PPPoE connection on XGS 2100 SFOS 19.0.0 GA-Build31 - slow page loading

Hi Carlo

How about you connect PPPoE directly on laptop and what speet test shows ? and output for ipconfig /all for windows system ?

Please take SSH access of the device and Login to console and execute the command system diagnostics show syslog

Save the PPPoE interface configuration and check the output command for PPPoE and share the output.

You may also execute the command show pppoe connection status

Please refer the below link and update the ppoe configuration : 

https://support.sophos.com/support/s/article/KB-000035683?language=en_US

The web GUI only shows the PPPOE WAN connection MTU value of 1500, and this is the physical interface. The command-line interface (CLI) shows the physical interface and the logical interface. The physical interface for the WAN connection in the CLI has an MTU value of 1500. The logical interface displays an MTU of 1492 and is always deducted by eight due to the PPPOE overhead. 

The only way to drop the MTU for a PPPOE connection is through the web GUI. For example, if the physical interface is 1500 and an MTU of 1484 is required by the PPPOE connection, drop the physical interface to 1492.

To change the mss or mtu use below command

console> set network mtu-mss PortB mtu <value> mss <value>

Thanks and Regards

Thank you for answering.

Output's

console> system diagnostics show syslog
Jul 22 18:52:33Z localhost pppd: Port2.995: peer from calling number XX:4D:29:EX:XX:XX authorized
Jul 22 18:52:36Z localhost pppd: Port2.995: Failed to create /etc/ppp/resolv.conf: Read-only file system
Jul 22 18:52:36Z localhost pppd: Port2.995: local  IP address xxx.xxx.xxx.xxx
Jul 22 18:52:36Z localhost pppd: Port2.995: remote IP address 10.0.0.1
Jul 22 18:52:36Z localhost pppd: Port2.995: primary   DNS address 18x.xxx.xxx.1
Jul 22 18:52:36Z localhost pppd: Port2.995: secondary DNS address 10.0.0.1
Jul 22 18:52:40Z localhost ipsec_starter: expanding file pattern '/_conf/ipsec/connections/*.conf' failed: No such file or directory
Jul 22 18:52:40Z localhost up_tunnels_on_id(): Making connections on interfaceid 3 up or add (as per their auto= configuration)
Jul 22 18:52:40Z localhost ipsec_starter: expanding file pattern '/_conf/ipsec/connections/*.conf' failed: No such file or directory
Jul 22 19:01:26Z localhost cish: session opened from console

console> show pppoe connection status


-----   PPPoE Connection Status   -----

        Port2(xxx.xxx.xxx.xxx)   : Connected

Thank you for answering.

Output's

console> system diagnostics show syslog
Jul 22 18:52:33Z localhost pppd: Port2.995: peer from calling number XX:4D:29:EX:XX:XX authorized
Jul 22 18:52:36Z localhost pppd: Port2.995: Failed to create /etc/ppp/resolv.conf: Read-only file system
Jul 22 18:52:36Z localhost pppd: Port2.995: local  IP address xxx.xxx.xxx.xxx
Jul 22 18:52:36Z localhost pppd: Port2.995: remote IP address 10.0.0.1
Jul 22 18:52:36Z localhost pppd: Port2.995: primary   DNS address 18x.xxx.xxx.1
Jul 22 18:52:36Z localhost pppd: Port2.995: secondary DNS address 10.0.0.1
Jul 22 18:52:40Z localhost ipsec_starter: expanding file pattern '/_conf/ipsec/connections/*.conf' failed: No such file or directory
Jul 22 18:52:40Z localhost up_tunnels_on_id(): Making connections on interfaceid 3 up or add (as per their auto= configuration)
Jul 22 18:52:40Z localhost ipsec_starter: expanding file pattern '/_conf/ipsec/connections/*.conf' failed: No such file or directory
Jul 22 19:01:26Z localhost cish: session opened from console

console> show pppoe connection status


-----   PPPoE Connection Status   -----

        Port2(xxx.xxx.xxx.xxx)   : Connected

  Hi Carlo 

Please share current status  for interface speed after expanding Port 2 under Advance setting and logs for below command

tail -f /log/dgd.log

tail -f /log/networkd.log

tail -f /log/dnsgrabber.log

console>tcpdump ‘host sophos.com

Might below command helps?

console> set network mtu-mss Port2 mtu 1492 mss 1412

Thanks 

I was testing in that time different configurations

XGS2100_RL01_SFOS 19.0.0 GA-Build317# tail –f /log/dgd.log
tail: can't open '–f': No such file or directory
ERROR     Jul 22 19:55:35Z [5792]: Pingtest, could not send icmp request 85 for iptype 1: Permission denied
CRITICAL  Jul 22 19:55:35Z [5792]: Pingtest, could not initiate ping, iptype 1
NOTICE    Jul 22 19:56:14Z [5792]: do_config, Event: 1 for Entity: DHCP_Port2_GW and Entity_type: GW
CRITICAL  Jul 22 19:56:14Z [5792]: do_config for DHCP_Port2_GW

NOTICE    Jul 22 19:56:14Z [5792]: detachNode, Entities count: 1
NOTICE    Jul 22 19:56:14Z [5792]: Configuration updated
NOTICE    Jul 22 19:56:14Z [5792]: Executing : <gateway:gw_dead_to_live> args : <{ "param": "@DHCP_Port2_GW", "targets": [ ] }>
NOTICE    Jul 22 19:56:15Z [5792]: do_config, Entities count: 1
NOTICE    Jul 22 19:56:15Z [5792]: Configuration updatedXGS2100_RL01_SFOS 19.0.0 GA-Build317#

XGS2100_RL01_SFOS 19.0.0 GA-Build317# tail -f /log/networkd.log
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; LINK_COMMON    ; Command; ip link set dev reds1 mtu 1500 up
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; IP             ; IP Command; ip -4 address flush dev reds1
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; IP             ; IP Command; ip -4 address add XXX.XXX.XXX.X/30 broadcast + dev reds1 scope global
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; IP             ; Reply = '0';
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; LINK_RED       ; Interface= reds1, command= Flush;
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; ND_MAIN        ; time taken for do_nd_action is 0.000000.;
INFO    ; Jul 22 21:25:31Z  ; ADMIN  ; ND_MAIN        ; sending reply: 0;
WARNING ; Jul 22 21:25:32Z  ; ADMIN  ; JSON_PARSOR    ; Unable to find handler for key: route;
INFO    ; Jul 22 21:25:32Z  ; ADMIN  ; ND_MAIN        ; time taken for do_nd_action is 0.000000.;
INFO    ; Jul 22 21:25:32Z  ; ADMIN  ; ND_MAIN        ; sending reply: 0;

XGS2100_RL01_SFOS 19.0.0 GA-Build317# tail -f /log/dnsgrabber.log
INFO    ; Jul 22 21:55:59Z  ; DNSGRABBER     ; DNS response of len = 504 sent to FQDND;
INFO    ; Jul 22 21:56:07Z  ; DNSGRABBER     ; DNS response of len = 204 sent to FQDND;
INFO    ; Jul 22 21:56:42Z  ; DNSGRABBER     ; DNS response of len = 608 sent to FQDND;
INFO    ; Jul 22 21:56:43Z  ; DNSGRABBER     ; DNS response of len = 536 sent to FQDND;
INFO    ; Jul 22 21:57:05Z  ; DNSGRABBER     ; DNS response of len = 620 sent to FQDND;
INFO    ; Jul 22 21:58:08Z  ; DNSGRABBER     ; DNS response of len = 588 sent to FQDND;
INFO    ; Jul 22 21:58:17Z  ; DNSGRABBER     ; DNS response of len = 560 sent to FQDND;
INFO    ; Jul 22 21:58:17Z  ; DNSGRABBER     ; DNS response of len = 528 sent to FQDND;
INFO    ; Jul 22 21:58:20Z  ; DNSGRABBER     ; DNS response of len = 596 sent to FQDND;
INFO    ; Jul 22 21:58:31Z  ; DNSGRABBER     ; DNS response of len = 604 sent to FQDND;

after CTRL+C

XGS2100_RL01_SFOS 19.0.0 GA-Build317# tcpdump host sophos.com
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
^C
0 packets captured
552 packets received by filter
544 packets dropped by kernel
XGS2100_RL01_SFOS 19.0.0 GA-Build317#

Hi Carlo 

Can you check if the status for DNS is resolving properly from GUI with Test lookup ?

Please go Configure -->Network -->DNS-->DNS Configuration, click on Test  Name lookup and add sophos.com click the Test connection?

Have you checked the issue with mss as per the below command from CLI?

console> set network mtu-mss Port2 mtu 1492 mss 1412

Thanks 

After I execute that command I cannot browse internet any more. Need to return to old settings 1492/1444

does this mean something? 

Hi Carlo 

Please check the status for the below commands 

system appliance_access show 

system firewall-acceleration show

Thanks 

console> system appliance_access show
Appliance access disabled.
console> system firewall-acceleration show
Firewall Acceleration is Enabled in Configuration.
Firewall Acceleration is Loaded.