Van - Made the switch

1. I am paying for some hosting services that I probably should be just serving out of my basement (e.g. mail, etc.) However, given the TOS of my ISP I was SOL as they are blocking some necessary ports (tcp 25, for starters). Wouldn’t it be nice to have a bridgehead server out there in “real” internet land that I could establish the necessary secure tunnels to, and relay in and out the various traffic?
2.  
3. My general OS preference for providing network services, in descending order of preference is
4.  
5. 1) OpenBSD (currently running on all my firewalls)
6. 2) FreeBSD
7. 3) OSX
8. 4) sharp stick in eye
9. 5) some manner of Linux
10. 6) give up, can’t be done
11. 7) Windows
12.  
13. Bsdvm.com appears to have gone away, and they offered native OpenBSD support. So I figured what the heck, let me try a FreeBSD vm at Digital Ocean, since they offer native support (where did I here about those folks, I wonder). After some trials and tribulations, and setting up pfsense on a home vm to act as an offline CA (easyrsa was not playing nice), I got my tunnels up, but was having a devil of a time getting inbound traffic through a double nat and down to a local mail server.
14.  
15. In a moment of desperation, I googled “openbsd digital ocean” and followed the first link I found (kudos to http://www.tubsta.com/2015/04/openbsd-on-digital-ocean/). Albeit dated, it worked, and was really simple. I deviated from the instructions in that I was installing 5.8 (yeah but haven’t upgraded my other firewalls yet). and I chose auto disk layout. Worked like a charm. The only glitch I encountered was that dhcp didn’t work, and you are using miniroot, so your network interface needs to work in order to get the various packages necessary to complete the install.
16.  
17. Life is good, I’m using a single nat plus relayd, and everything is going according to plan. And I didn’t even get close to having to sharpen a stick.
18.  
19. Keep up the great show!
20.  
21. Van Z