hi, this is my current site-site layer 2 setup:
xxxxxxxxxxxx
┌──────┐ x x WAN via PPPoE
│Router├─────x INTERNET x─────────────┐
└──┬───┘ x x │
│ xxxxxxxxxxxx │
WAN│ │
┌──────────────────┴─┐ ┌───────────────┴──────┐
│OpnSense I │ │OpnSense II │
│ │ WireGuard VPN │ │
│ ┌────────┐ │================│ ┌────────┐ │
│ │ BRIDGE ├─────────┼────────────────┼─────────┤ BRIDGE │ │
│ └┬───────┘ VXLAN │================│ VXLAN └────┬───┘ │
│ │ │ │ │ │
│ │ │ │ │ │VLAN100│
│ │ │ │ ├───┘ │
└──┼─────────────────┘ │ │ │
│ └──────────┼───────────┘
│LAN LAN│
├───┐
│ │VLAN100
current speedtests (iperf) between bridge-to-bridge or vxlan-to-vxlan interfaces are round about 40MBit/s (up-/download), but my WAN-uplink supports 100/100MBit/s.
so, i think this problems relies on MTU/MSS miss configuration. all external links are default 1500 MTU values and can or should not change. i'm a bit confused about the "tunell in tunnel" (wireguard/vxlan) config and on the right hand side the PPPoE tunnel too :S
maybe someone can help me to define the right MTU/MSS values to bring mit layer2 site-to-site config in full speed!
thx, volker.
1500 on PPPoE?
https://keremerkan.net/posts/wireguard-mtu-fixes/
Set MSS to 1300 on your internal for testing
which internal interface should i select to set the MSS to 1300?
LAN