X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/zones/blobdiff_plain/727a746fe9876aaaff8247d8f5273b36b109a001..HEAD:/hosts.lisp

diff --git a/hosts.lisp b/hosts.lisp
index 4d3e7dc..8add49a 100644
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -6,13 +6,15 @@
 ;;; External hosts.
 
 (defhost boyle.nsict.org ((:ipv4 "85.158.42.162")))
-(defhost chiark.greenend.org.uk ((:ipv4 "212.13.197.229")
-				 (:ipv6 "2001:ba8:1e3::")))
+(defhost chiark.greenend.org.uk ((:ipv4 "93.93.131.173")
+				 (:ipv6 "2a00:1098:86:130::1")))
 (defhost mccoy.flatline.org.uk "80.74.241.31")
-(defhost mythic-ns1 ((:ipv4 "69.56.173.190")
-		     (:ipv6 "2600:3c00::f03c:91ff:fe96:beac")))
+(defhost mythic-ns1 ((:ipv4 "45.33.127.156")
+		     (:ipv6 "2600:3c00:e000:19::1")))
 (defhost mythic-ns2 ((:ipv4 "93.93.128.67")
 		     (:ipv6 "2a00:1098:0:80:1000::10")))
+(defhost mythic-ns3 ((:ipv4 "185.24.221.32")
+		     (:ipv6 "2a02:2770:11:0:21a:4aff:febe:759b")))
 (defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
 
 ;;;--------------------------------------------------------------------------
@@ -22,61 +24,66 @@ (defhost gandi-ns6 ((:ipv4 "217.70.177.40")))
 (defnet distorted.org.uk "172.29.198/23"
   (untrusted "198.0/24"
     (wireless "0/25")
-    (iodine "128/28"))
+    (iodine "128/28")
+    (hippo "144/28")
+    (upn "160/27"))
   (trusted "199.0/24"
     (wired "0/25"
       (unsafe "0/27")
       (dhcp "32/27"))
     (vpn "128/27")
     (its "160/30")
-    (colo "176/28")
     (safe "192/27")
     (any "224/27")))
 
-;; Externally routable DMZ from Demon.
-(defnet dmz "62.49.204.144/28")
-
-;; Externally routed colo range.
-(defnet jump "212.13.198.66/28")
-(defnet jump "2001:ba8:0:1d9/64")
-(defnet distorted.org.uk-jump "2001:ba8:1d9/48"
-  (colo "2/64")
+;; Externally routable DMZ from Andrews and Arnold.
+(defnet gw "81.2.113.195")
+(defnet dmz "81.187.238.128/28")
+(defnet dmz1 "217.169.12.64/28")
+(defnet distorted.org.uk-aaisp "2001:8b0:c92/48"
+  (unsafe "1/64"
+    (dhcp "6468:6370/96"))
   (any "0/64")
-  (vpn "6000/64"))
-
-;; Hurricane Electric IPv6-inIPv4 tunnel.
-(defnet he-tunnel "2001:470:1f08:1b98/64")
-(defnet dmz "2001:470:1f09:1b98/64")
-(defnet distorted.org.uk-he "2001:470:9740/48"
-  (unsafe "1/64")
+  (dmz "fff/64")
   (safe "4001/64")
-  (untrusted "8001/64"))
+  (vpn "6000/64")
+  (untrusted "8001/64")
+  (upn "a000/64"))
+
+(defnet jump-ipv6 "2001:ba8:1d9/48")
 
 ;;;--------------------------------------------------------------------------
 ;;; Host allocations
 
 ;; External addresses.
-(defhost guvnor.dmz ((:ipv4 dmz 1)))
-(defhost radius.dmz (dmz 2))
-(defhost roadstar.dmz (dmz 3))
-(defhost jem.dmz (dmz 4))
-(defhost artist.dmz (dmz 5))
-(defhost vampire.dmz (dmz 6))
+(defhost guvnor.dmz ((:ipv4 gw 0) (:ipv6 dmz "::1:1")))
+(defhost radius.dmz (dmz 1))
+(defhost roadstar.dmz (dmz 2))
+(defhost jem.dmz (dmz 3))
+(defhost artist.dmz (dmz 4))
+(defhost vampire.dmz (dmz 5))
+(defhost universe.dmz (dmz 6))
 (defhost ibanez.dmz (dmz 9))
 (defhost anon.dmz (dmz 12))
 (defhost nat.dmz ((:ipv4 dmz 14)))
 
