Re: [AFMUG] EOIP

> <mailto:ch...@wbmfg.com>> wrote: > Yep, just a private layer 2 pipe over the public internet. > > From: Josh Luthman <mailto:j...@imaginenetworksllc.com> > Sent: Wednesday, December 23, 2015 10:04 AM > To: af@afmug.com <mailto:af@afmug.com> > Subject: Re:

Re: [AFMUG] EOIP

3, 2015 11:17:02 AM Subject: Re: [AFMUG] EOIP On related subject when will Mikrotik support IKEv2?

Re: [AFMUG] EOIP

Many megabytes per second. EOIP isn't really that costly in terms of overhead. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Dec 23, 2015 at 11:28 AM, Chuck McCown wrote: > What kind of throughput can you expect from

[AFMUG] EOIP

What kind of throughput can you expect from an m’tik with encrypted EOIP?

Re: [AFMUG] EOIP

; *From:* Chuck McCown <ch...@wbmfg.com> > *Sent:* Wednesday, December 23, 2015 9:54 AM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] EOIP > > What is the cost for one of those routers? > > *From:* Keefe John <keefe...@ethoplex.com> > *Sent:* Wednesday, December 23

Re: [AFMUG] EOIP

* Wednesday, December 23, 2015 10:04 AM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] EOIP > > I'd expect most of the CCRs to do 1 gbps - there's a nice chart at the > bottom that shows small 64 byte packets and the throughput each model will > do. Assuming you're just carrying dat

Re: [AFMUG] EOIP

NEVA I had my fill of ikev2 on metarouter config using strongswan. KILL ME NOW ! On 12/23/2015 11:33 AM, Josh Luthman wrote: Soon (TM) Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Dec 23, 2015 at 12:30 PM, Keefe John

Re: [AFMUG] EOIP

Thanks From: Keefe John Sent: Wednesday, December 23, 2015 9:37 AM To: af@afmug.com Subject: Re: [AFMUG] EOIP Some guys did a test with encrypted EOIP and got 7.5 gbps with CCR1072s. http://www.stubarea51.net/2015/10/16/10-gbps-of-layer-2-throughput-is-possible-using-mikrotiks-eoip-tunnel

Re: [AFMUG] EOIP

What is the cost for one of those routers? From: Keefe John Sent: Wednesday, December 23, 2015 9:37 AM To: af@afmug.com Subject: Re: [AFMUG] EOIP Some guys did a test with encrypted EOIP and got 7.5 gbps with CCR1072s. http://www.stubarea51.net/2015/10/16/10-gbps-of-layer-2-throughput

Re: [AFMUG] EOIP

Silly question $2500 From: Chuck McCown Sent: Wednesday, December 23, 2015 9:54 AM To: af@afmug.com Subject: Re: [AFMUG] EOIP What is the cost for one of those routers? From: Keefe John Sent: Wednesday, December 23, 2015 9:37 AM To: af@afmug.com Subject: Re: [AFMUG] EOIP Some guys did

Re: [AFMUG] EOIP

maginenetworksllc.com> > *Sent:* Wednesday, December 23, 2015 9:57 AM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] EOIP > > I'll sell it to you for $2000... > > http://routerboard.com/CCR1036-8G-2SplusEM > > > Josh Luthman > Office: 937-552-2340 > Direct

Re: [AFMUG] EOIP

On related subject when will Mikrotik support IKEv2?

Re: [AFMUG] EOIP

Yep, just a private layer 2 pipe over the public internet. From: Josh Luthman Sent: Wednesday, December 23, 2015 10:04 AM To: af@afmug.com Subject: Re: [AFMUG] EOIP I'd expect most of the CCRs to do 1 gbps - there's a nice chart at the bottom that shows small 64 byte packets

Re: [AFMUG] EOIP

when is v7 coming? On 12/23/2015 11:18 AM, Josh Luthman wrote: v7 http://forum.mikrotik.com/viewtopic.php?f=1=90266 Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Dec 23, 2015 at 12:17 PM, Matt

Re: [AFMUG] EOIP

Soon (TM) Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Dec 23, 2015 at 12:30 PM, Keefe John wrote: > when is v7 coming? > > On 12/23/2015 11:18 AM, Josh Luthman wrote: > > v7 > >

Re: [AFMUG] EOIP

I wonder if this works on all M’tik routers (at lower rates of course). I have an application that needs perhaps 1 Gbps. From: Josh Luthman Sent: Wednesday, December 23, 2015 9:57 AM To: af@afmug.com Subject: Re: [AFMUG] EOIP I'll sell it to you for $2000... http://routerboard.com/CCR1036

Re: [AFMUG] EOIP

Some guys did a test with encrypted EOIP and got 7.5 gbps with CCR1072s. http://www.stubarea51.net/2015/10/16/10-gbps-of-layer-2-throughput-is-possible-using-mikrotiks-eoip-tunnel/ On 12/23/2015 10:30 AM, Josh Luthman wrote: Many megabytes per second. EOIP isn't really that costly in terms

Re: [AFMUG] EOIP

v7 http://forum.mikrotik.com/viewtopic.php?f=1=90266 Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Dec 23, 2015 at 12:17 PM, Matt wrote: > On related subject when will Mikrotik support IKEv2? >

Re: [AFMUG] EOIP with IPSEC throughput cut in haf

With eoip 1500 byte packets have to be fragmented. You should consider MPLS/VPLS. Von: Af [mailto:af-boun...@afmug.com] Im Auftrag von Adam Moffett Gesendet: Donnerstag, 12. November 2015 15:33 An: af@afmug.com Betreff: Re: [AFMUG] EOIP with IPSEC throughput cut in haf Watch

Re: [AFMUG] EOIP with IPSEC throughput cut in haf

Watch the statistics on the interface list.is it moving 60mbps on the wire while the speedtest is running 30mbps? Also, are you hitting 100% CPU on either end of the tunnel? The speed test is CPU heavy, and so is the tunnel. On 11/11/2015 11:44 PM, That One Guy /sarcasm wrote: So

Re: [AFMUG] EOIP with IPSEC throughput cut in haf

gt; > > > > *Von:* Af [mailto:af-boun...@afmug.com] *Im Auftrag von *Adam Moffett > *Gesendet:* Donnerstag, 12. November 2015 15:33 > *An:* af@afmug.com > *Betreff:* Re: [AFMUG] EOIP with IPSEC throughput cut in haf > > > > Watch the statistics on the interface list

Re: [AFMUG] EOIP with IPSEC throughput cut in haf

Yes. You cant do MPLS/VPLS over external IP network. Von: Af [mailto:af-boun...@afmug.com] Im Auftrag von That One Guy /sarcasm Gesendet: Donnerstag, 12. November 2015 17:25 An: af@afmug.com Betreff: Re: [AFMUG] EOIP with IPSEC throughput cut in haf i was running speedtest.net <h

Re: [AFMUG] EOIP with IPSEC throughput cut in haf

t;s...@genias.net> wrote: > Yes. You cant do MPLS/VPLS over external IP network. > > > > > > > > *Von:* Af [mailto:af-boun...@afmug.com] *Im Auftrag von *That One Guy > /sarcasm > *Gesendet:* Donnerstag, 12. November 2015 17:25 > *An:* af@afmug.com > *Betreff

[AFMUG] Eoip and mpls

More interested in eoip comments, but when are these two bad ideas, eoip with the ipsec in particular. I have two scenarios where eoip will be necessary to maintain upstream static routing between providers, one tunnel over the interwebs and one tunnel over our network since our providers are

Re: [AFMUG] Eoip and mpls

;thatoneguyst...@gmail.com> To: af@afmug.com Sent: Monday, October 19, 2015 1:28:53 AM Subject: [AFMUG] Eoip and mpls More interested in eoip comments, but when are these two bad ideas, eoip with the ipsec in particular. I have two scenarios where eoip will be necessary to maintain upstream

Re: [AFMUG] Eoip and mpls

If you dont need to bridge traffic you might look into ipip tunneling. Why transport MAC Headers where not needed … Von: Af [mailto:af-boun...@afmug.com] Im Auftrag von Mike Hammett Gesendet: Montag, 19. Oktober 2015 14:51 An: af@afmug.com Betreff: Re: [AFMUG] Eoip and mpls If it stays

Re: [AFMUG] Eoip and mpls

EoIP is non-standard, and while multiple platforms have it, they are probably not compatible. The main reason to do EoIP is if you need the entire layer2 header. I use it now and then to default a device, then bridge it's port with an EOIP tunnel back to my office so that I can access it from

Re: [AFMUG] Eoip and mpls

in the mikrotik implementation with ipsec, how much less "secure" than something like an ipsec VPN tunnel? For the most part, since its all routed traffic anyway, security isnt all that great a concern, other than maybe some snmp strings I cant think of much that would matter We do have an

Re: [AFMUG] Eoip and mpls

quot;That One Guy /sarcasm" <thatoneguyst...@gmail.com> >> *To: *af@afmug.com >> *Sent: *Monday, October 19, 2015 2:09:12 PM >> *Subject: *Re: [AFMUG] Eoip and mpls >> >> >> I plan on MPLS internally over the OSPF network, at least I think thats >

Re: [AFMUG] Eoip and mpls

ent Computing Solutions > http://www.ics-il.com > > -- > *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> > *To: *af@afmug.com > *Sent: *Monday, October 19, 2015 2:09:12 PM > *Subject: *Re: [AFMUG] Eoip and mpls > >

Re: [AFMUG] Eoip and mpls

@afmug.com <mailto:af@afmug.com> *Sent: *Monday, October 19, 2015 2:09:12 PM *Subject: *Re: [AFMUG] Eoip and mpls I plan on MPLS internally over the OSPF network, at least I think thats what I should do. We have a bunch of customers with more t

Re: [AFMUG] Eoip and mpls

I plan on MPLS internally over the OSPF network, at least I think thats what I should do. We have a bunch of customers with more than two sites that would benefit. Right now, for the upstream tunnel, since we dont currently have any BGP, I am planning on the EOIP tunnel being part of the OSPF

Re: [AFMUG] Eoip and mpls

Wow cool. On 10/19/2015 1:37 PM, Mathew Howard wrote: Here we go - from the .30 changelog: *) tunnels - eoip, eoipv6, gre,gre6, ipip, ipipv6, 6to4 tunnels have new property - ipsec-secret - for easy setup of ipsec encryption and authentication; On Mon, Oct 19, 2015 at 12:34 PM, Mathew

Re: [AFMUG] Eoip and mpls

You can layer EoIP over top of another VPN for security and I usually use PPTP for this as I can see if the link is connected and for how long. If you aren't familiar with MPLS, EoIP is a lot easier to debug and doesn't require your entire network to be running MPLS. Running across CCRs, I can't

Re: [AFMUG] Eoip and mpls

Here we go - from the .30 changelog: *) tunnels - eoip, eoipv6, gre,gre6, ipip, ipipv6, 6to4 tunnels have new property - ipsec-secret - for easy setup of ipsec encryption and authentication; On Mon, Oct 19, 2015 at 12:34 PM, Mathew Howard wrote: > I'm pretty sure

Re: [AFMUG] Eoip and mpls

To: af@afmug.com Sent: Monday, October 19, 2015 2:09:12 PM Subject: Re: [AFMUG] Eoip and mpls I plan on MPLS internally over the OSPF network, at least I think thats what I should do. We have a bunch of customers with more than two sites that would benefit. Right now, for the upstream tunne

Re: [AFMUG] Eoip and mpls

So what is this doing? *ipsec-secret* (*string*; Default: )When secret is specified, router adds dynamic ipsec peer to remote-address with pre-shared key and policy with default values (by default phase2 uses sha1/aes128cbc). Both local-address and remote-address of the tunnel must be specified

Re: [AFMUG] Eoip and mpls

I'm pretty sure you can use encryption with EoIP these days... it's a fairly recent addition, if I remember right. On Mon, Oct 19, 2015 at 12:29 PM, That One Guy /sarcasm < thatoneguyst...@gmail.com> wrote: > So what is this doing? > > *ipsec-secret* (*string*; Default: )When secret is

Re: [AFMUG] Eoip and mpls

One Guy /sarcasm" <thatoneguyst...@gmail.com <mailto:thatoneguyst...@gmail.com>> *To: *af@afmug.com <mailto:af@afmug.com> *Sent: *Monday, October 19, 2015 2:09:12 PM *Subject: *Re: [AFMUG] Eoip and mpls I plan on MPLS internally over th

Re: [AFMUG] Eoip and mpls

s >>> http://www.ics-il.com >>> >>> -- >>> *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> >>> *To: *af@afmug.com >>> *Sent: *Monday, October 19, 2015 2:09:12 PM >>> *Subject: *Re

Re: [AFMUG] Eoip and mpls

100% less secure. There's no encryption at all in EoIP. On 10/19/2015 11:44 AM, That One Guy /sarcasm wrote: in the mikrotik implementation with ipsec, how much less "secure" than something like an ipsec VPN tunnel? For the most part, since its all routed traffic anyway, security isnt all

Re: [AFMUG] EoIP over fiber - high latency?

