MikroTik

Hello everyone,

We have an issue that has me a bit stumped at 2 sites out of 16. These sites are running 6.36 and 6.38. All others sites are running 5.x and work just fine. All these sites are using RB493G and have their own fiber internet connections. We have an CRS125-24G-1S that is used to to land EoIP tunnels on for the various sites to provide access to these local LANs when setting up a new machine for that site.

The issue: the two sites running the newer RouterOS versions will exhibit what looks like MTU issues when we have the tunnels enabled. Keep in mind that the issues are seen by users that do not traverse the tunnels. So the question is, How is it that this EoIP tunnel is causing issues with internet traffic when enabled and why is it only with the sites that are running 6.36 or 6.38 RouterOS?

Examples of what we see is that computers at those sites will have issues getting to SSL sites, RDP Secure connections don't work and random sites will not pull up. If we disable the tunnel, the issue goes away. Also ping of 1500 byte packets out to the internet fragment when the tunnel is enabled but do not when it is disabled.

What do you have the MTU set to?

I guess you EOIP interface is a member of the same bridge your local Ethernet interfaces are members of, and all your Internet traffic goes through this bridge interface. All bridges support the "auto mtu" feature since 6.20, which means if MTU of the bridge interface is not explicitly specified in your configuration, it is automatically determined as a lowest MTU among all bridge member interfaces.

The tunnel is part of the "LAN" bridge network. All internet traffic is going out ether9 and the LAN (ether2) and tunnel are on bridge1. So not sure why the traffic in/out ether9 would get impacted. The bridge MTU is not changeable and is "actual MTU 1500" and "L2 MTU 1520".