I'm having a hard time finding all the values to calculate exactly how much overhead is used, and also the optimal TCP MSS value
Essentially I want to run PPPoE over EoIP over one of the VPN options so that it works behind NAT
I know that fragmentation will occur but I want to calculate the overhead losses for the biggest possible frame size and at least try and mitigate some fragmentation with the correct TCP MSS size
I still don't know which is the best way to go about it. I need the data to be encrypted as well, should I be using...
- PPTP + EoIP/IPsec
- L2TP/IPsec + EoIP
- L2TP + EoIP/IPSec
- SSTP + EoIP
- IPSec/IKEv2 + EoIP
The less encapsulations the better. So let's translate your list to highlight this:
- PPTP + EoIP/IPsec => EoIP over IPsec over PPTP
- L2TP/IPsec + EoIP => EoIP over L2TP over IPsec (causing issues if two such clients are NATed to the same public address, see the reason and the solution)
- L2TP + EoIP/IPSec => EoIP over IPsec over L2TP
- SSTP + EoIP => EoIP over SSTP
- IPSec/IKEv2 + EoIP => EoIP over IPsec
So the real choice should be among the last two. SSTP is somewhat simpler to understand and configure but it uses TCP as transport which makes it a bad choice for any UDP based real-time application (such as VoIP or video streaming using UDP); it has its drawbacks also for TCP applications, and I'm afraid that PPPoE is closer to UDP in terms of preferred handling of packet loss.
So my choice would definitely be the last one.