For a small office, I recently installed a Peplink Balance 20. Firmware 5.4.9 build 1732. Since doing that, I’ve been getting complaints about some websites not loading (there were complaints before, but didn’t seem so specific). Big sites like cnn.com, box.com, etc. They have a pretty slow internet connection and since some sites worked, I assumed it was a routing issue on the ISPs end. Today, I was using Chrome developer tools to see what is going on. When I load cnn.com, lots of stuff loads, but it’s waiting on one javascript file from cdn.optimizely.com. What’s weird is I can ping that hostname and get a 10ms response time. From a neighboring business (using a different ISP), everything works fine.
In all cases, I can ping the those hostnames with good response times. I’m under the assumption that if I can ping them, it’s not a routing issue. My next course of action is to remove the Peplink from the equation and hook up a machine directly to the ISP to see if the behavior continues. But as the site is a bit of a drive, I thought I’d ask if anyone had seen an issue similar to this one? I don’t have any firewall rules in place. I had DoS protection and DSL/Cable Optimization turned on. Turning that off makes no difference.
There shouldn’t be any java involved. This is html and javascript. Different browsers make no difference. I only installed Chrome to use the developer tools. Most of the users are using IE.
Do you have more than 1 ISP connected right now? Is it the same ISP or different? You could try disconnecting one of the ISP connections and see what happens, otherwise bypassing the Peplink and connecting directly to the ISP would be a good next step to take.
If the problem completely goes away then we would want to open a support ticket for further investigation.
I was able to solve the issue and it was a setting on the peplink. The default and auto-detected MTU was 1440. When I set it to 1492, everything started working. Why is the default 1440? I’ve never seen that used before. Is that a typical ISP MTU?
If 1492 is working for you then its ok to leave it as is. 1440 is chosen as its generally more compatible across a wide range of connection types. If you have sporadic connections as described due to MTU this is usually caused by failure of the Path MTU Discovery mechanism which is used to notify the endpoints of correct MTU. The most common cause of this problem are firewalls blocking all ICMP traffic which breaks critical features such as PMTU Discovery. Unfortunately this is a very common mistake not always easy to solve if its out of your network control. If you have a firewall on your end make sure to enable ICMP traffic or at the very least “ICMP - Fragmentation Needed (Type 3, Code 4)”. If its due to a firewall outside your network the only way resolve is contacting that network operator.