I need to traverse an untrusted ethernet (short wireless link.) I want both sides of the link on the same sub-net.

I know I can use EoIP or L2TP, but it seems that wrapping and unwrapping L2 in L3 adds a lot of overhead. This isn't a critical application and that would likely work fine, but i'd like to understand how to get the best performance rather than the least implementation effort.

My first thought was PPPoE, but I don't see a way to enable encryption in that case. It also seems to be substituting one set of encapsulation for another.

I'm looking for what FM to R.

Thanks in advance,

Rich

I need to traverse an untrusted ethernet (short wireless link.)

By "wireless" do you mean WiFi, or something else?

If WiFi, and you're worried about snooping by the other clients on the same net, your APs may have the ability to set up a secondary SSID, which gets you a separately-encrypted network, assuming you pair it with WPA2-PSK or similar. Now your L2 is encrypted. Yay!

I want both sides of the link on the same sub-net.

Why? Routing between subnets is what routers do. Separate subnets on each side of an inter-building link is the normal way things are done, so it's the way routers work best.

If you have a specific thing that will fail unless you put everything on the same subnet with transparent L2 forwarding, name it. I'll bet you get answers showing how that problem is easily overcome.

I know I can use EoIP or L2TP

Neither tunnelling method supports encryption in itself. If you want encrypted EoIP, you run it over encrypted L2, which brings us right back to your question. For L2TP, that's normally paired with IPsec to get encryption.

wrapping and unwrapping L2 in L3 adds a lot of overhead.

Some, yes, but the encryption itself likely contributes more to any benchmark differences.

My first thought was PPPoE

I think you're confusing encrypted data transport with encrypted authentication. Once the CHAP or whatever stage is over, PPPoE is unencrypted.

[PPPoE] also seems to be substituting one set of encapsulation for another.

Yeah, 8 octets per Ethernet frame. If you want to get it to zero, run a cable.

For encryption at layer2 you need to be looking at MACsec. Note that if you bridge your subnet at either end and the untrusted link they will all be in the same broadcast domain with all the usual limitations, you should be able to avoid some of that using VLANs if the untrusted link supports them.

Otherwise you will have to put up with the overhead of encapsulating layer2 in layer3 and using IPsec to encrypt the encapsulated data - so EoIP, VPLS (atop MPLS), L2TPv3 or VXLAN. Note L2TP (vs. L2TPv3) only transports PPP, which normally contains IP and/or IPv6 payloads, but may optionally transport layer2 ethernet using BCP.

I think you're confusing encrypted data transport with encrypted authentication. Once the CHAP or whatever stage is over, PPPoE is unencrypted.

Not necessarily - PPPoE supports MPPE for data encryption, not that 40-bit or 128-bit RC4 can be considered secure these days.

…or VXLAN

Good add.

I chose not to mention ZeroTier in my prior post because it's kinda silly to involve a cloud service for a "short wireless link," but then I remembered the new ZeroTier controller feature just added to the ROS 7.3 public beta line. It isn't zero-overhead, but it does what the OP says he wants otherwise.

PPPoE supports MPPE for data encryption

In RouterOS? The only search results for that in the docs are for L2TP and PPTP.

Yes, pppoe can use "MPPE128 stateless"

https://wiki.mikrotik.com/wiki/Manual:I ... ature_list

Ah. I was looking in the new manual. Silly me.