;;; Network allocations
;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
+(defnet inet 62.49.204.144/28)
+
(defnet distorted.org.uk 172.29.198.0/23
(untrusted 256
(wireless 128)
;;; Host allocations
;; External addresses.
-(defhost guvnor.demon 80.177.3.76)
+(defhost guvnor.inet (inet 1))
+(defhost radius.inet (inet 2))
+(defhost roadstar.inet (inet 3))
+(defhost jem.inet (inet 4))
+(defhost artist.inet (inet 5))
+(defhost vampire.inet (inet 6))
+(defhost ibanez.inet (inet 9))
+(defhost gate.inet (inet 13))
+(defhost nat.inet (inet 14))
;; Unsafe network.
-(defhost guvnor (unsafe 1))
-(defhost metalzone (unsafe 2))
-(defhost radius (unsafe 3))
-(defhost vampire (unsafe 4))
-(defhost roadstar (unsafe 5))
-(defhost jem (unsafe 6))
-(defhost artist (unsafe 7))
+(defhost radius (unsafe 1))
+(defhost roadstar (unsafe 2))
+(defhost jem (unsafe 3))
+(defhost artist (unsafe 4))
+(defhost vampire (unsafe 5))
(defhost ibanez (unsafe 14))
;; Safe network.
(defhost obsidian (safe 2))
;; Wireless network.
-(defhost vampire.untrusted (untrusted 1))
+(defhost radius.untrusted (untrusted 1))
(defhost evolution (untrusted 2))
-(defhost radius.untrusted (untrusted 3))
+(defhost vampire.untrusted (untrusted 3))
;; Virtual private network.
(defhost crybaby (virtual 1))
(setf *default-zone-admin* "hostmaster@distorted.org.uk")
+(setf *default-zone-source* 'vampire.distorted.org.uk.)
(preferred-subnet-case
(fretwank
- (setf *default-zone-source* 'vampire.distorted.org.uk.)
- (defhost www-frontend metalzone)
+ (defhost www-frontend vampire)
(defhost dns-frontend vampire))
(t
- (setf *default-zone-source* 'guvnor.distorted.org.uk.)
- (defhost www-frontend guvnor.demon)
- (defhost dns-frontend guvnor.demon)))
+ (defhost www-frontend vampire.inet)
+ (defhost dns-frontend vampire.inet)))
;;;--------------------------------------------------------------------------
;;; Main zone definition.
(defzone distorted.org.uk
;;
;; Nameservers.
- :ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
- (vampire.ns :ip vampire))
+ :ns #+subnet/fretwank ((vampire.ns :ip vampire))
#-subnet/fretwank ((mythic-beasts-1.ns :ip mythic-ns1)
(mythic-beasts-2.ns :ip mythic-ns2)
(chiark.ns :ip chiark.greenend.org.uk)
- (guvnor.ns :ip guvnor.demon))
+ (radius.ns :ip radius.inet)
+ (vampire.ns :ip vampire.inet))
;;
;; Mail servers.
((@ mail lists bugs cryptomail)
:srv ((:http www)
(:ftp ftp))
;;
- ;; Colocated services.
- ;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
- ;;
- ;; Entry is via little port-forwarding box.
- (guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
+ ;; Entry is via little router box.
+ (inet :net inet)
+ (guvnor (inet :a guvnor.inet) (fretwank :svc gate.inet))
+ (gate (inet :a gate.inet))
+ (nat (inet :a nat.inet))
;;
;; Wireless gateway.
(untrusted :net untrusted)
;; Local services.
(@ :svc www-frontend)
((www ftp wiki git bugs mail db tor i2p rawk vox www-cache)
- (inet :svc guvnor.demon)
+ (inet :svc vampire.inet)
(fretwank :svc vampire))
;;
;; Internal services.
;;
;; Wired ethernet.
(fretwank :net fretwank)
- (metalzone (inet :a guvnor.demon)
- (fretwank :a metalzone))
(vampire (fretwank :a vampire)
- (inet :a guvnor.demon)
+ (inet :a vampire.inet)
(untrusted :a vampire.untrusted)
(iodine :a vampire.iodine))
(obsidian (fretwank :a obsidian))
- (ibanez (fretwank :a ibanez))
+ (ibanez (fretwank :a ibanez)
+ (inet :a ibanez.inet))
(radius (fretwank :a radius)
+ (inet :a radius.inet)
(untrusted :a radius.untrusted))
- (roadstar (fretwank :a roadstar))
- (jem (fretwank :a jem))
- (artist (fretwank :a artist))
+ (roadstar (fretwank :a roadstar)
+ (inet :a roadstar.inet))
+ (jem (fretwank :a jem)
+ (inet :a jem.inet))
+ (artist (fretwank :a artist)
+ (inet :a artist.inet))
(gibson :cname gibson.dhcp)
(lespaul :cname lespaul.dhcp)
(firebird :cname firebird.dhcp)
(mz (its :a mz))
;;
;; Delegations.
- #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
+ #+subnet/fretwank (dhcp :ns (vampire.ns))
(io :ns ((ns.io :ip dns-frontend))))
;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.
(defrevzone trusted
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
+ :ns ((vampire.ns :ip vampire))
:reverse trusted
#+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
#+subnet/fretwank (@ :cidr-delegation
(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))
(defrevzone untrusted
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
+ :ns ((vampire.ns :ip vampire))
:reverse untrusted)
+(defrevzone inet
+ :reverse inet)
+
(defzone dhcp.distorted.org.uk
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
+ :ns ((vampire.ns :ip vampire))
:net dhcp)
(defzone io.distorted.org.uk
(about :txt "Fake zone used for IP-over-DNS tunnelling."))
(defzone dhcp.199.29.172.in-addr.arpa
- :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))
+ :ns ((vampire.ns :ip vampire)))
;;;----- That's all, folks --------------------------------------------------