Slow websites
-
I installed pfSense 2.2 RC on my system and configured it the same way as my previous 2.1.5 system (except that I'm using Unbound for DNS). The issue that I'm having is that a lot of times websites take a long time to load (I can see the browser trying to load them but nothing comes up). When I access them outside the network, everything is okay. I've never see that kind of use with my 2.1.5 system.
Anyone know what could be the issue?
-
IPv6?
If you're using firefox you can try setting about:config value
network.dns.disableIPv6=trueIf you get AAAA dns answers and have no IPv6 connectivity things suck.
Not sure why going to 2.2 would do this. Might be something completely unrelated.
-
I thought about it too. But I've disabled IPv6 (under System: Advanced: Networking).
-
If you think it's a DNS issue try accessing the sites directly by IP. Try setting a client to use an external DNS server directly.
Do other services function fine, ftp transfers, streaming video etc?
Have a read through this to see if any of it is aplicable to you:
https://doc.pfsense.org/index.php/Low_Throughput_TroubleshootingSteve
-
It's not really related to the router, but the client. If the client asks for and receives an AAAA record it will try to connect IPv6 until it times out then it will ask for an A record and connect IPv4.
Anyway, just a thought. There is no "make websites load slowly" checkbox in pfSense so it's probably going to come down to checking things from the bottom up. I suspect there's a DNS problem if it's not IPv[46].
-
If it is a DNS problem, how would I go about troubleshooting/resolving it?
-
Well, you could start by browsing and looking at the states and see what's what there.
Is it just web browsing? Is it just one browser or all? Which one is it?
I hesitate to tell you to use the standard tools like dig/nslookup, ping, etc, because you really need to do exactly what the web browser is doing and these days who knows what that is?
And just to be sure, are we dealing with squid or other packages at all?
-
It looks like it's just browsing. I've tried different browsers and different machines. It loads fine on my phone (not connected to wifi), so I'm pretty sure it's somehting going on with the network.
I only have pfBlocker and Snort installed and I tried with both of those disabled and got the same result.
-
What are you running this on? Do you see high CPU or RAM usage?
Steve
-
A Core 2 Due dual core machine with 2GB memory. I've never really seen the CPU/RAM spike.
-
If it were me I'd take a backup of the config, install fresh, and put a minimal config on it (just WAN/LAN/NAT, no snort, no packages,etc.). If it still does it, you've pretty much eliminated pfSense and can start looking elsewhere.
You can always restore the config and be back where you are now.
