At least once a day, sometimes two-four times per day, my IPIP tunnel drops..
The log (on default settings) simply says
Feb/18/2022 05:08:59 interface, info ipip-Storm link down
Feb/18/2022 05:11:25 interface, info ipip-Storm link up
Using IPIP because GRE wouldn’t come up at all and L2TP-Client was slow - maximum transfer of 20 mbps, IPIP seems to be capped around 100 mbps (of 500), which, while not ideal, is acceptable.
This is between a CCR1009 and a RB750Gr3. What (logging) options should I enable to try and figure out why, without being overwhelmed with non-useful data?
My first choice would be L2TP but there are many posts here about L2TP being slow, also many posts about issues with GRE..
Star topology, the central hub uses static IPs, the nodes are dynamic and static.
You mention dynamic addresses of nodes, could that be related? Besides, if there are dynamic addresses, I suppose you use DDNS (Mikrotik Cloud DNS or other) as IPIP’s remote-address, there may also be a delay when updating the DDNS data.
An IPIP tunnel is always shown as running unless you use a keepalive (which is the default); the tunnel is considered down if there is no response to N keepalive requests in a row. So logging wouldn’t help you much, but sniffing could, ideally at both ends, to see whether the requests or the responses are lost. But it is not likely you’ll learn why they are lost, it will just show you whether the reason is internal (like bandwidth limitations) or external (packets dropped by ISP).
IP hadn’t changed, and doesn’t match up with the DHCP lease timeout (yes, halfway through the lease when it tries to renew). DHCP lease is 48 hours but this is happening two-three times a day.
I have the IPIP tunnel set via IP. Other traffic doesn’t drop.
I will try turning off keepalives and see if that helps.. Might try that on my stubborn GRE tunnels too.
I’m trying L2TP with IPSec now too, it seems faster with than without, so I will keep experimenting.