diff --git a/hieradata/roles/infra/dns/master.yaml b/hieradata/roles/infra/dns/master.yaml
index 4f0dcbc..ef7d4c4 100644
--- a/hieradata/roles/infra/dns/master.yaml
+++ b/hieradata/roles/infra/dns/master.yaml
@@ -21,6 +21,18 @@ profiles::dns::master::zones:
     dynamic: false
     ns_notify: true
     source: '/var/named/sources/17.18.198.in-addr.arpa.conf'
+  16.18.198.in-addr.arpa:
+    domain: '16.18.198.in-addr.arpa'
+    zone_type: 'master'
+    dynamic: false
+    ns_notify: true
+    source: '/var/named/sources/16.18.198.in-addr.arpa.conf'
+  15.18.198.in-addr.arpa:
+    domain: '15.18.198.in-addr.arpa'
+    zone_type: 'master'
+    dynamic: false
+    ns_notify: true
+    source: '/var/named/sources/15.18.198.in-addr.arpa.conf'
 
 profiles::dns::master::views:
   master-zones:
@@ -28,6 +40,8 @@ profiles::dns::master::views:
     zones:
       - main.unkin.net
       - 17.18.198.in-addr.arpa
+      - 16.18.198.in-addr.arpa
+      - 15.18.198.in-addr.arpa
     match_clients:
       - acl-main.unkin.net
 
diff --git a/hieradata/roles/infra/ntp/server.yaml b/hieradata/roles/infra/ntp/server.yaml
index e618573..fddfc78 100644
--- a/hieradata/roles/infra/ntp/server.yaml
+++ b/hieradata/roles/infra/ntp/server.yaml
@@ -1,6 +1,8 @@
 ---
 profiles::ntp::client::client_only: false
 profiles::ntp::server::allowquery:
+  - '198.18.15.0/24'
+  - '198.18.16.0/24'
   - '198.18.17.0/24'
 
 profiles::ntp::server::peers:
diff --git a/hieradata/roles/infra/puppet/master.yaml b/hieradata/roles/infra/puppet/master.yaml
index 86dcbec..f475770 100644
--- a/hieradata/roles/infra/puppet/master.yaml
+++ b/hieradata/roles/infra/puppet/master.yaml
@@ -1,5 +1,7 @@
 ---
 profiles::puppet::autosign::subnet_ranges:
+  - '198.18.15.0/24'
+  - '198.18.16.0/24'
   - '198.18.17.0/24'
 
 profiles::puppet::autosign::domains: