I have some transparent bridges set up between locations using EOIP over L2TP. I know I should be using BCP,a nd will be moving to that when I can, but this is what I've got for now. The issue I am having is MTU between sites is wrong, and I'm not able to send packets larger than ~1375 over the tunnel. Not sure where to start troubleshooting this - I have MRRU set to 1600 on the L2TP tunnels, and MTU ont he EOIP interfaces is set to 1500. Any help is appreciated!
As a side; can anyone confirm that I can transition to using BCP without breaking what is in place now? As in, can I begin configuring it without taking down the L2TP connections that are not set to use BCP?
Thanks again!
-
-
samsung172
Forum Guru
- Posts: 1193
- Joined:
- Location: Østfold - Norway
- Contact:
Re: Issue with MTU on EOIP over L2TP
do you control all sites between your l2tp tunnels= and know about the setup? Why have eoip over l2tp.? Use l2tp as a layer 2 protocol. much more stable.
Re: Issue with MTU on EOIP over L2TP
I do control all sites; I'd like to use BCP and remove the EOIP all together, but can't just yet. Going to try moving to it tonight, but am not sure how it will impact existing connections and such. I'll post my results here.
Re: Issue with MTU on EOIP over L2TP
I am not able to pass DHCP over the BCP link for some reason. Below are my configurations, your insights are very much appreciated!
CLIENT SIDE
PPP
Bridge
SERVER SIDE
PPP
Bridge
Interface
Really need this working, can't see where I'm going wrong. Next step is to build it in my lab and check the differences, but I know I've done this locally before without this sort of issue.
Thanks again!
CLIENT SIDE
PPP
Code: Select all
/ppp profile
set 0 change-tcp-mss=no name=default only-one=default remote-ipv6-prefix-pool=none use-compression=default use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=default add bridge=fgf-voice_br change-tcp-mss=yes name=default_l2tp only-one=default use-compression=default use-encryption=yes use-ipv6=no use-mpls=no use-vj-compression=default
Code: Select all
/interface bridge
add admin-mac=D4:CA:6D:71:66:BC ageing-time=5m arp=proxy-arp auto-mac=no disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 name=fgf-voice_br priority=0x8000 protocol-mode=rstp transmit-hold-count=6
/interface bridge port
add bridge=fgf-voice_br disabled=no edge=auto external-fdb=auto horizon=none interface=ether9 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
PPP
Code: Select all
/ppp profile
add bridge=fgf-lan_br change-tcp-mss=yes local-address=172.16.1.1 name=fgf_l2tp only-one=no use-encryption=yes use-ipv6=no use-mpls=no
/ppp secret
add name=fgf-l2tp_test password=xxx profile=fgf_l2tp remote-address=172.16.0.254 service=l2tpCode: Select all
/interface bridge
add admin-mac=D4:CA:6D:71:66:70 auto-mac=no l2mtu=1598 name=fgf-lan_br protocol-mode=rstp
/interface bridge port
add bridge=fgf-lan_br interface=ether10Code: Select all
/interface l2tp-server server
set default-profile=default-l2tp enabled=yes max-mru=1460 max-mtu=1460 mrru=1600Really need this working, can't see where I'm going wrong. Next step is to build it in my lab and check the differences, but I know I've done this locally before without this sort of issue.
Thanks again!
Re: Issue with MTU on EOIP over L2TP
I was able to get everything working; downgraded all routers to 5.0.25 and BCP took off. MTU between sites is still not where I'd like it, though. I don't know the exact number off the top of my head but its somewhere around 1420 that fragmentation happens. Two sites that I've noticed have less problems also are using DSL - these are the only two sites where the TCP MSS is changed (there is a rule created on both ends, as I assume the router thinks it's necessary). I will be attempting to do the same for other sites to see if this makes a difference this evening.
Re: Issue with MTU on EOIP over L2TP
Pings fragment at 1405bytes. Can anyone confirm that what I need to do is even possible the way I'm going about it?
-
-
samsung172
Forum Guru
- Posts: 1193
- Joined:
- Location: Østfold - Norway
- Contact:
Re: Issue with MTU on EOIP over L2TP
just do it simple. add your l2tp interface to a bridge. Use l2mtu of 1280. Will always work, and no trobble with mtu. PS, use the ""hack""
ros code
/ip firewall mangle
add action=change-mss chain=forward disabled=no new-mss=1280 passthrough=yes \
protocol=tcp tcp-flags=syn tcp-mss=1281-65535Re: Issue with MTU on EOIP over L2TP
Thanks, I will try this.
-
-
smellyspice
just joined
- Posts: 10
- Joined:
Re: Issue with MTU on EOIP over L2TP
@samsung172: What is the significance of 1280?
I've been having MTU issues trying to bridge a network over L2TP using BCP as described here(*1) I have had tons of errors. Your advice helped me - I can now load pages from our web server at the other end of the tunnel, although there are still a few errors showing on the interface, at least the pages load fully now, with minimal delay.
My setup is:
Lan -> [ L2TP -> PPPoE to ISP ] <-Internet-> [ L2TP ] <- Lan
[ ] = Mikrotik Router RB750 on left and MT x86 on right
*1 = http://wiki.mikrotik.com/wiki/Manual:BC ... _bridging)
Thanks,
-Rob
I've been having MTU issues trying to bridge a network over L2TP using BCP as described here(*1) I have had tons of errors. Your advice helped me - I can now load pages from our web server at the other end of the tunnel, although there are still a few errors showing on the interface, at least the pages load fully now, with minimal delay.
My setup is:
Lan -> [ L2TP -> PPPoE to ISP ] <-Internet-> [ L2TP ] <- Lan
[ ] = Mikrotik Router RB750 on left and MT x86 on right
*1 = http://wiki.mikrotik.com/wiki/Manual:BC ... _bridging)
Thanks,
-Rob