chiark / gitweb /
~mdw / zones / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
keys/, distorted.lisp: Add SSHFP recortds for virtual servers.
[zones] / hosts.lisp
CommitLineData
ff6c53ad
MW		 1;;; -*-lisp-*-
2;;;
3;;; distorted.org.uk hosts and networks, and other useful addresses.
4
5;;;--------------------------------------------------------------------------
6;;; External hosts.
e80b4c2d 7
0fdd12c7 8(defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
6cf32121
MW		 9(defhost chiark.greenend.org.uk ((:ipv4 "93.93.131.173")
10 (:ipv6 "2a00:1098:86:130::1")))
9b7e4069 11(defhost mccoy.flatline.org.uk "80.74.241.31")
2c712ad4 12(defhost mythic-ns1 ((:ipv4 "45.33.127.156")
6db97409 13 (:ipv6 "2600:3c00:e000:19::1")))
9b7e4069
MW		 14(defhost mythic-ns2 ((:ipv4 "93.93.128.67")
15 (:ipv6 "2a00:1098:0:80:1000::10")))
fdcd43da
MW		 16(defhost mythic-ns3 ((:ipv4 "185.24.221.32")
17 (:ipv6 "2a02:2770:11:0:21a:4aff:febe:759b")))
0fdd12c7 18(defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
ff6c53ad
MW		 19
20;;;--------------------------------------------------------------------------
21;;; Internal addresses.
22
9b7e4069
MW		 23;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
24(defnet distorted.org.uk "172.29.198/23"
25 (untrusted "198.0/24"
26 (wireless "0/25")
9e4bef79 27 (iodine "128/28")
df1d9fe1 28 (hippo "144/28")
9e4bef79 29 (upn "160/27"))
9b7e4069 30 (trusted "199.0/24"
cc30fb50
MW		 31 (unsafe "0/25"
32 (unsafe-static00 "0/27")
33 (unsafe-dhcp01 "32/27")
34 (unsafe-dhcp1x "64/26"))
9b7e4069
MW		 35 (vpn "128/27")
36 (its "160/30")
cc30fb50
MW		 37 (safe "192/27"
38 (safe-static00x "192/29")
39 (safe-static010 "200/30")
40 (safe-dhcp011 "204/30")
41 (safe-dhcp1xx "208/28"))
9b7e4069
MW		 42 (any "224/27")))
43
7c0d1761 44;; Externally routable DMZ from Andrews and Arnold.
f5c3343e
MW		 45(defnet gw "81.2.113.195")
46(defnet dmz "81.187.238.128/28")
bda4d30e 47(defnet dmz1 "217.169.12.64/28")
f5c3343e 48(defnet distorted.org.uk-aaisp "2001:8b0:c92/48"
b0eb5b79 49 (unsafe "1/64"
cc30fb50 50 (unsafe-dhcp "6468:6370/96"))
be5a78bf 51 (any "0/64")
f5c3343e 52 (dmz "fff/64")
cc30fb50
MW		 53 (safe "4001/64"
54 (safe-dhcp "6468:6370/96"))
9e4bef79 55 (vpn "6000/64")
be5a78bf 56 (untrusted "8001/64")
9e4bef79 57 (upn "a000/64"))
38c2de7c 58
6392cc15 59(defnet jump-ipv6 "2001:ba8:1d9/48")
eec350e2 60
ff6c53ad
MW		 61;;;--------------------------------------------------------------------------
62;;; Host allocations
63
64;; External addresses.
f5c3343e
MW		 65(defhost guvnor.dmz ((:ipv4 gw 0) (:ipv6 dmz "::1:1")))
66(defhost radius.dmz (dmz 1))
67(defhost roadstar.dmz (dmz 2))
68(defhost jem.dmz (dmz 3))
69(defhost artist.dmz (dmz 4))
70(defhost vampire.dmz (dmz 5))
71(defhost universe.dmz (dmz 6))
ff6c53ad 72(defhost ibanez.dmz (dmz 9))
04db9729 73(defhost anon.dmz (dmz 12))
9b7e4069 74(defhost nat.dmz ((:ipv4 dmz 14)))
ff6c53ad 75
bda4d30e
MW		 76;; Formerly colocated addresses.
