Hi, as you play with EoIP/GRE tunnels (and basically any other tunnels) there is encapsulation in the game. with GRE it's 24 bytes overhead. e.g. if you transmit a normal ip packet which carries data, it will be added to the default 1500 bytes of IP MTU. this results a packet size bigger than the default MTU of the ethernet interfaces in most routers.
so after a packet has been GRE-encapsulated, the resulted packet must be fragmented. e.g. the second part will get a new IP header, and the two (or more in extreme cases) segments will be transmitted sequentially.
this is a cpu intensive task, and definitely will halve the packet forwarding rate.
if you can increase the MTU of the ethernet interfaces to accommodate bigger (baby giant) packets, it can be a solution. but you can't guarantee it throughout an uncontrolled network segment, say internet. so if it's just about "normal" ip traffic, which is in most cases TCP, you should make sure, that no big packets are transmitted.
you should decrease the MTU on the tunnel interfaces, but that's only the half of the job. you should lower the TCP max segment size (MSS) to a value which is low enough to be transmitted without fragmentation.
Say, 1460bytes of MSS + 20 bytes TCP header + 20 bytes IP header = 1500 byte.
if GRE is in the game, we start from 1500-24 bytes GRE header - 20 bytes original IP header - 20 bytes TCP header = 1436 bytes MSS. or to be safe, 1420. this can be accomplished on any side of the tunnel using firewall mangle rules, or if you run something post 6.26, clamp-mss=yes option is available on the tunnel interfaces. in this case you have to set the mtu of the tunnel down to 1476 so "auto-clamping" will choose the right MSS size.