Re: [Mikrotik] EoIP Tunnel Help

2010-07-28 Thread Rory McCann 
I made the adjustments as suggested - it improved performance slightly 
(about 3x), but still well below what I was expecting.


I'll give your tutorial a go in the near future and see how that works 
minus the EoIP tunnel.


Thanks!

Rory McCann
Minn-Kota Ag Products
/r...@mkap.com/ 

On 7/27/2010 12:50 AM, Butch Evans wrote:

On Wed, 2010-07-21 at 15:18 -0500, Rory McCann wrote:
   

The only thing I can think of is MTU/MRU funkiness. The Qwest PPPoE
client is now set at 1492 and the eoip and pptp tunnels are at 1500.
 

I didn't read all posts in this thread.  Are you bridging 2 networks by
using a pptp tunnel with eoip inside this tunnel?  If so, that will
cause all sorts of funky mtu issues.  Try this first:
http://blog.butchevans.com/2009/12/how-to-bridge-distant-networks-using-routeros-and-pptp/

That tutorial will show how to create the same thing, but eliminates the
MTU issues (or part of them).

Couple of things you can try here:

If the pppoe interface is running 1492 for it's MTU, then you need to
set the pptp tunnel with MTU lower than that.  The mss value for that
pppoe tunnel is 1452, which is the value I use for the MTU of the pptp
tunnel.  Then, you can set the MRRU on both ends of the pptp tunnel to
1528 (1500 + 28 bytes for ethernet/vlan/etc header) and still transport
a full ethernet packet.

I know this is a rather terse answer, but it should give you a starting
point.

   

-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] EoIP Tunnel Help

2010-07-26 Thread Butch Evans 
On Wed, 2010-07-21 at 15:18 -0500, Rory McCann wrote: 
> The only thing I can think of is MTU/MRU funkiness. The Qwest PPPoE 
> client is now set at 1492 and the eoip and pptp tunnels are at 1500.

I didn't read all posts in this thread.  Are you bridging 2 networks by
using a pptp tunnel with eoip inside this tunnel?  If so, that will
cause all sorts of funky mtu issues.  Try this first:
http://blog.butchevans.com/2009/12/how-to-bridge-distant-networks-using-routeros-and-pptp/

That tutorial will show how to create the same thing, but eliminates the
MTU issues (or part of them).  

Couple of things you can try here:

If the pppoe interface is running 1492 for it's MTU, then you need to
set the pptp tunnel with MTU lower than that.  The mss value for that
pppoe tunnel is 1452, which is the value I use for the MTU of the pptp
tunnel.  Then, you can set the MRRU on both ends of the pptp tunnel to
1528 (1500 + 28 bytes for ethernet/vlan/etc header) and still transport
a full ethernet packet.

I know this is a rather terse answer, but it should give you a starting
point.

-- 

* Butch Evans   * Professional Network Consultation*
* http://www.butchevans.com/* Network Engineering  *
* http://store.wispgear.net/* Wired or Wireless Networks   *
* http://blog.butchevans.com/   * ImageStream, Mikrotik and MORE!  *


___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] EoIP Tunnel Help

2010-07-21 Thread Rory McCann 
The issue was infact a missing route. I made a few small changes and was 
able to get the tunnels to come up and pass traffic, however all of the 
data being transmitted is very, very slow.


The remote end will actually be accessing the internet through the 
tunnel since they will be assigned an IP from the DHCP server at our 
main office. Traffic is barely breaking 150Kbps (as in 3x faster than 
dialup). I should be seeing almost 1.5Mbps from this connection. Any 
ideas why this might be happening?


The only thing I can think of is MTU/MRU funkiness. The Qwest PPPoE 
client is now set at 1492 and the eoip and pptp tunnels are at 1500.


Rory McCann
Minn-Kota Ag Products
/r...@mkap.com/ 

On 7/19/2010 6:30 PM, james wrote:

Looks like there is a routing issue if you cannot ping the remote PPTP
tunnel IP with the "any" interface

   

-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] EoIP Tunnel Help

2010-07-20 Thread Rory McCann 
I guess I figured as long as we're dealing with static internal IPs that 
can be reached when the PPTP tunnel is established I could work around a 
dynamic WAN IP address. I made the bridge with the EoIP tunnels and the 
specified interfaces with a matching remote ID, etc.