*Sent:* Wednesday, December 10, 2014 5:17 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] EoIP over fiber - high latency? Could you elaborate on this? We have a couple EOIP links across other networks and have never adjusted the MTU anywhere. I just pulled up the EOIP interfaces on each router

Re: [AFMUG] EoIP over fiber - high latency?

, December 11, 2014 8:35:41 AM Subject: Re: [AFMUG] EoIP over fiber - high latency? So looks like this may be a reason not to use UBNT stuff for our backup links. Looks like the highest I can set the MTU is 1515 on a couple units and 1524 on another. Neither capable of 1528 or more. I'll have

Re: [AFMUG] EoIP over fiber - high latency?

Intelligent Computing Solutions http://www.ics-il.com -- *From: *Kade Sullivan via Af af@afmug.com *To: *af@afmug.com *Sent: *Thursday, December 11, 2014 8:35:41 AM *Subject: *Re: [AFMUG] EoIP over fiber - high latency? So looks like this may be a reason not to use UBNT

Re: [AFMUG] EoIP over fiber - high latency?

Of Mike Hammett via Af Sent: Thursday, December 11, 2014 9:39 AM To: af@afmug.com Subject: Re: [AFMUG] EoIP over fiber - high latency? You have old, old units. The new ones do 2024 or better. Still Rocket Ms. They changed that 2 - 3 years ago. - Mike Hammett Intelligent Computing Solutions

Re: [AFMUG] EoIP over fiber - high latency?

-boun...@afmug.com] On Behalf Of Mike Hammett via Af Sent: Thursday, December 11, 2014 9:39 AM To: af@afmug.com Subject: Re: [AFMUG] EoIP over fiber - high latency? You have old, old units. The new ones do 2024 or better. Still Rocket Ms. They changed that 2 - 3 years ago. - Mike

Re: [AFMUG] EoIP over fiber - high latency?

: Wednesday, December 10, 2014 4:25 PM To: af@afmug.com Subject: [AFMUG] EoIP over fiber - high latency? So I have an EoIP tunnel setup over two fiber connections for a customer, I am seeing high latency over the tunnel any idea? MTU Issue? Using RB1100AHx2 on both ends.

Re: [AFMUG] EoIP over fiber - high latency?

*To:* af@afmug.com *Subject:* [AFMUG] EoIP over fiber - high latency? So I have an EoIP tunnel setup over two fiber connections for a customer, I am seeing high latency over the tunnel any idea? MTU Issue? Using RB1100AHx2 on both ends.

Re: [AFMUG] EoIP over fiber - high latency?

[mailto:af-boun...@afmug.com] *On Behalf Of *Erich Kaiser via Af *Sent:* Wednesday, December 10, 2014 4:25 PM *To:* af@afmug.com *Subject:* [AFMUG] EoIP over fiber - high latency? So I have an EoIP tunnel setup over two fiber connections for a customer, I am seeing high latency over

Re: [AFMUG] EoIP over fiber - high latency?

Subject: Re: [AFMUG] EoIP over fiber - high latency? Could you elaborate on this? We have a couple EOIP links across other networks and have never adjusted the MTU anywhere. I just pulled up the EOIP interfaces on each router and they are all set for 1500. Should we be increasing this number

Re: [AFMUG] EoIP over fiber - high latency?

: [AFMUG] EoIP over fiber - high latency? Could you elaborate on this? We have a couple EOIP links across other networks and have never adjusted the MTU anywhere. I just pulled up the EOIP interfaces on each router and they are all set for 1500. Should we be increasing this number as a best

Re: [AFMUG] EoIP over fiber - high latency?

[mailto:af-boun...@afmug.com] On Behalf Of Kade Sullivan via Af Sent: Wednesday, December 10, 2014 5:17 PM To: af@afmug.com Subject: Re: [AFMUG] EoIP over fiber - high latency? Could you elaborate on this? We have a couple EOIP links across other networks and have never adjusted the MTU anywhere. I