 "2600:3c00::f03c:91ff:fe96:beac"))) +(defhost mythic-ns2 ((:ipv4 "93.93.128.67") + (:ipv6 "2a00:1098:0:80:1000::10"))) +(defhost gandi-ns6 "217.70.177.40") ;;;-------------------------------------------------------------------------- ;;; Internal addresses. -;; Externally routable DMZ. -(defnet dmz 62.49.204.144/28) +;; (RFC1918 addresses are allocated from Cambridge G-RIN.) +(defnet distorted.org.uk "172.29.198/23" + (untrusted "198.0/24" + (wireless "0/25") + (iodine "128/28")) + (trusted "199.0/24" + (wired "0/25" + (unsafe "0/27") + (dhcp "32/27")) + (vpn "128/27") + (its "160/30") + (colo "176/28") + (safe "192/27") + (any "224/27"))) + +;; Externally routable DMZ from Demon. +(defnet dmz "62.49.204.144/28") ;; Externally routed colo range. -(defnet jump 212.13.198.66/28) - -;; (RFC1918 addresses are allocated from Cambridge G-RIN.) -(defnet distorted.org.uk 172.29.198.0/23 - (untrusted 256 - (wireless 128) - (iodine 16)) - (trusted 256 - (wired 128 - (unsafe 32) - (dhcp 32)) - (vpn 32) - (nil 16 - (its 4)) - (colo 16) - (safe 32) - (any 32))) +(defnet jump "212.13.198.66/28") +(defnet jump "2001:ba8:0:1d9/64") +(defnet distorted.org.uk-jump "2001:ba8:1d9/48" + (colo "2/64") + (any "0/64") + (vpn "6000/64")) + +;; Hurricane Electric IPv6-inIPv4 tunnel. +(defnet he-tunnel "2001:470:1f08:1b98/64") +(defnet dmz "2001:470:1f09:1b98/64") +(defnet distorted.org.uk-he "2001:470:9740/48" + (unsafe "1/64") + (safe "4001/64") + (untrusted "8001/64")) ;;;-------------------------------------------------------------------------- ;;; Host allocations ;; External addresses. -(defhost guvnor.dmz (dmz 1)) +(defhost guvnor.dmz ((:ipv4 dmz 1))) (defhost radius.dmz (dmz 2)) (defhost roadstar.dmz (dmz 3)) (defhost jem.dmz (dmz 4)) @@ -49,19 +64,19 @@ (defhost artist.dmz (dmz 5)) (defhost vampire.dmz (dmz 6)) (defhost ibanez.dmz (dmz 9)) (defhost anon.dmz (dmz 12)) -(defhost gate.dmz (dmz 13)) -(defhost nat.dmz (dmz 14)) +(defhost nat.dmz ((:ipv4 dmz 14))) ;; Colocated addresses. +(defhost gate.jump ((:ipv6 jump 2))) (defhost fender.jump (jump 5)) (defhost precision.jump (jump 6)) (defhost telecaster.jump (jump 7)) (defhost stratocaster.jump (jump 8)) (defhost jazz.jump (jump 9)) -(defhost jaguar.jump (jump 11)) -(defhost richmond.jump (jump 12)) +(defhost jaguar.jump ((:ipv4 jump 11))) +(defhost richmond.jump ((:ipv4 jump 12))) (defhost anon.jump (jump 13)) -(defhost blackhole.jump (jump 14)) +(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump #xffff))) ;; Unsafe network. (defhost radius.unsafe (unsafe 1)) @@ -74,7 +89,7 @@ (defhost ibanez.unsafe (unsafe 14)) ;; Safe network. (defhost radius.safe (safe 1)) (defhost vampire.safe (safe 2)) -(defhost evolution.safe (safe 3)) +(defhost evolution.safe ((:ipv4 safe 3))) ;; Wireless network. (defhost radius.untrusted (untrusted 1)) @@ -83,7 +98,7 @@ (defhost vampire.untrusted (untrusted 3)) ;; Virtual private network. (defhost crybaby.vpn (vpn 1)) -(defhost terror.vpn (vpn 2)) +(defhost terror.vpn ((:ipv4 vpn 2))) (defhost orange.vpn (vpn 3)) ;; Iodine network. -- [mdw]