Ok FigsSetup Email Server From Scratch On FreeBSD - 99 FreeBSD NAT64 Router
This tutorial is partially complete 2025-05-14
Postfix, Dovecot, & PostfixAdmin work with MySQL and virtual accounts
can be created with PostfixAdmin and used with an email client. SPF, OpenDKIM,
and DMARC milters, Roundcube with sieve filters and password plugins all work.
Roundcube kolab calendar works (2025-05-20)
########################
# FreeBSD NAT64 Router #
########################
Our PBX cloud servers only support IPV4 and my home internet uses IPV6 and VOIP
phones do not work properly with this configuration. Outgoing calls to the PBX
work but incoming calls do not, the VOIP server isn't able to initiate the connection
back to the phone. I have tried VPN and that doesn't work. The VOIP phone does
support IPV6 so if I could connect by IPV6 the phone might work. If we setup a
dedicated server to convert IPV6 to IPV4 and route all calls to the IPV4 only PBX,
it might work.
I chose Azure USWest 2 to host the test FreeBSD server. One concern is that routing
all calls from the IPV4 to IPV6 will cause the server to be inaccessible so it is
better to setup 2 virtual NIC's each with 1 IPV4 and 1 IPV6, total 4 addresses.
The problem is that even though you might not need to setup a dual gateway it is
a good idea to test that all 4 addresses are working as expected. Azure is a little
strange as it doesn't have the IP addresses directly but is more similar to a home
or office network where the external addresses are routed to a private internal
network.
If one address is set as the main address with a default route and default ipv6
route then how do test the second NIC? If a ping comes in through the second NIC
it gets routed to the first NIC and this doesn't work. There are some tutorials
showing how to route incoming traffic back out the same NIC with ipfw but I
haven't gotten that far yet.
nano rc.conf
# ---
# main4 - the main default interface with default ipv4 route
ifconfig_hn0="SYNCDHCP"
# main6 - the main default ipv6 interface with default ipv6 route
ifconfig_hn0_ipv6="inet6 fddd:dddd:dddd:1::6 prefixlen 64"
ipv6_defaultrouter="fddd:dddd:dddd:1::1"
# proxy4 - the second interface with 2 manual route to route to local and the test server
ifconfig_hn1="inet 192.168.90.90 netmask 255.255.255.0"
static_routes="r1 r2"
route_r1="-net 192.168.90.0/24 192.168.90.1"
route_r2="-host 172.22.22.22 192.168.90.1"
# proxy6 - a second ipv6 interface with a manul route to the test server 2708:1123:abcd:afcd::10
ifconfig_hn1_ipv6="inet6 fddd:aaaa:aaaa:1::90 prefixlen 64"
ipv6_static_routes="v3 v4"
# Routing to fddd:aaaa:aaaa:1::90 works, but fddd:aaaa:aaaa:1::1 doesn't work
ipv6_route_v3="fddd:aaaa:aaaa:1:: -prefixlen 64 fddd:aaaa:aaaa:1::90"
ipv6_route_v4="2708:1123:abcd:afcd:: -prefixlen 64 fddd:aaaa:aaaa:1::90"
# ---
# home network to main network card
ping main4 - works
ping6 main6 - works
ssh -6 main6 - works most of the time
# server to proxy network card
ping proxy4 -works
ping6 proxy6 - works
ssh -6 proxy6 - works on FreeBSD 14.2
ssh -6 proxy6 - did not work on FreeBSD 13.4
I also tested with ssh and sometimes it works and sometimes it doesn't. With the
latest FreeBSD as client and server ssh works. FreeBSD 13.4 as client would not
connect with ssh -6 to the test FreeBSD 14.2 router. With Debian 12.8 as a
client use ssh -6 user@main6 works most of the time, sometimes it doesn't connect
on the first try. This intermittent behavior is on the main6 interface with the
default route so probably not related to the dual routing.