GRE Problems

Hi i have this problem is making me crazy.

I have a routerOS 5.22 running
2 local providers on BGP
1 provider over GRE (we use this to filter DDoS Attacks)

I Have 90% of my networks announced only to local providers, all work perfect.
the other 10% of my networks are announced to my filter provider using GRE+BGP, the filter is working perfectly, the problem is
when i try to access a webpage from one computer behind the filtered network i can access ony some pages like google, aol and others.
hotmail, yahoo, facebook, paypal are not loading. if i run ping to those domains i got echo answer.

i contacted my provider they say something with latency but i dont think this is the problem.
any idea?

Your problem is packetsize .
Try to find out what paketsize will pass your tunnel.
Then ser mangle rule at both ends and treat your big pakets to smaller size.


Gesendet von meinem HTC Flyer P510e mit Tapatalk 2

To expand on the previous answer sounds like the problem is being caused by the lower MTU on your GRE tunnel.

Are you blocking ICMP at all, as ICMP can deal with this (Path MTU Discovery). The other option might be clamping MSS on your TCP traffic, but this will not help with UDP.