Update tech_docs/its_the_new_style_design.md

tech_docs/its_the_new_style_design.md

@@ -1,3 +1,51 @@
+Complete, symmetry-first DNS name & function list  
+(ready to drop straight into **dnsmasq-static-hosts** or NetBox)
+
+────────────────────────────────────────  
+**INFRA zone** 10.0.255.0/28 2001:db8:c0de:ffff::/64  
+
+| Function / Role | DNS name | IPv4 | IPv6 | Notes |
+|---|---|---|---|---|
+| Swarm Manager-01 (primary) | mgr-01.infra.mycorp.net | 10.0.255.1 | 2001:db8:c0de:ffff::1 | Docker Swarm leader, **private VLAN 255** |
+| Swarm Manager-02 | mgr-02.infra.mycorp.net | 10.0.255.2 | 2001:db8:c0de:ffff::2 | Raft voter |
+| Swarm Manager-03 | mgr-03.infra.mycorp.net | 10.0.255.3 | 2001:db8:c0de:ffff::3 | Raft voter |
+| Internal CA (step-ca) | ca.infra.mycorp.net | 10.0.255.4 | 2001:db8:c0de:ffff::4 | TLS ACME endpoint |
+| DNS/DHCP server | ns-01.infra.mycorp.net | 10.0.255.10 | 2001:db8:c0de:ffff::10 | dnsmasq host |
+| Swarm VIP **swarm.infra** | swarm.infra.mycorp.net | 10.0.255.11 | 2001:db8:c0de:ffff::11 | Any manager IP (RR if needed) |
+| Reserved for Registry | reg.infra.mycorp.net | 10.0.255.20 | 2001:db8:c0de:ffff::20 | Future Docker registry |
+
+────────────────────────────────────────  
+**DMZ zone** 10.0.1.0/24 2001:db8:c0de:2000::/64  
+
+| Function / Role | DNS name | IPv4 | IPv6 | Notes |
+|---|---|---|---|---|
+| Swarm ingress LB | lb.dmz.mycorp.net | 10.0.1.1 | 2001:db8:c0de:2000::1 | HAProxy / Traefik |
+| Web service A | web-01.dmz.mycorp.net | 10.0.1.10 | 2001:db8:c0de:2000::10 | Example service |
+| Web service B | web-02.dmz.mycorp.net | 10.0.1.11 | 2001:db8:c0de:2000::11 | Example service |
+| API service | api-01.dmz.mycorp.net | 10.0.1.20 | 2001:db8:c0de:2000::20 | Internal API |
+| DB service | db-01.dmz.mycorp.net | 10.0.1.30 | 2001:db8:c0de:2000::30 | Postgres / Mongo |
+
+────────────────────────────────────────  
+**LAN zone** 10.0.0.0/24 2001:db8:c0de:1000::/64  
+
+| Function / Role | DNS name | IPv4 | IPv6 | Notes |
+|---|---|---|---|---|
+| Gateway | gw-01.lan.mycorp.net | 10.0.0.1 | 2001:db8:c0de:1000::1 | Default route |
+| Optional Worker | wrk-01.lan.mycorp.net | 10.0.0.10 | 2001:db8:c0de:1000::10 | Swarm worker node |
+| Printer | prnt-01.lan.mycorp.net | 10.0.0.20 | 2001:db8:c0de:1000::20 | Static lease |
+| Wi-Fi AP | wifi-01.lan.mycorp.net | 10.0.0.30 | 2001:db8:c0de:1000::30 | AP management |
+
+────────────────────────────────────────  
+**Docker Swarm DNS conventions (internal)**
+
+- Every **service** in the overlay network is reachable as  
+  `<service>.<stack>.sym-net` (e.g. `web.hello.sym-net`).  
+- External A/AAAA records (above) are **round-robin** via dnsmasq; Swarm’s **internal DNS** at `127.0.0.11` handles service discovery inside the cluster .
+
+Drop the list in `/etc/dnsmasq-static-hosts`, reload `dnsmasq`, and every hostname & function is **self-documented and symmetrical**.
+
+---
+
 Next logical step: **turn the meta-themes into a *migration-ready manifest*** so the *next* DNS/DHCP engine (Kea + BIND or NetBox) can **inherit the haiku without re-typing it**.
 
 We only touch three artefacts: