This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PPPoE connection on XGS 2100 SFOS 19.0.0 GA-Build31 - slow page loading

Carlo 10 months ago

Hi,

I have problem with pppoe connection which I don't know how to solve

MTU 1492

MSS 1452

no web policy

no ips

no DoS

tried changing port (on port 2 connection was terrible)

Problem is that pages are loading slow, after I press "enter" on url nothing happens for 10 seconds and then it start to looking for page. I checked on multiple pc's, diferent browsers and directly plugged to lan port (without other clients). Internet speed is about 200 mbps faster on ISP equipment. Behind XG I get around 350 download and 200 upload.

Maybe this has to do something with dns but I don't know how to troubleshoot.

Thanks.

Carlo

This thread was automatically locked due to age.

Top Replies

LuCar Toni 10 months ago +1 suggested

A good indicator of troubleshooting is developer mode of your browser. Press F12 and check the Network tab. There you should find an information about delays.

Parents

0 Carlo 10 months ago

When I turn off DNS service browsing speed on clients improves on clients
Cancel
Vote Up 0 Vote Down

Cancel
0 Thomas_XG 10 months ago in reply to Carlo

Please show us your DNS settings

_______________________________________________________

Sophos SG 210 with Sophos XG Home - 19.5 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Bharat J 10 months ago in reply to Thomas_XG

Hi Carlo

Please select DNS query configuration as Choose server based on incoming requests record type and click on Apply and share the Test name lookup output for utm.cloud.sophos.com,community.sophos.com, google.com

Thanks and Regards

"Sophos Partner: Infrassist Technologies Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Thomas_XG 10 months ago in reply to Bharat J

Hi Bharat,

the screenshot was from my sophos not Carlo's one

_______________________________________________________

Sophos SG 210 with Sophos XG Home - 19.5 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Carlo 10 months ago in reply to Bharat J

Thank you. We tried all possible combinations for DNS through GUI but nothing seems to work.

I need support from Sophos and ISP for this one.
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni 10 months ago in reply to Carlo

In the end, it is easy to find out, who is responsible for this issue.

Simply do a BPF string in Packet Capture on Diagnostic - Webadmin with: port 53

Then filter for your PPPoE Interface.

If you see packets leaving the interface with the correct IP to the internet (DNS Server), the ISP is responsible for this issue.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel
0 Carlo 10 months ago in reply to LuCar Toni

Can you please share correct syntax
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni 10 months ago in reply to Carlo

port 53

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel
0 Carlo 10 months ago in reply to LuCar Toni

I don't know how to read that
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni 10 months ago in reply to Carlo

You read it from bottom to top.

So it looks fine from a perspective of getting a response. The question is, what the responsive contains.

Next step: Go to the Advanced shell (SSH - Option 5 and Option 3).

Then perform the following:

tcpdump -ni Port2_ppp port 53

You should see the requests.

14:43:55.259292 PortB, IN: IP 168.63.129.16.53 > 192.168.0.4.6945: 59033 3/0/0 A 52.48.198.35, A 34.255.238.223, A 34.248.210.158 (136)

That would be a valid response.

Please post a snippet from the Advanced Shell.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel

0 Carlo 10 months ago in reply to LuCar Toni

XGS2100_RL01_SFOS 19.0.0 GA-Build317# tcpdump -ni Port2_ppp port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on Port2_ppp, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
14:45:34.868822 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.46776 > 8.8.8.8.53: 36884+ A? www4.bing.com. (31)
14:45:35.646632 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.41362 > 4.2.2.2.53: 23225+ A? login.microsoftonline.com. (43)
14:45:35.774147 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.41362: 23225 13/13/13 CNAME ak.privatelink.msidentity.com., CNAME www.tm.ak.prd.aadg.akadns.net., A 20.190.159.1, A 20.190.159.3, A 20.190.159.22, A 20.190.159.19, A 20.190.159.74, A 40.126.31.72, A 40.126.31.70, A 40.126.31.64, A 20.190.159.72, A 20.190.159.5, A 20.190.159.69 (718)
14:45:36.526453 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.7200 > 8.8.8.8.53: 21982+ A? www.youtube.com. (33)
14:45:36.526492 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.40443 > 8.8.8.8.53: 38953+ A? login.windows.net. (35)
14:45:36.649795 Port2_ppp, IN: IP 8.8.8.8.53 > XXX.XXX.XXX.XXX.7200: 21982 8/13/13 CNAME youtube-ui.l.google.com., A 142.251.39.46, A 142.251.39.78, A 172.217.19.110, A 142.250.180.206, A 142.250.180.238, A 142.250.201.206, A 142.251.39.14 (598)
14:45:36.654730 Port2_ppp, IN: IP 8.8.8.8.53 > XXX.XXX.XXX.XXX.40443: 38953 15/13/13 CNAME a.privatelink.msidentity.com., CNAME prda.aadg.msidentity.com., CNAME www.tm.a.prd.aadg.trafficmanager.net., A 20.190.159.22, A 40.126.31.64, A 20.190.159.1, A 20.190.159.69, A 40.126.31.68, A 40.126.31.70, A 20.190.159.3, A 20.190.159.72, A 20.190.159.5, A 20.190.159.19, A 40.126.31.72, A 20.190.159.74 (756)
14:45:37.888640 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.13499 > 4.2.2.2.53: 15040+ A? www4.bing.com. (31)
14:45:37.991261 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.13499: 15040 5/13/13 CNAME www4-www4.bing.com.trafficmanager.net., CNAME www4.bing.com.edgekey.net., CNAME e86303.dscx.akamaiedge.net., A 2.23.97.241, A 2.23.97.178 (603)
14:45:39.547224 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.37912 > 4.2.2.2.53: 59625+ A? www.youtube.com. (33)
14:45:39.547272 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.27265 > 4.2.2.2.53: 1802+ A? login.windows.net. (35)
14:45:39.572067 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.37912: 59625 8/13/13 CNAME youtube-ui.l.google.com., A 172.217.19.110, A 142.250.180.206, A 142.250.180.238, A 142.250.201.206, A 142.251.39.14, A 142.251.39.46, A 142.251.39.78 (598)
14:45:39.576643 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.27265: 1802 15/13/13 CNAME a.privatelink.msidentity.com., CNAME prda.aadg.msidentity.com., CNAME www.tm.a.prd.aadg.trafficmanager.net., A 40.126.31.68, A 40.126.31.70, A 20.190.159.3, A 20.190.159.72, A 20.190.159.5, A 20.190.159.19, A 40.126.31.72, A 20.190.159.74, A 20.190.159.22, A 40.126.31.64, A 20.190.159.1, A 20.190.159.69 (756)
14:45:39.990110 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.25728 > 1.0.0.1.53: 35522+ A? www.bing.com. (30)
14:45:40.016627 Port2_ppp, IN: IP 1.0.0.1.53 > XXX.XXX.XXX.XXX.25728: 35522 5/13/13 CNAME www-www.bing.com.trafficmanager.net., CNAME www-bing-com.dual-a-0001.a-msedge.net., CNAME dual-a-0001.dc-msedge.net., A 13.107.22.200, A 131.253.33.200 (611)
^Ctcpdump: Unable to write output: Interrupted system call
XGS2100_RL01_SFOS 19.0.0 GA-Build317#