The only other thing I can think of that I haven't tried is changing the 
MTU. Right now the EoIP tunnel and PPTP tunnel are set to 1500, but I 
think the PPPoE client into Qwest is set to 1480 - I don't know if it 
will break things to change this to 1500, but I've seen mismatched MTU 
settings cause strange issues before.



On 7/19/2010 5:44 PM, Josh Luthman wrote:

First question: do you need to have a static public IP address at both ends
 

of the tunnel for it to work properly? I'll try to explain my set up with as
much detail as possible.

Kind of.  The config points to an IP.  If the IP changes you'll need to
update the config.  You can write a script to combat this (kind of a
hassle...)

Config is pretty much just make a new bridge, include said eoip tunnel and
the interface to bridge and then make the eoip tunnel config match (that is
tunnel ID and destined IP).

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373


On Mon, Jul 19, 2010 at 6:40 PM, Rory McCann  wrote:

   

Hi Everyone,

I'm trying to set up an EoIP tunnel between my main location and a remote
office and am having a little difficulty making it work. I was able to get
it to work in lab, but I can't seem to make it work in the real world.

First question: do you need to have a static public IP address at both ends
of the tunnel for it to work properly? I'll try to explain my set up with as
much detail as possible.

I've got a RB1000 with 5 public IPs and 4 different subnets, all restricted
communication via firewall rules. I'm trying to bridge access into my
primary subnet which is 192.168.1.0/24. All of my PPTP connections come in
and are assigned an IP address in the 192.168.2.0/28 range - communication
with the 192.168.1.0/24 subnet is allowed through the firewall rules and I
have no problems with access here.

I've set aside a PPTP username for the remote office, given it a static IP
on the 2.x subnet and the PPTP tunnel comes up fine. The part I'm confused
on is with the EoIP tunnel and the remote endpoint IP addresses I should be
using. On my RB1000 (192.168.1.254) I have the remote endpoint as
192.168.2.11, the IP of the PPTP client for the remote office. At the remote
office (an RB750) I've got the endpoint set to 192.168.1.254, figuring once
the PPTP tunnel is up it should see this IP address just fine. No dice.

Even when I disable the EoIP tunnel and try to ping from winbox, I can only
ping something on my 1.x subnet when I specifically set the PPTP Tunnel as
the interface (instead of using "any").

The remote end is a DSL connection that uses PPPoE.

I guess at this stage I'm just looking for a few pointers as to how this
*should* be set up.

Thanks!
Rory McCann
Minn-Kota Ag Products
-- next part --
An HTML attachment was scrubbed...
URL:<
http://www.butchevans.com/pipermail/mikrotik/attachments/20100719/48a692dd/attachment.html
 
   

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

 

-- next part --
An HTML attachment was scrubbed...
URL:
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
   

-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] EoIP Tunnel Help

2010-07-20 Thread Rory McCann 
What interface would I want to assign this IP to - my 1.x interface or 
my WAN?


On 7/19/2010 6:30 PM, james wrote:

Use the PPTP tunnel IP's as the remote endpoints.
You should assign an IP address for the PPTP server in the same range as the
PPTP client...ie 192.168.2.200 and 192.168.2.11.

   

-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] EoIP Tunnel Help

2010-07-19 Thread james 
You do not necessarily have to use public IP's but you do need to ping both
ends of the tunnel.

Looks like there is a routing issue if you cannot ping the remote PPTP
tunnel IP with the "any" interface

Use the PPTP tunnel IP's as the remote endpoints.
You should assign an IP address for the PPTP server in the same range as the
PPTP client...ie 192.168.2.200 and 192.168.2.11.



-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Rory McCann
Sent: 20 July 2010 12:41 AM
To: 'Mikrotik discussions'
Subject: [Mikrotik] EoIP Tunnel Help

Hi Everyone,

I'm trying to set up an EoIP tunnel between my main location and a 
remote office and am having a little difficulty making it work. I was 
able to get it to work in lab, but I can't seem to make it work in the 
real world.

