Community discussions

MikroTik App
 
F1le
just joined
Topic Author
Posts: 16
Joined: Tue Nov 21, 2017 1:35 am

IPSec IPIP tunnel

Sat May 02, 2020 5:43 pm

Guys just quick question

I got 2xRB4011 on 2 sites. Got the linked by IPSEC Tunnel IPIP, I think I observe weird behavior and trying to figure out what's going on, but IPIP connects on MTU 1418, while rest of the network and of course internet connection is 1500.

Can it have any influence? Result : One site (not sure if second too, not much there) from time to time hangs "www" traffic, ping works, dns works just pages can't be loaded. I was looking around and that's the only thing which I'm trying to figure out.

Got "Waiting for a cache..." in browsers, while I can ping IP addresses and ping all domains.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 253
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: IPSec IPIP tunnel

Sat May 02, 2020 11:47 pm

MTU 1418, while rest of the network and of course internet connection is 1500
.
you build a tunnel inside a tunnel ... you build a bridge over a bridge ... this is what happens !
.
A fat man creeping though a tunnel, should be aware of the problem, ... before forwarding.
.
maybe you should check:
viewtopic.php?t=127363
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
F1le
just joined
Topic Author
Posts: 16
Joined: Tue Nov 21, 2017 1:35 am

Re: IPSec IPIP tunnel

Sun May 03, 2020 12:48 am

I think I found a mistake ... I created 2 tunnels : IPIP and IPSEC, instead of one tunnel IPIP encrypted by IPSEC...

Wrong entries in IPSEC addresses. I put external IP instead of local IPs... Tunnel connected on 1480, and all problems seems to be gone.

Who is online

Users browsing this forum: Google [Bot] and 34 guests