Jon,
that's one excellent performance! Will you post your configuration of IPIP or EOIP tunnels? Omit IP addresses and passwords and stuff like that, I'm interested in config of IPIP (it's very simple, but we haven't had success with it - performance was low) and mainly with MSS/MTU mangling - do you do any mangling at all? How?
thnx, mp3turbo.
We did mangle to correct for problems with MTU but have stopped. If the customer has a problem with PMTUD, we just set the MTU on IPIP to 1500 and let the packets fragment or we use EoIP which lets the packets fragment. The ones with MTU of 1440 are also going through PPTP tunnels at some point before they get to the customer. If we could get Mikrotik to support Ethernet cards with large MTU, then there would be no fragmenting at all!
On one of our routers, IPIP looks like this:
0 R name="tunnel-to-1" mtu=1480 local-address=10.16.0.65 remote-address=10.16.0.10
1 R name="tunnel-to-2" mtu=1480 local-address=10.16.0.65 remote-address=10.16.0.25
2 R name="tunnel-to-3" mtu=1480 local-address=10.16.0.65 remote-address=10.16.0.74
3 R name="tunnel-to-4" mtu=1440 local-address=10.16.0.65 remote-address=10.16.0.206
4 R name="tunnel-to-5" mtu=1480 local-address=10.16.0.65 remote-address=10.16.0.78
5 R name="tunnel-to-6" mtu=1480 local-address=***.7.1.10 remote-address=***.7.1.12
6 R name="tunnel-to-7" mtu=1440 local-address=10.16.0.65 remote-address=10.16.0.150
7 R name="tunnel-to-8" mtu=1500 local-address=10.16.0.65 remote-address=10.16.0.82
On the same router EoIP looks like this:
0 R name="eoip-1" mtu=1500 mac-address=00:00:5E:80:00:02 arp=enabled remote-address=10.16.0.138
tunnel-id=1
1 R name="eoip-2" mtu=1500 mac-address=00:00:05:80:00:04 arp=enabled
remote-address=10.16.0.142 tunnel-id=2
2 R name="eoip-3" mtu=1500 mac-address=00:00:05:80:00:05 arp=enabled remote-address=10.16.0.150
tunnel-id=3