Reply
New Member
Posts: 2
Registered: ‎04-30-2015

Pages not fully loading/not loading at all

I've scoured the web and this forum for the last week but I'm giving in and posting. I'm having a problem that seems similar to this:

 

https://community.ubnt.com/t5/EdgeMAX/EdgeMax-Slow-Preformance-Not-Loading-Webpages-Fully-amp-Some/m...

 

I have a new ERL, running the latest firmware (1.6). I configured it with the wizard for WAN + 2 LAN, everything seemed to be great initially. Over the last two weeks I've been getting complaints from my user (aka wife) that she's having issues on all of her devices with pages either not loading at all, or loading partially. Hitting the same page again usually will fully load, though I've had some that were very stubborn. These are normal web sites (Amazon, banks, etc), nothing that rely on unusual ports or protocols.

 

My internet connection is a FIOS 150/150 plan, I am not using their router - I have ethernet going straight from the ONT to the ERL. Based on this I do not believe MSS clamping is relevant to me.

 

Unlike the post I linked I don't seem to have any extra static routes configured, I show routes connected but only one static. Admittedly I am confused as to why I do not have a protocols section but this is what my config looks like:

 


ubnt@ubnt:~$ show configuration
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
:
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address dhcp
description Internet
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth1 {
address 192.168.1.1/22
description Local
duplex auto
speed auto
}
ethernet eth2 {
address 192.168.101.1/22
description "Local 2"
duplex auto
speed auto
}
loopback lo {
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface eth1
rule 1 {
description Plex
forward-to {
address 192.168.1.*
port 32400
}
original-port *
protocol tcp_udp
}
wan-interface eth0
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name HomeNetwork {
authoritative disable
subnet 192.168.0.0/22 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.100 {
stop 192.168.1.254
}
}
}
}
dns {
dynamic {
interface eth0 {
service namecheap {
host-name www
login blah.com
password ****************
}
}
}
forwarding {
cache-size 150
listen-on eth1
listen-on eth2
}
}
gui {
https-port 443
}
nat {
rule 5010 {
outbound-interface eth0
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password ****************
plaintext-password ****************
}
full-name ""
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}

 

What am I missing here? Any assistance would be much appreciated.

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5411
Solutions: 1657
Contributions: 2

Re: Pages not fully loading/not loading at all

The symptoms sound like path MTU discovery issue and TCP MSS clamping may possibly help. However, the "firewall options mss-clamp ..." feature in 1.6 only support certain interface types which do not apply in your case. In the current 1.7.0alpha3 release (currently available in the beta forum) the mss-clamp feature now can be applied to "all" interface types, so you could give that a try if feasible.

Highlighted
New Member
Posts: 2
Registered: ‎04-30-2015

Re: Pages not fully loading/not loading at all

Thanks for the suggestion, I've installed it. If I used the default protocol selections for MSS (everything checked) have I successfully applied it to all protocols?

 

I'll give it a try for a few days and see how it goes.

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5411
Solutions: 1657
Contributions: 2

Re: Pages not fully loading/not loading at all

Actually this requires interfact type "all" and the Web UI wizard has not been updated to support that. This has been added for the next alpha/beta, though for now you'd need to use the CLI (e.g., "set firewall options mss-clamp interface-type all") or the "Config Tree" in the Web UI to set.

Reply