Hi there,
I have done some analysis of the EoIP protocol which supposedly uses GRE RFC specification (extended GRE)
There are few things which need to be considered:
The EoIP tunnel uses GRE as a basic system of encampsulating packets, however a protocol type field (16-32 bit of the GRE header) is set to 0x6400 which is something that is not specified in GRE RFC. The key field in the GRE header consists of two bytes of some (random?) number and the other two bytes is the tunnel id.
Now as I understand correctly, the standard GRE tunnel transports IP packets - that means that GRE payload starts with IP headers (version,header length, tos...), however with EoIP the payloads starts with L2 Ethernet header. This assumably makes the difference between EoIP and standard GRE we are used to - the goal has been to make the tunnel absolutely transparent to ethernet traffic.
With this information, some user-space implementation of EoIP should be possible also in a languages like Perl with Net::Write, however I am still not sure how EoIP GRE keys are being generated (the part which is not the tunnel id, but some other value).
If anyone from Mikrotik is reading this - do you think there is a possibility to reveal the design of EoIP? At least the algorithm how GRE tunnel keys are generated
?
And a wee note - Cisco uses their own implementation of EoIP for theiw WLC controllers - does anyone has any experience with that?