You are not logged in.
Hello,
I'm setting up an PC Engines APU as router with NAT. Wireless, dnsmask, pppoe is working fine from my site. But some Websites are very slow till not available. I'm setting up the network interfaces with systemd.network, eth0, eth1, wlan0 is bridged in lan0. ping google.de from internal lan works fine, DNS and routing should work.
Now my problem. If I browse to google.de or search on google.de, speed is ok BUT if I want brows from internal LAN to amazon.de.. Website is white or need 5min to load.
I havn't any idea why some websites are fast and other slow till only a white board. I tested the connection from the APU router and all looks ok. Today I installed firefox on the router and I compare between firefox on router (via ssh -X) and any devices behind NAT. Router Works fine and fast nur my Computer behind NAT is slow or don't load the website.
please help me, I havn't any Idea..
Some more Information:
I disabled the Firewall vor my Tests and enable NAT in iptables.
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: wan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:00:00:00:7e:40 brd ff:ff:ff:ff:ff:ff
inet6 fe80::200:b9ff:fe40:7e40/64 scope link
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master lan0 state UP group default qlen 1000
link/ether 00:0d:b9:40:7e:41 brd ff:ff:ff:ff:ff:ff
4: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq master lan0 state DOWN group default qlen 1000
link/ether 00:0d:b9:40:7e:42 brd ff:ff:ff:ff:ff:ff
5: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master lan0 state UP group default qlen 1000
link/ether 04:f0:21:14:c9:33 brd ff:ff:ff:ff:ff:ff
inet6 fe80::6f0:21ff:fe14:c933/64 scope link
valid_lft forever preferred_lft forever
6: lan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 22:ec:40:6f:4f:8b brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/24 brd 192.168.0.255 scope global lan0
valid_lft forever preferred_lft forever
inet6 fd57:db24:7d7a:0:20ec:40ff:fe6f:4f8b/64 scope global mngtmpaddr noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::20ec:40ff:fe6f:4f8b/64 scope link
valid_lft forever preferred_lft forever
7: wan0.7@wan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0d:b9:40:7e:39 brd ff:ff:ff:ff:ff:ff
inet6 fe80::20d:b9ff:fe40:7e39/64 scope link
valid_lft forever preferred_lft forever
8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1488 qdisc fq_codel state UNKNOWN group default qlen 3
link/ppp
inet 1.1.1.2 peer 1.1.1.1/32 scope global ppp0
valid_lft forever preferred_lft forever
PPPoE works oher wan0.7 because of a VLAN of my provider.
For DNS and DHCP I use dnsmasq. A Ping to the Websites is working. So DNS schould work good. I cant find any Log Entry about an Error.
regards enze
Last edited by chaosenze (2016-09-06 20:42:35)
Offline
Hi
I found out that the MTU was the problem. This issue can be fixed with an iptables rule:
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
related site: http://lartc.org/howto/lartc.cookbook.mtu-mss.html
Thanks
Offline