Computer networks

Why is the MTU of the IPIP tunnel decreasing?

Good evening!

There is a physical home MikroTik hAP AC and RouterOS installed on a distant VPS. Since the IP address is gray at home and is located behind NAT, it is impossible to make a normal transport site-to-site IPsec, I had to create a virtual interface with /32 on each and pull a Mikrotik IPsec tunnel between them (the first phase started on external addresses, and on the second one I simply encrypt all traffic between virtual interfaces).

But here I came across such a joke that the IPIP tunnel, already stretched between these virtual interfaces, quickly reduces its own MTU to 68 bytes from the side of the house. On the other hand, 1418 bytes are confidently holding. Pings go, traffic goes, but very tight. The load on the CPU of a home router is in the region of 5-15%, the VPS does not care at all, there is about 0-2%.


What can influence the MTU determination mechanism so much and why is the resulting MTU so tiny? You can, of course, set it manually, but the connection does not get better (at the same time, pings with packets with a size = MTU and a parameter do-not-fragmentpass, checked).