New Member
Posts: 31
Registered: ‎01-08-2016
Kudos: 4
Solutions: 4

Edgerouter Pro 8 is blocking a website

     I've had an Edgerouter Pro 8, v 1.8.0, running behind an AT&T managed router at our business for at least a year or two without any obvious problems. Within the last few months, the website; www.rockauto.com became slower to load and now will not load at all. Accessing the network ahead of the Edgerouter (and behind the AT&T router) with a laptop I can access the rockauto site without difficulty. I've tried clearing the DNS cache of the Edgerouter (using the CLI command: clear dns forwarding cache) and have tried modifying the MTU setting. (Lowering it below the default setting of 1500 prevents all internet traffic from flowing) I haven't found these symptoms with any other website. Nor have I made any router config changes that I can associate with the loss of the RockAuto site access. Any suggestions?

Veteran Member
Posts: 7,974
Registered: ‎03-24-2016
Kudos: 2081
Solutions: 913

Re: Edgerouter Pro 8 is blocking a website

try mss-clamp:

Spoiler
configure
set firewall options mss-clamp interface-type all
set firewall options mss-clamp mss 1452
commit
save;exit
New Member
Posts: 31
Registered: ‎01-08-2016
Kudos: 4
Solutions: 4

Re: Edgerouter Pro 8 is blocking a website

Version 1.8.0 does have a TCP MSS-Clamping Wizard which I selected and enabled. There wasn't much in the way of settings other than to enable it. There is a value which defaults to 1412. I did enable it but it offered no change so I disabled it. Does the CLI command script you suggested offer anything that the wizard does not? I tried clicking on the link you provided regarding the "spoiler" which I assumed would be a description of the commands. It led to a page which seemed to cover several posts/topics. I did a search on that page of mss-clamping but was offered no results. (BTW, thank you for the quick reply you offered)

Highlighted
Veteran Member
Posts: 7,974
Registered: ‎03-24-2016
Kudos: 2081
Solutions: 913

Re: Edgerouter Pro 8 is blocking a website

You only mentioned MTU, not mss-clamp in opening post.

In spoiler, I only entered txt commands no link

 

Some sites not opening is commonly  caused by MTU limitation somewhere in the path, and ICMP being blocked.  

mssclamp is the way around it.

When you did use the wizard, make sure you enabled it on proper interface type.  Example: If you don't have pppoe, enabling it on pppoe only has no effect at all.

1452 is my default, 1412 is even playing extra save

 

Also, try traceroute to www.rockauto.com to see if packets get stuck half-way

Veteran Member
Posts: 6,095
Registered: ‎01-04-2017
Kudos: 886
Solutions: 314

Re: Edgerouter Pro 8 is blocking a website

I think it's time to update and try again. Your asking a bunch of people to help keep you on a 2+ year old firmware. My first guess would be corruption somewhere. Maybe start fresh with a new usb stick.