77(defhost precision.dmz ((:ipv4 dmz1 1) (:ipv6 dmz 33)))
78(defhost telecaster.dmz ((:ipv4 dmz1 2) (:ipv6 dmz 34)))
79(defhost stratocaster.dmz ((:ipv4 dmz1 3) (:ipv6 dmz 35)))
80(defhost jazz.dmz ((:ipv4 dmz1 4) (:ipv6 dmz 36)))
81(defhost fender.dmz ((:ipv4 dmz1 9) (:ipv6 dmz 41)))
82(defhost marshall.dmz ((:ipv4 dmz1 11) (:ipv6 dmz "::2:1")))
83(defhost richmond.dmz ((:ipv4 dmz1 12) (:ipv6 dmz "::1:1")))
84(defhost blackhole.dmz ((:ipv4 dmz1 14) (:ipv6 dmz "::ffff")))
85
eec350e2
MW		 86;; Jump virtual hosts.
87(defhost eggle.jump ((:ipv4 "185.73.44.143")
88 (:ipv6 jump-ipv6 "8002::1")))
89
b577b999
MW		 90;; Linode virtual hosts.
91(defhost national.linode ((:ipv4 "45.33.118.239")
92 (:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))
93
ff6c53ad
MW		 94;; Unsafe network.
95(defhost radius.unsafe (unsafe 1))
96(defhost roadstar.unsafe (unsafe 2))
97(defhost jem.unsafe (unsafe 3))
98(defhost artist.unsafe (unsafe 4))
99(defhost vampire.unsafe (unsafe 5))
664e6cf9 100(defhost universe.unsafe (unsafe 6))
bda4d30e
MW		 101(defhost precision.unsafe (unsafe 7))
102(defhost telecaster.unsafe (unsafe 8))
103(defhost stratocaster.unsafe (unsafe 9))
104(defhost jazz.unsafe (unsafe 10))
ff6c53ad 105(defhost ibanez.unsafe (unsafe 14))
bda4d30e 106(defhost fender.unsafe (unsafe 15))
f409e9c5 107(defhost groove.unsafe (unsafe 17))
ff6c53ad 108
55f161b6 109;; Client hosts, with IPv6 addresses.
f5c3343e
MW		 110(defhost gibson.unsafe ((:ipv6 unsafe "e269:95ff:fe63:bb4")))
111(defhost crybaby.unsafe ((:ipv6 unsafe "216:eaff:fec2:4cb8")))
112(defhost lespaul.unsafe ((:ipv6 unsafe "a00:27ff:fef5:aaef")))
113(defhost haze.unsafe ((:ipv6 unsafe "5056:a8ff:fe01:5654")))
114(defhost gretsch.unsafe ((:ipv6 unsafe "3a2c:4aff:fe6d:e768")))
ca8149e1 115(defhost spirit.unsafe ((:ipv6 unsafe "568d:5aff:fed9:18b8")))
f5c3343e
MW		 116(defhost invader.safe ((:ipv6 safe "a00:27ff:fe94:a5d7")))
117(defhost marauder.safe ((:ipv6 safe "a00:27ff:fe6a:7846")))
a45e1496 118(defhost unicorn.safe ((:ipv6 safe "20e:c6ff:fe90:a926")))
55f161b6 119
ff6c53ad 120;; Safe network.
d8536712
MW		 121(defhost radius.safe (safe 1))
122(defhost vampire.safe (safe 2))
1f20839b 123(defhost evolution.safe (safe 3))
c32d96fa
MW		 124(defhost grigsby.safe (safe 4))
125(defhost carling.safe (safe 5))
126(defhost tritan.safe (safe 6))
327c80f3
MW		 127(defhost kitkat.safe (safe 7))
128(defhost lunch.safe (safe 8))
32926f3b 129(defhost burntaxe.safe (safe 9))
a45e1496 130(defhost unicorn.safe ((:ipv4 safe 10)))
ff6c53ad
MW		 131
132;; Wireless network.
