My conclusion to this was to pipe VLAN trunks through EoIP tunnels and encapsulate those in hardware assisted IPSec. Two pairs of fairly inexpensive Mikrotik RB1100AHx2 routers proved capable of saturating a 1 Gbps connection while adding less than 1 ms latency.
I would like to encrypt traffic between two data centres. Communication between the sites is provided as a standard provider bridge (s-vlan/802.1ad), so that our local vlan tags (c-vlan/802.1q) are preserved on the trunk. The communication traverse several layer 2 hops in the provider network.
Border switches on both sides are Catalyst 3750-X with the MACSec service module, but I assume MACSec is out of the question, as I don't see any way to ensure L2 equality between the switches over a trunk, although it may be possible over a provider bridge. MPLS (using EoMPLS) would certainly allow this option, but is not available in this case.
Either way, equipment can always be replaced to accommodate technology and topology choices.
How do I go about finding viable technology options that can provide layer 2 point-to-point encryption over ethernet carrier networks?
edit:
To sum up some of my findings:
A number of hardware L2 solutions are available, starting at USD 60,000 (low latency, low overhead, high cost)
MACSec may in many cases be tunneled through Q-in-Q or EoIP. Hardware starting at USD 5,000 (low-medium latency, low-medium overhead, low cost)
A number of hardware assisted L3 solutions are available, starting at USD 5,000 (High latency, high overhead, low cost)