Hi all,
Is it possible to implement MPLS/VPLS tunnels with Mikrotik RouterOS 7 over the internet to connect several remote offices to a central point? I am aware of the caveats involved, such as latency and jitter, but what else should I keep in mind? MTU?
I’m open to hearing your thoughts.
Kind regards!
Yes. It is possible to run MPLS over Layer 2 tunnels over the internet. Think GRE, openvpn, L2TP, openvpn, VXLAN, and Zerotier tunnels as examples.
Apart from which layer 2 tunnel type you use. Keep in mind the encryption overhead if going with GRE or L2TP or VXLAN. (usually openvpn, wireguard, or ipsec)
Zerotier does some “magic fragmenting” behind the scenes. Allowing MTU up to 2800 bytes over the tunnel. All other tunnel types. You would have to deal with usual MTU maximum of 1500 minus tunnel overhead. Expect for somewhere between 1370 - 1420 bytes over the tunnel after deducting encryption + layer 2 tunnel overhead.
Thank you for your response. I am considering different scenarios to meet the client’s requirement of connecting multiple branch offices to a central office, replacing their underperforming and expensive MPLS provider with a solution using regular dedicated internet providers and tunnels to achieve Layer 2 connectivity.
Considering that we are likely to have dynamic public IPs on the remote sites and a static public IP on the main site, I am considering VXLAN over IPSEC or VXLAN over WireGuard? What do you think? Any advice is much appreciated.