133(defhost radius.untrusted (untrusted 1))
0302997e 134(defhost artist.untrusted (untrusted 2))
ff6c53ad 135(defhost vampire.untrusted (untrusted 3))
bda4d30e 136(defhost jazz.untrusted (untrusted 4))
ff6c53ad
MW		 137
138;; Virtual private network.
727a746f 139(defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
9b7e4069 140(defhost terror.vpn ((:ipv4 vpn 2)))
727a746f 141(defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
5a33b178 142(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
aa779726
MW		 143(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
144(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
145(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
146(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
e8d49c40 147(defhost spirit.vpn ((:ipv4 vpn 9) (:ipv6 vpn "::9:1")))
2af6f6bd 148(defhost groove.vpn ((:ipv4 vpn 10) (:ipv6 vpn "::10:1")))
ff6c53ad 149
b577b999
MW		 150;; Untrusted private network.
151(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))
ce6486a8 152(defhost mdwdev.upn ((:ipv4 upn 2) (:ipv6 upn "::2:1")))
eec350e2 153(defhost eggle.upn ((:ipv4 upn 3) (:ipv6 upn "::3:1")))
b577b999 154
ff6c53ad 155;; Iodine network.
17c95de9 156(defhost jazz.iodine (iodine 1))
ff6c53ad 157
df1d9fe1
MW		 158;; Hippotat network.
159(defhost jazz.hippo (hippo 1))
160(defhost crybaby.hippo (hippo 2))
e8d49c40 161(defhost spirit.hippo (hippo 3))
df1d9fe1 162
ff6c53ad
MW		 163;; Special network for ITS.
164;; It doesn't understand point-to-point links, so we need a little net.
165(defhost gw.its (its 1))
166(defhost mz.its (its 2))
167
345c0f69 168;; Anycast addresses for services.
727a746f
MW		 169(defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
170(defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
171(defhost ntp0.any ((:ipv4 any 2) (:ipv6 any "::2:1")))
172(defhost ntp1.any ((:ipv4 any 3) (:ipv6 any "::3:1")))
173(defhost www-cache.any ((:ipv4 any 4) (:ipv6 any "::4:1")))
174(defhost krb0.any ((:ipv4 any 5) (:ipv6 any "::5:1")))
175(defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
345c0f69 176
ff6c53ad
MW		 177;;;--------------------------------------------------------------------------
178;;; Host switch.
179
180(preferred-subnet-case
be5a78bf 181 (unsafe
ff6c53ad 182 (defhost radius radius.unsafe)
76a134ee 183 (defhost vampire vampire.unsafe)
be5a78bf
MW		 184 (defhost precision precision.unsafe)
185 (defhost telecaster telecaster.unsafe)
186 (defhost stratocaster stratocaster.unsafe)
eec350e2
MW		 187 (defhost national national.upn)
188 (defhost eggle eggle.upn))
c0430253
MW		 189 (t
190 (defhost radius radius.dmz)
76a134ee 191 (defhost vampire vampire.dmz)
be5a78bf
MW		 192 (defhost precision precision.dmz)
193 (defhost telecaster telecaster.dmz)
194 (defhost stratocaster stratocaster.dmz)
eec350e2
MW		 195 (defhost national national.linode)
196 (defhost eggle eggle.jump)))
ff6c53ad 197
be5a78bf 198(defhost marshall marshall.dmz)
ce6486a8 199(defhost mdwdev mdwdev.upn)
033baee0 200
ff6c53ad 201;;;----- That's all, folks --------------------------------------------------
Zone files for the DNS zones I administer