First question: do you need to have a static public IP address at both 
ends of the tunnel for it to work properly? I'll try to explain my set 
up with as much detail as possible.

I've got a RB1000 with 5 public IPs and 4 different subnets, all 
restricted communication via firewall rules. I'm trying to bridge access 
into my primary subnet which is 192.168.1.0/24. All of my PPTP 
connections come in and are assigned an IP address in the 192.168.2.0/28 
range - communication with the 192.168.1.0/24 subnet is allowed through 
the firewall rules and I have no problems with access here.

I've set aside a PPTP username for the remote office, given it a static 
IP on the 2.x subnet and the PPTP tunnel comes up fine. The part I'm 
confused on is with the EoIP tunnel and the remote endpoint IP addresses 
I should be using. On my RB1000 (192.168.1.254) I have the remote 
endpoint as 192.168.2.11, the IP of the PPTP client for the remote 
office. At the remote office (an RB750) I've got the endpoint set to 
192.168.1.254, figuring once the PPTP tunnel is up it should see this IP 
address just fine. No dice.

Even when I disable the EoIP tunnel and try to ping from winbox, I can 
only ping something on my 1.x subnet when I specifically set the PPTP 
Tunnel as the interface (instead of using "any").

The remote end is a DSL connection that uses PPPoE.

I guess at this stage I'm just looking for a few pointers as to how this 
*should* be set up.

Thanks!
Rory McCann
Minn-Kota Ag Products
-- next part --
An HTML attachment was scrubbed...
URL:

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] EoIP Tunnel Help

2010-07-19 Thread Josh Luthman 
>First question: do you need to have a static public IP address at both ends
of the tunnel for it to work properly? I'll try to explain my set up with as
much detail as possible.

Kind of.  The config points to an IP.  If the IP changes you'll need to
update the config.  You can write a script to combat this (kind of a
hassle...)

Config is pretty much just make a new bridge, include said eoip tunnel and
the interface to bridge and then make the eoip tunnel config match (that is
tunnel ID and destined IP).

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373


On Mon, Jul 19, 2010 at 6:40 PM, Rory McCann  wrote:

> Hi Everyone,
>
> I'm trying to set up an EoIP tunnel between my main location and a remote
> office and am having a little difficulty making it work. I was able to get
> it to work in lab, but I can't seem to make it work in the real world.
>
> First question: do you need to have a static public IP address at both ends
> of the tunnel for it to work properly? I'll try to explain my set up with as
> much detail as possible.
>
> I've got a RB1000 with 5 public IPs and 4 different subnets, all restricted
> communication via firewall rules. I'm trying to bridge access into my
> primary subnet which is 192.168.1.0/24. All of my PPTP connections come in
> and are assigned an IP address in the 192.168.2.0/28 range - communication
> with the 192.168.1.0/24 subnet is allowed through the firewall rules and I
> have no problems with access here.
>
> I've set aside a PPTP username for the remote office, given it a static IP
> on the 2.x subnet and the PPTP tunnel comes up fine. The part I'm confused
> on is with the EoIP tunnel and the remote endpoint IP addresses I should be
> using. On my RB1000 (192.168.1.254) I have the remote endpoint as
> 192.168.2.11, the IP of the PPTP client for the remote office. At the remote
> office (an RB750) I've got the endpoint set to 192.168.1.254, figuring once
> the PPTP tunnel is up it should see this IP address just fine. No dice.
>
> Even when I disable the EoIP tunnel and try to ping from winbox, I can only
> ping something on my 1.x subnet when I specifically set the PPTP Tunnel as
> the interface (instead of using "any").
>
> The remote end is a DSL connection that uses PPPoE.
>
> I guess at this stage I'm just looking for a few pointers as to how this
> *should* be set up.
>
> Thanks!
> Rory McCann
> Minn-Kota Ag Products
> -- next part --
> An HTML attachment was scrubbed...
> URL: <
> http://www.butchevans.com/pipermail/mikrotik/attachments/20100719/48a692dd/attachment.html
> >
> ___
> Mikrotik mailing list
> Mikrotik@mail.butchevans.com
> http://www.butchevans.com/mailman/listinfo/mikrotik
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> RouterOS
>
-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS