[143065] in North American Network Operators' Group
Re: Comcast Bussiness Class and GRE Tunnels
daemon@ATHENA.MIT.EDU (Denys Fedoryshchenko)
Wed Jul 27 05:17:32 2011
To: <nanog@nanog.org>
Date: Wed, 27 Jul 2011 12:17:16 +0300
From: Denys Fedoryshchenko <denys@visp.net.lb>
In-Reply-To: <4E2ED839.5090709@blastcomm.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 26 Jul 2011 10:07:37 -0500, Nate Burke wrote:
> Hello, I'm hoping that someone here might have run into a similar
> issue and might be able to offer me some pointers.
...
>
> Anyone with Insights or comments would be appreciated.
Mikrotik EOIP are not following standards, it is just their own hack,
so it is very possible that some SPI in Comcast breaking it.
Additionally some Mikrotik versions doesn't work properly with their
own EOIP even, plus it has fragmentation issues. Fragmentation issues
usually appears on large transfers, such as "stalling" sessions.
I wrote my own implementation of Mikrotik EOIP for Linux, so i know
what i am talking about, also in same code i wrote alternative tunnel,
that has much less overhead than EOIP (compression + packets
aggregation), but sure you need linux both side.
I can recommend you to try to use openvpn, if you are "Mikrotik only".
At least it doesn't have fragmentation issues, as IPIP/GRE/PPTP has, and
also it will run smoothly over NAT/SPI. Cons, that it is a bit more
laggy, because it runs over TCP.
---
System administrator
Denys Fedoryshchenko
Virtual ISP S.A.L.