-;; Colocated addresses.
-(defhost gate.jump ((:ipv6 jump 2)))
-(defhost fender.jump (jump 5))
-(defhost precision.jump (jump 6))
-(defhost telecaster.jump (jump 7))
-(defhost stratocaster.jump (jump 8))
-(defhost jazz.jump (jump 9))
-(defhost jaguar.jump ((:ipv4 jump 11)))
-(defhost richmond.jump ((:ipv4 jump 12) (:ipv6 jump "::1:1")))
-(defhost anon.jump (jump 13))
-(defhost blackhole.jump ((:ipv4 jump 14) (:ipv6 jump "::ffff")))
+;; Formerly colocated addresses.
+(defhost precision.dmz ((:ipv4 dmz1 1) (:ipv6 dmz 33)))
+(defhost telecaster.dmz ((:ipv4 dmz1 2) (:ipv6 dmz 34)))
+(defhost stratocaster.dmz ((:ipv4 dmz1 3) (:ipv6 dmz 35)))
+(defhost jazz.dmz ((:ipv4 dmz1 4) (:ipv6 dmz 36)))
+(defhost fender.dmz ((:ipv4 dmz1 9) (:ipv6 dmz 41)))
+(defhost marshall.dmz ((:ipv4 dmz1 11) (:ipv6 dmz "::2:1")))
+(defhost richmond.dmz ((:ipv4 dmz1 12) (:ipv6 dmz "::1:1")))
+(defhost blackhole.dmz ((:ipv4 dmz1 14) (:ipv6 dmz "::ffff")))
+
+;; Jump virtual hosts.
+(defhost eggle.jump ((:ipv4 "185.73.44.143")
+		     (:ipv6 jump-ipv6 "8002::1")))
+
+;; Linode virtual hosts.
+(defhost national.linode ((:ipv4 "45.33.118.239")
+			  (:ipv6 "2600:3c00::f03c:91ff:fe3b:d7c1")))
 
 ;; Unsafe network.
 (defhost radius.unsafe (unsafe 1))
@@ -84,44 +91,72 @@ (defhost roadstar.unsafe (unsafe 2))
 (defhost jem.unsafe (unsafe 3))
 (defhost artist.unsafe (unsafe 4))
 (defhost vampire.unsafe (unsafe 5))
+(defhost universe.unsafe (unsafe 6))
+(defhost precision.unsafe (unsafe 7))
+(defhost telecaster.unsafe (unsafe 8))
+(defhost stratocaster.unsafe (unsafe 9))
+(defhost jazz.unsafe (unsafe 10))
 (defhost ibanez.unsafe (unsafe 14))
+(defhost fender.unsafe (unsafe 15))
+(defhost groove.unsafe (unsafe 17))
 
 ;; Client hosts, with IPv6 addresses.
-(defhost gibson.unsafe ((:ipv6 "2001:470:9740:1:e269:95ff:fe63:bb4")))
-(defhost lespaul.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fef5:aaef")))
-(defhost invader.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe94:a5d7")))
-(defhost marauder.safe ((:ipv6 "2001:470:9740:4001:a00:27ff:fe6a:7846")))
+(defhost gibson.unsafe ((:ipv6 unsafe "e269:95ff:fe63:bb4")))
+(defhost crybaby.unsafe ((:ipv6 unsafe "216:eaff:fec2:4cb8")))
+(defhost lespaul.unsafe ((:ipv6 unsafe "a00:27ff:fef5:aaef")))
+(defhost haze.unsafe ((:ipv6 unsafe "5056:a8ff:fe01:5654")))
+(defhost gretsch.unsafe ((:ipv6 unsafe "3a2c:4aff:fe6d:e768")))
+(defhost invader.safe ((:ipv6 safe "a00:27ff:fe94:a5d7")))
+(defhost marauder.safe ((:ipv6 safe "a00:27ff:fe6a:7846")))
+(defhost spirit.unsafe ((:ipv6 unsafe "568d:5aff:fed9:18b8")))
 
