Why are some websites especially slow to open(OPNsense 19.1.3)

Started by fiterzs, March 13, 2019, 07:42:12 AM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
March 13, 2019, 07:42:12 AM
Why are some websites especially slow to open, and sometimes can not open the site (such as Google,facebook, Google drive,Gmail) etc

But some time is normal, I used two ISP links, I think this is probably the problem of DNS, but I do not know how to troubleshoot, please help me, thank you very much!thank you very much!
March 13, 2019, 07:50:49 AM #1
Interfaces : LAN ... set MSS to 1300
March 13, 2019, 08:15:01 AM #2

Thank you for your reply, but it doesn't seem to work. Are there any other possibilities?
March 13, 2019, 08:17:39 AM #3
Then your first DNS server is not responding
March 13, 2019, 08:22:05 AM #4
Yes, I think it is the DNS problem. I did not add DNS rules into the firewall rules.

(feeling added doesn't help)?
March 13, 2019, 08:24:52 AM #5
My first DNS is 8.8.8.8 using Gateway line 1
The second DNS  8.8.4.4 using gateway line 2
March 13, 2019, 09:08:31 AM #6
Your clients have 8.8.8.8 as DNS or the Firewall?
March 13, 2019, 09:10:52 AM #7
yes my computer us 8.8.8.8
March 13, 2019, 09:17:23 AM #8
Ok, then just use 8.8.4.4 and see if it's faster.
March 13, 2019, 10:11:59 AM #9
HI mimugmail
Thank you for your help. I have tried to use 9.9.9.9 in both the client and the server, but there is still no improvement, especially the Google service access is very slow
March 13, 2019, 12:17:23 PM #10
After research, I think it may be the problem of HTTPS. I only use NAT strategy. Why does this happen?
March 13, 2019, 12:35:23 PM #11
try turning IPV6 off on the LAN side and see if that helps?  I had this exact same problem and had to Disable IPV6 on LAN and it resolved my issue, I haven't spent time trying to troubleshoot it beyond that.
March 13, 2019, 01:06:11 PM #12
I've turned off IPV6 and it's the same thing
March 13, 2019, 05:37:42 PM #13 Last Edit: March 13, 2019, 05:39:29 PM by DanMc85
I noticed this same issue on my Hyper-V setup. I have since swapped back to 18.7
One other thing that oddly stood out is that after upgrading to any 19.1.x version, which may be directly related to this exact issue you mentioned. I noticed the default deny rule going crazy on the firewall. I saw way more red traffic on my firewall logs live view than on 18.7 without changing a single thing other than upgrading.  Something is blocking traffic that shouldn't be. A lot of it was regular LAN to WAN outbound when there is specifically a allow LAN to any default rule on the LAN network in the firewall rules. I was confused and didn't want to waste time troubleshooting, so I just swapped back the VHDX backup I made of the virtual hard disk before I did the 19.1.x upgrade.  Note: this is my second time trying... saw same issue on 19.1.0 and on 19.1.3. Haven't tried .4 yet.

On a side note: I also noticed an issue with my Private Internet Access VPN client being assigned to a secondary LAN network (own IP scope different from primary LAN, a DMZ if you will). The default gateway was not working for that VPN connection. It would show VPN up, but dpinger would show the gateway as down 100% on the dashboard, and no clients in that subnet had any internet access. So I am sure something is going on with the firewall somewhere someway. 
March 14, 2019, 01:59:16 AM #14
I also feel confused, do not know what reason is caused
Print
Go Up Pages1 2
User actions