Hi,
I have problem with pppoe connection which I don't know how to solve
MTU 1492
MSS 1452
no web policy
no ips
no DoS
tried changing port (on port 2 connection was terrible)
Problem is that pages are loading slow, after I press "enter" on url nothing happens for 10 seconds and then it start to looking for page. I checked on multiple pc's, diferent browsers and directly plugged to lan port (without other clients). Internet speed is about 200 mbps faster on ISP equipment. Behind XG I get around 350 download and 200 upload.
Maybe this has to do something with dns but I don't know how to troubleshoot.
Thanks.
Carlo
When I turn off DNS service browsing speed on clients improves on clients
Please show us your DNS settings
_______________________________________________________
Sophos SG 210 with Sophos XG Home - 19.5 GA
If a post solves your question please use the 'Verify Answer' button.
Hi Carlo
Please select DNS query configuration as Choose server based on incoming requests record type and click on Apply and share the Test name lookup output for utm.cloud.sophos.com,community.sophos.com, google.com
Thanks and Regards
"Sophos Partner: Infrassist Technologies Pvt Ltd".
Hi Bharat,
the screenshot was from my sophos not Carlo's one
Thank you. We tried all possible combinations for DNS through GUI but nothing seems to work.
I need support from Sophos and ISP for this one.
In the end, it is easy to find out, who is responsible for this issue.
Simply do a BPF string in Packet Capture on Diagnostic - Webadmin with: port 53
Then filter for your PPPoE Interface.
If you see packets leaving the interface with the correct IP to the internet (DNS Server), the ISP is responsible for this issue.
__________________________________________________________________________________________________________________
Can you please share correct syntax
port 53
I don't know how to read that
You read it from bottom to top.
So it looks fine from a perspective of getting a response. The question is, what the responsive contains.
Next step: Go to the Advanced shell (SSH - Option 5 and Option 3).
Then perform the following:
tcpdump -ni Port2_ppp port 53
You should see the requests.
14:43:55.259292 PortB, IN: IP 168.63.129.16.53 > 192.168.0.4.6945: 59033 3/0/0 A 52.48.198.35, A 34.255.238.223, A 34.248.210.158 (136)
That would be a valid response.
Please post a snippet from the Advanced Shell.
XGS2100_RL01_SFOS 19.0.0 GA-Build317# tcpdump -ni Port2_ppp port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on Port2_ppp, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes 14:45:34.868822 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.46776 > 8.8.8.8.53: 36884+ A? www4.bing.com. (31) 14:45:35.646632 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.41362 > 4.2.2.2.53: 23225+ A? login.microsoftonline.com. (43) 14:45:35.774147 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.41362: 23225 13/13/13 CNAME ak.privatelink.msidentity.com., CNAME www.tm.ak.prd.aadg.akadns.net., A 20.190.159.1, A 20.190.159.3, A 20.190.159.22, A 20.190.159.19, A 20.190.159.74, A 40.126.31.72, A 40.126.31.70, A 40.126.31.64, A 20.190.159.72, A 20.190.159.5, A 20.190.159.69 (718) 14:45:36.526453 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.7200 > 8.8.8.8.53: 21982+ A? www.youtube.com. (33) 14:45:36.526492 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.40443 > 8.8.8.8.53: 38953+ A? login.windows.net. (35) 14:45:36.649795 Port2_ppp, IN: IP 8.8.8.8.53 > XXX.XXX.XXX.XXX.7200: 21982 8/13/13 CNAME youtube-ui.l.google.com., A 142.251.39.46, A 142.251.39.78, A 172.217.19.110, A 142.250.180.206, A 142.250.180.238, A 142.250.201.206, A 142.251.39.14 (598) 14:45:36.654730 Port2_ppp, IN: IP 8.8.8.8.53 > XXX.XXX.XXX.XXX.40443: 38953 15/13/13 CNAME a.privatelink.msidentity.com., CNAME prda.aadg.msidentity.com., CNAME www.tm.a.prd.aadg.trafficmanager.net., A 20.190.159.22, A 40.126.31.64, A 20.190.159.1, A 20.190.159.69, A 40.126.31.68, A 40.126.31.70, A 20.190.159.3, A 20.190.159.72, A 20.190.159.5, A 20.190.159.19, A 40.126.31.72, A 20.190.159.74 (756) 14:45:37.888640 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.13499 > 4.2.2.2.53: 15040+ A? www4.bing.com. (31) 14:45:37.991261 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.13499: 15040 5/13/13 CNAME www4-www4.bing.com.trafficmanager.net., CNAME www4.bing.com.edgekey.net., CNAME e86303.dscx.akamaiedge.net., A 2.23.97.241, A 2.23.97.178 (603) 14:45:39.547224 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.37912 > 4.2.2.2.53: 59625+ A? www.youtube.com. (33) 14:45:39.547272 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.27265 > 4.2.2.2.53: 1802+ A? login.windows.net. (35) 14:45:39.572067 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.37912: 59625 8/13/13 CNAME youtube-ui.l.google.com., A 172.217.19.110, A 142.250.180.206, A 142.250.180.238, A 142.250.201.206, A 142.251.39.14, A 142.251.39.46, A 142.251.39.78 (598) 14:45:39.576643 Port2_ppp, IN: IP 4.2.2.2.53 > XXX.XXX.XXX.XXX.27265: 1802 15/13/13 CNAME a.privatelink.msidentity.com., CNAME prda.aadg.msidentity.com., CNAME www.tm.a.prd.aadg.trafficmanager.net., A 40.126.31.68, A 40.126.31.70, A 20.190.159.3, A 20.190.159.72, A 20.190.159.5, A 20.190.159.19, A 40.126.31.72, A 20.190.159.74, A 20.190.159.22, A 40.126.31.64, A 20.190.159.1, A 20.190.159.69 (756) 14:45:39.990110 Port2_ppp, OUT: IP XXX.XXX.XXX.XXX.25728 > 1.0.0.1.53: 35522+ A? www.bing.com. (30) 14:45:40.016627 Port2_ppp, IN: IP 1.0.0.1.53 > XXX.XXX.XXX.XXX.25728: 35522 5/13/13 CNAME www-www.bing.com.trafficmanager.net., CNAME www-bing-com.dual-a-0001.a-msedge.net., CNAME dual-a-0001.dc-msedge.net., A 13.107.22.200, A 131.253.33.200 (611) ^Ctcpdump: Unable to write output: Interrupted system call XGS2100_RL01_SFOS 19.0.0 GA-Build317#