IPSec IPIP tunnel

Guys just quick question

I got 2xRB4011 on 2 sites. Got the linked by IPSEC Tunnel IPIP, I think I observe weird behavior and trying to figure out what’s going on, but IPIP connects on MTU 1418, while rest of the network and of course internet connection is 1500.

Can it have any influence? Result : One site (not sure if second too, not much there) from time to time hangs “www” traffic, ping works, dns works just pages can’t be loaded. I was looking around and that’s the only thing which I’m trying to figure out.

Got “Waiting for a cache…” in browsers, while I can ping IP addresses and ping all domains.

MTU 1418, while rest of the network and of course internet connection is 1500

.
you build a tunnel inside a tunnel … you build a bridge over a bridge … this is what happens !
.
A fat man creeping though a tunnel, should be aware of the problem, … before forwarding.
.
maybe you should check:
http://forum.mikrotik.com/t/how-to-configure-ip-tcp-adjust-mss-on-mikrotik/113698/1

I think I found a mistake … I created 2 tunnels : IPIP and IPSEC, instead of one tunnel IPIP encrypted by IPSEC…

Wrong entries in IPSEC addresses. I put external IP instead of local IPs… Tunnel connected on 1480, and all problems seems to be gone.