Reply

0 Carlo 10 months ago in reply to LuCar Toni

XGS2100_RL01_SFOS 19.0.0 GA-Build317# tcpdump -ni Port2_ppp port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on Port2_ppp, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
14:45:34.868822 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.46776 > 8.8.8.8.53: 36884+ A? www4.bing.com. (31)
14:45:35.646632 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.41362 > 4.2.2.2.53: 23225+ A? login.microsoftonline.com. (43)
14:45:35.774147 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.41362: 23225 13/13/13 CNAME ak.privatelink.msidentity.com., CNAME www.tm.ak.prd.aadg.akadns.net., A 20.190.159.1, A 20.190.159.3, A 20.190.159.22, A 20.190.159.19, A 20.190.159.74, A 40.126.31.72, A 40.126.31.70, A 40.126.31.64, A 20.190.159.72, A 20.190.159.5, A 20.190.159.69 (718)
14:45:36.526453 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.7200 > 8.8.8.8.53: 21982+ A? www.youtube.com. (33)
14:45:36.526492 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.40443 > 8.8.8.8.53: 38953+ A? login.windows.net. (35)
14:45:36.649795 Port2_ppp, IN: IP 8.8.8.8.53 > XXX.XXX.XXX.XXX.7200: 21982 8/13/13 CNAME youtube-ui.l.google.com., A 142.251.39.46, A 142.251.39.78, A 172.217.19.110, A 142.250.180.206, A 142.250.180.238, A 142.250.201.206, A 142.251.39.14 (598)
14:45:36.654730 Port2_ppp, IN: IP 8.8.8.8.53 > XXX.XXX.XXX.XXX.40443: 38953 15/13/13 CNAME a.privatelink.msidentity.com., CNAME prda.aadg.msidentity.com., CNAME www.tm.a.prd.aadg.trafficmanager.net., A 20.190.159.22, A 40.126.31.64, A 20.190.159.1, A 20.190.159.69, A 40.126.31.68, A 40.126.31.70, A 20.190.159.3, A 20.190.159.72, A 20.190.159.5, A 20.190.159.19, A 40.126.31.72, A 20.190.159.74 (756)
14:45:37.888640 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.13499 > 4.2.2.2.53: 15040+ A? www4.bing.com. (31)
14:45:37.991261 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.13499: 15040 5/13/13 CNAME www4-www4.bing.com.trafficmanager.net., CNAME www4.bing.com.edgekey.net., CNAME e86303.dscx.akamaiedge.net., A 2.23.97.241, A 2.23.97.178 (603)
14:45:39.547224 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.37912 > 4.2.2.2.53: 59625+ A? www.youtube.com. (33)
14:45:39.547272 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.27265 > 4.2.2.2.53: 1802+ A? login.windows.net. (35)
14:45:39.572067 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.37912: 59625 8/13/13 CNAME youtube-ui.l.google.com., A 172.217.19.110, A 142.250.180.206, A 142.250.180.238, A 142.250.201.206, A 142.251.39.14, A 142.251.39.46, A 142.251.39.78 (598)
14:45:39.576643 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.27265: 1802 15/13/13 CNAME a.privatelink.msidentity.com., CNAME prda.aadg.msidentity.com., CNAME www.tm.a.prd.aadg.trafficmanager.net., A 40.126.31.68, A 40.126.31.70, A 20.190.159.3, A 20.190.159.72, A 20.190.159.5, A 20.190.159.19, A 40.126.31.72, A 20.190.159.74, A 20.190.159.22, A 40.126.31.64, A 20.190.159.1, A 20.190.159.69 (756)
14:45:39.990110 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.25728 > 1.0.0.1.53: 35522+ A? www.bing.com. (30)
14:45:40.016627 Port2_ppp, IN: IP 1.0.0.1.53 > XXX.XXX.XXX.XXX.25728: 35522 5/13/13 CNAME www-www.bing.com.trafficmanager.net., CNAME www-bing-com.dual-a-0001.a-msedge.net., CNAME dual-a-0001.dc-msedge.net., A 13.107.22.200, A 131.253.33.200 (611)
^Ctcpdump: Unable to write output: Interrupted system call
XGS2100_RL01_SFOS 19.0.0 GA-Build317#

Children

No Data