I recently installed an Opnsense system at home as my home network firewall.
I am working with the default settings for the firewall and most other parts of OpnSense.
For some reason when I now open a new website in Chrome on Windows 11, it takes a couple of seconds to load the initial website , but is quite fast after that. When I do the same on a local Linux PC, the website loads almost instantly.
When I connect directly to the Internet, the problem disappears, so it somehow seems to be related to the OpnSense gateway.
Could it be a firewall issue?
Did anyone notice similar behavior and does anybody have any ideas how I can resolve this?
Wireshark will tell you what is happening on the client: https://www.wireshark.org/
Install it on Windows and capture the first few seconds. You can also capture the OPNsense traffic and analyse it with Wireshark: Interfaces: Diagnostics: Packet Capture
It's DNS though :D https://i.etsystatic.com/22516705/r/il/66f860/2469964138/il_fullxfull.2469964138_26oq.jpg
Bart...
Hello Bart,
I did make a Wireshark trace and didn't spot any obvious problems.
So I had to dig a bit deeper :)
Then I saw a lot of DNS requests for wpad.[mydomain.com] and they were actually being forwarded to my domain registrar for resolving. Because that probably doesn't resolve to anything that makes sense to Windows, I can imagine that slows things down quite a bit.
I now manually override the wpad subdomain in unbound DNS on my Opnsense box and that seems to solve the issue. The Opnsense documentation actually states that there is a "WPAD records" button in the unbound DNS config, but I couldn't find it. Has it been removed ?
No idea, sorry. I don't use unbound
I don't use it so no idea if does what you want but it is in Unbound DNS | General. Need to click on the "Show advanced option" button at the bottom.
You shouldn't need to set an override for WPAD. Do any of your other machines have this issue?
Can you do a packet capture from OPNsense and post it here? Limit it to just when you open a new site.