EoIP or Ether over IP tunnel is a tunnel protocol designed by Mikrotik development team which allows network administrators to easily connect private LANs located in different locations separated by cities or countries. As long as the Mikrotik routers can ping each other, we can create the EoIP tunnel among them.
This article shows you how to create EoIP tunnel between two Mikrotik routers. After you understand how the EoIP works, you can easily add more routers to create the tunnel.
To make it easier, we will follow the network diagram below.
There are two Mikrotik routers, MT1 and MT2 which have the following technical data:
MT1
Public IP: 111.222.111.222/28 (assigned to ether1)
Default Gateway: 111.222.111.209
LAN IP: 192.168.100.0/24
EoIP tunnel IP: 10.10.10.1/30 (assigned to eoip1)
MT2
Public IP: 222.111.222.111/27 (assigned to ether1)
Default Gateway: 222.111.222.97
LAN IP: 192.168.101.0/24
EoIP tunnel IP: 10.10.10.2/30 (assigned to eoip2)
I assume that you have configured the internal LAN so it can connect to internet (masquerade the private IPs to the public interface).
Below are the configuration on both MT1 and MT2:
MT1
/ip address add address=111.222.111.222/28 interface=ether1 /ip route add dst-address=0.0.0.0/0 gateway=111.222.111.209 /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1 src-address=192.168.100.0/24 /interface eoip add name=eoip1 remote-address=222.111.222.111 tunnel-id=10 /ip address add address=10.10.10.1/30 interface=eoip1 /ip route add dst-address=192.168.101.0/24 gateway=10.10.10.2
MT2
/ip address add address=222.111.222.111/27 interface=ether1 /ip route add dst-address=0.0.0.0/0 gateway=222.111.222.97 /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1 src-address=192.168.101.0/24 /interface eoip add name=eoip2 remote-address=111.222.111.222 tunnel-id=10 /ip address add address=10.10.10.2/30 interface=eoip1 /ip route add dst-address=192.168.100.0/24 gateway=10.10.10.1
After you finish setting the above configuration, you should be able to ping from Laptop1 / PC1 to Laptop2 / PC2 and the other way around.
See how easy it is to connect private LANs across internet via EoIP tunnel.