I have situation LAN1—[RB750g]—[adsl1]----internet-----[adsl2]—[RB750g]—LAN2.
adsl = 8Mbit/512Kbit
in real it is cca 6Mbit / 600Kbit
fast enough for our purpose.
I have configured IPSec tunnel in between the RB750gs following the manual http://wiki.mikrotik.com/wiki/Manual:IP/IPsec
MTU for pppoe-out:
I did try a lot of values of MTU, finally I set-up 1492 according transfer speed and fragmentation measurements.
Fragmentation inside tunnel:
maximal possible packet size OUTside of tunnel (between public IPs) is 1452
maximal possible packet size INside if tunnel is 1402.
tested by ping
my calculation is Ethernet = 1500 B
PPPoE -8B = 1492
IP -8B = 1484
TCP -8B = 1476
ESP -14B = 1462
where is the 60B?
how to measure and avoid packet fragmentation into IPSec tunnel?
thanx for hints 