X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/zones/blobdiff_plain/2af6f6bd78893d7a2f4d4f5909c73c832702597d..bda4d30e98bbdd8a499c9d2faa31e7e61de6c00f:/distorted.lisp diff --git a/distorted.lisp b/distorted.lisp index a35b3db..d77925e 100644 --- a/distorted.lisp +++ b/distorted.lisp @@ -91,43 +91,43 @@ (defzone distorted.org.uk :v "DKIM1" :k "rsa" :h "sha256" :s "email")) ;; Anycast services. - (dns0 :anycast ((any dns0.any) - (jump precision.jump) + (dns0 :anycast ((any dns0.any) (jump precision.jump) + (nany dns0.nany) (colo precision.colo) (dmz radius.dmz) (unsafe radius.unsafe))) - (dns1 :anycast ((any dns1.any) - (jump telecaster.jump) + (dns1 :anycast ((any dns1.any) (jump telecaster.jump) + (nany dns1.nany) (dmz vampire.dmz) (unsafe vampire.unsafe) (colo telecaster.colo))) (dns :cname dns0) - (ntp0 :anycast ((any ntp0.any) - (jump fender.jump) + (ntp0 :anycast ((any ntp0.any) (jump fender.jump) + (nany ntp0.nany) (dmz ibanez.dmz) (unsafe ibanez.unsafe) (colo fender.colo))) - (ntp1 :anycast ((any ntp1.any) - (dmz vampire.dmz) + (ntp1 :anycast ((any ntp1.any) (dmz vampire.dmz) + (nany ntp1.nany) (unsafe vampire.unsafe))) (ntp :cname ntp0) - (www-cache :anycast ((any www-cache.any) - (jump telecaster.jump) + (www-cache :anycast ((any www-cache.any) (jump telecaster.jump) + (nany www-cache.nany) (dmz roadstar.dmz) (unsafe roadstar.unsafe) (colo telecaster.colo))) (wpad :cname www-cache) (_kerberos :txt "DISTORTED.ORG.UK") - (krb0 :anycast ((any krb0.any) - (jump precision.jump) + (krb0 :anycast ((any krb0.any) (jump precision.jump) + (nany krb0.nany) (dmz radius.dmz) (unsafe radius.unsafe) (colo precision.colo))) - (krb1 :anycast ((any krb1.any) - (dmz vampire.dmz) + (krb1 :anycast ((any krb1.any) (dmz vampire.dmz) + (nany krb1.nany) (unsafe vampire.unsafe))) (krb-master (unsafe :svc radius.unsafe) (dmz :svc radius.dmz)) @@ -204,10 +204,13 @@ (defzone distorted.org.uk (fender :abbrev f (colo :abbrev fc) (jump :abbrev fj)) (fender (colo :addr fender.colo :sshfp "fender") (jump :addr fender.jump :sshfp "fender")) - (precision :abbrev p (colo :abbrev pc) (jump :abbrev pj) (vpn :abbrev pv)) + (precision :abbrev p + (colo :abbrev pc) (jump :abbrev pj) + (vpn :abbrev pv) (nvpn :abbrev pnv)) (precision (colo :addr precision.colo :sshfp "precision") (jump :addr precision.jump :sshfp "precision") - (vpn :addr precision.vpn :sshfp "precision")) + (vpn :addr precision.vpn :sshfp "precision") + (nvpn :addr precision.nvpn :sshfp "precision")) (telecaster :alias tele :abbrev t (colo :alias tele.colo :abbrev tc) (jump :alias tele.jump :abbrev tj)) @@ -218,18 +221,44 @@ (defzone distorted.org.uk (jump :alias strat.jump :abbrev sj)) (stratocaster (colo :addr stratocaster.colo :sshfp "stratocaster") (jump :addr stratocaster.jump :sshfp "stratocaster")) - (jazz :abbrev z (colo :abbrev zc) (jump :abbrev zj) (vpn :abbrev :zv)) + (jazz :abbrev z + (colo :abbrev zc) (jump :abbrev zj) + (vpn :abbrev :zv) (nvpn :abbrev :znv)) (jazz (colo :addr jazz.colo :sshfp "jazz") (jump :addr jazz.jump :sshfp "jazz") (vpn :addr jazz.vpn :sshfp "jazz") + (nvpn :addr jazz.nvpn :sshfp "jazz") (iodine :addr jazz.iodine :sshfp "jazz") (hippo :addr jazz.hippo :sshfp "jazz")) + ;; Formerly colocated hosts. + (nfender :abbrev nf (unsafe :abbrev fu) (dmz :abbrev fd)) + (nfender (unsafe :addr fender.unsafe :sshfp "fender") + (dmz :addr fender.dmz :sshfp "fender")) + (nprecision :abbrev np (unsafe :abbrev pu) (dmz :abbrev pd)) + (nprecision (unsafe :addr precision.unsafe :sshfp "precision") + (dmz :addr precision.dmz :sshfp "precision")) + (ntelecaster :alias ntele :abbrev nt + (unsafe :alias tele.unsafe :abbrev tu) + (dmz :alias tele.dmz :abbrev td)) + (ntelecaster (unsafe :addr telecaster.unsafe :sshfp "telecaster") + (dmz :addr telecaster.dmz :sshfp "telecaster")) + (nstratocaster :alias nstrat :abbrev ns + (unsafe :alias strat.unsafe :abbrev su) + (dmz :alias strat.dmz :abbrev sd)) + (nstratocaster (unsafe :addr stratocaster.unsafe :sshfp "stratocaster") + (dmz :addr stratocaster.dmz :sshfp "stratocaster")) + (njazz :abbrev nz (unsafe :abbrev zu) (dmz :abbrev zd)) + (njazz (unsafe :addr jazz.unsafe :sshfp "jazz") + (dmz :addr jazz.dmz :sshfp "jazz")) + ;; Virtual hosts. - (national :abbrev n (linode :abbrev nl) (upn :abbrev ny)) + (national :abbrev n (linode :abbrev nl) (upn :abbrev ny) (nupn :abbrev nny)) (national (linode :addr national.linode) - (upn :addr national.upn)) - (mdwdev (upn :addr mdwdev.upn)) + (upn :addr national.upn) + (nupn :addr national.nupn)) + (mdwdev (upn :addr mdwdev.upn) + (nupn :addr mdwdev.nupn)) ;; Nicko's servers. (richmond (jump :svc richmond.jump)) @@ -266,22 +295,26 @@ (defzone distorted.org.uk (safe :net safe) (untrusted :net untrusted) (vampire :abbrev v - (unsafe :abbrev vu) (dmz :abbrev vd) (vpn :abbrev vv) + (unsafe :abbrev vu) (dmz :abbrev vd) + (vpn :abbrev vv) (nvpn :abbrev vnv) (safe :abbrev vs) (untrusted :abbrev vx)) (vampire (unsafe :addr vampire.unsafe :sshfp "vampire") (dmz :addr vampire.dmz :sshfp "vampire") (vpn :addr vampire.vpn :sshfp "vampire") + (nvpn :addr vampire.nvpn :sshfp "vampire") (safe :addr vampire.safe :sshfp "vampire") (untrusted :addr vampire.untrusted :sshfp "vampire")) (ibanez :abbrev i (unsafe :abbrev iu) (dmz :abbrev id)) (ibanez (unsafe :addr ibanez.unsafe :sshfp "ibanez") (dmz :addr ibanez.dmz :sshfp "ibanez")) (radius :abbrev r - (unsafe :abbrev ru) (dmz :abbrev rd) (vpn :abbrev rv) + (unsafe :abbrev ru) (dmz :abbrev rd) + (vpn :abbrev rv) (nvpn :abbrev rnv) (safe :abbrev rs) (untrusted :abbrev rx)) (radius (unsafe :addr radius.unsafe :sshfp "radius") (dmz :addr radius.dmz :sshfp "radius") (vpn :addr radius.vpn :sshfp "radius") + (nvpn :addr radius.nvpn :sshfp "radius") (safe :addr radius.safe :sshfp "radius") (untrusted :addr radius.untrusted :sshfp "radius")) (roadstar :abbrev rg (unsafe :abbrev rgu) (dmz :abbrev rgd)) @@ -299,9 +332,10 @@ (defzone distorted.org.uk (dmz :addr artist.dmz :sshfp "artist") (untrusted :addr artist.untrusted :sshfp "artist")) (groove :abbrev gr - (unsafe :abbrev gru) (vpn :abbrev grv)) - (groove (unsafe :addr groove.unsafe :sshfp "groove") - (vpn :addr groove.vpn :sshfp "groove")) + (vpn :abbrev grv) (nvpn :abbrev ngrv) (unsafe :abbrev gru)) + (groove (vpn :addr groove.vpn :sshfp "groove") + (nvpn :addr groove.nvpn :sshfp "groove") + (unsafe :addr groove.unsafe :sshfp "groove")) ;; DHCP hosts. (gibson :cname gibson.dhcp :abbrev g) @@ -312,17 +346,21 @@ (defzone distorted.org.uk (gretsch :cname gretsch.dhcp) ;; Virtual network. - (vpn :net vpn) + (vpn :net vpn) (nvpn :net nvpn) (crybaby :abbrev cb) (crybaby (vpn :addr crybaby.vpn :sshfp "crybaby") + (nvpn :addr crybaby.nvpn :sshfp "crybaby") (hippo :addr crybaby.hippo :sshfp "crybaby")) (spirit (vpn :addr spirit.vpn :sshfp "spirit") + (nvpn :addr spirit.nvpn :sshfp "spirit") (hippo :addr spirit.hippo :sshfp "spirit")) (terror (vpn :addr terror.vpn :sshfp "terror")) (orange :abbrev o) - (orange (vpn :addr orange.vpn :sshfp "orange")) + (orange (vpn :addr orange.vpn :sshfp "orange") + (nvpn :addr orange.nvpn :sshfp "orange")) (haze :abbrev h) - (haze (vpn :addr haze.vpn :sshfp "haze")) + (haze (vpn :addr haze.vpn :sshfp "haze") + (nvpn :addr haze.nvpn :sshfp "haze")) (iodine :net iodine) (hippo :net hippo) @@ -332,7 +370,8 @@ (defzone distorted.org.uk (mz (its :addr mz.its)) ;; Strange things. - (blackhole (jump :addr blackhole.jump)) + (blackhole (dmz :addr blackhole.dmz) + (jump :addr blackhole.jump)) ;; Delegations. (dhcp :ns ((radius.ns.dhcp :ip radius) @@ -436,6 +475,15 @@ (defzone 128-143.238.187.81.in-addr.arpa secondary-dns.co.uk.) :reverse ((((:ipv4 dmz))))) +(defzone 64-79.12.169.217.in-addr.arpa + :ns (radius.distorted.org.uk. + vampire.distorted.org.uk. + precision.distorted.org.uk. + telecaster.distorted.org.uk. + national.distorted.org.uk. + secondary-dns.co.uk.) + :reverse ((((:ipv4 dmz1))))) + (defzone 195.113.2.81.in-addr.arpa :ns (radius.distorted.org.uk. vampire.distorted.org.uk.