 ;; Safe network.
 (defhost radius.safe (safe 1))
 (defhost vampire.safe (safe 2))
-(defhost evolution.safe ((:ipv4 safe 3)))
+(defhost evolution.safe (safe 3))
+(defhost grigsby.safe (safe 4))
+(defhost carling.safe (safe 5))
+(defhost tritan.safe (safe 6))
+(defhost kitkat.safe (safe 7))
+(defhost lunch.safe (safe 8))
+(defhost burntaxe.safe (safe 9))
 
 ;; Wireless network.
 (defhost radius.untrusted (untrusted 1))
 (defhost artist.untrusted (untrusted 2))
 (defhost vampire.untrusted (untrusted 3))
+(defhost jazz.untrusted (untrusted 4))
 
 ;; Virtual private network.
 (defhost crybaby.vpn ((:ipv4 vpn 1) (:ipv6 vpn "::1:1")))
 (defhost terror.vpn ((:ipv4 vpn 2)))
 (defhost orange.vpn ((:ipv4 vpn 3) (:ipv6 vpn "::3:1")))
+(defhost haze.vpn ((:ipv4 vpn 4) (:ipv6 vpn "::4:1")))
+(defhost radius.vpn ((:ipv4 vpn 5) (:ipv6 vpn "::5:1")))
+(defhost precision.vpn ((:ipv4 vpn 6) (:ipv6 vpn "::6:1")))
+(defhost jazz.vpn ((:ipv4 vpn 7) (:ipv6 vpn "::7:1")))
+(defhost vampire.vpn ((:ipv4 vpn 8) (:ipv6 vpn "::8:1")))
+(defhost spirit.vpn ((:ipv4 vpn 9) (:ipv6 vpn "::9:1")))
+(defhost groove.vpn ((:ipv4 vpn 10) (:ipv6 vpn "::10:1")))
+
+;; Untrusted private network.
+(defhost national.upn ((:ipv4 upn 1) (:ipv6 upn "::1:1")))
+(defhost mdwdev.upn ((:ipv4 upn 2) (:ipv6 upn "::2:1")))
+(defhost eggle.upn ((:ipv4 upn 3) (:ipv6 upn "::3:1")))
 
 ;; Iodine network.
 (defhost jazz.iodine (iodine 1))
 
+;; Hippotat network.
+(defhost jazz.hippo (hippo 1))
+(defhost crybaby.hippo (hippo 2))
+(defhost spirit.hippo (hippo 3))
+
 ;; Special network for ITS.
 ;; It doesn't understand point-to-point links, so we need a little net.
 (defhost gw.its (its 1))
 (defhost mz.its (its 2))
 
-;; Internal (VPN) addresses for colocated services.
-(defhost fender.colo (colo 1))
-(defhost precision.colo (colo 2))
-(defhost telecaster.colo (colo 3))
-(defhost stratocaster.colo (colo 4))
-(defhost jazz.colo (colo 5))
-
 ;; Anycast addresses for services.
 (defhost dns0.any ((:ipv4 any 0) (:ipv6 any "::0:1")))
 (defhost dns1.any ((:ipv4 any 1) (:ipv6 any "::1:1")))
@@ -135,17 +170,24 @@ (defhost krb1.any ((:ipv4 any 6) (:ipv6 any "::6:1")))
 ;;; Host switch.
 
 (preferred-subnet-case
-  ((unsafe colo)
+  (unsafe
    (defhost radius radius.unsafe)
-   (defhost precision precision.colo)
-   (defhost telecaster telecaster.colo)
-   (defhost stratocaster stratocaster.colo)
-   (defhost vampire vampire.unsafe))
+   (defhost vampire vampire.unsafe)
+   (defhost precision precision.unsafe)
+   (defhost telecaster telecaster.unsafe)
+   (defhost stratocaster stratocaster.unsafe)
+   (defhost national national.upn)
+   (defhost eggle eggle.upn))
   (t
    (defhost radius radius.dmz)
-   (defhost precision precision.jump)
-   (defhost telecaster telecaster.jump)
-   (defhost stratocaster stratocaster.jump)
-   (defhost vampire vampire.dmz)))
+   (defhost vampire vampire.dmz)
+   (defhost precision precision.dmz)
+   (defhost telecaster telecaster.dmz)
+   (defhost stratocaster stratocaster.dmz)
+   (defhost national national.linode)
+   (defhost eggle eggle.jump)))
+
+(defhost marshall marshall.dmz)
+(defhost mdwdev mdwdev.upn)
 
 ;;;----- That's all, folks --------------------------------------------------