Certain Webpages or Links Won't Work (DNS Issue? Internet Provider?)
Issue – Specific links inside websites or random websites won’t load.
- NoMachine Download Link - Nomachine download link I won't open. I can access the webpage, but their download link won't work. (If I connect the firewalla WAN to my Verizon phone hotspot it does allow me to proceed to through the download link)
- Small Company Webpages - Smaller companies’ webpages won’t load. Most/all major sites seem to work fine. (Haven’t attempted hotspot fix on this situation but I assume it’d work)
- RightNetwork Remote Connections - Rightnetwork virtual windows machine won’t connect (This previously worked from 7/15/24-7/30/24, so I don’t think Firewalla is the issue.) (If I Firewalla to Verizon phone hotspot it allows me to instantly connect without issue.)
- Plex Match Bot - Plex is no longer matching new files to the Agent/TVDB. When I try to manually match it will normal bring up a search list. This week it won't even attempt to load the search page when clicked. It just does nothing as if it doesn't have access to search.
Connections: (All connecting cables are cat 6 or above. I’ve tried with different cables between the connections)
- Fiberline (1000Mbps Plan)
- AT&T Modem Nokia BGW320-505 (In Passthrough)
- Firewalla Gold (Revision Original)
- TRENDnet Gigabit 16-port (TEG-S17D) [Controls all house/room ethernet ports]
- Gigabit LAN Gaming PC or GigabitLAN Plex PC (Both LAN and WiFi experience the same issues.)
Troubleshooting: (All of the below did not help)
- Turn off IPv6
- Reboot (Modem, Router, Aps, LAN PCs)
- Windows release and renew
- Manually assigning DNS server on windows PC ethernet adapter
- Change Firewalla DNS to AT&T, Google, Cloudflare
- Emergency access no monitoring
- Rules Allow all internet to and from traffic
- FIXED: Verizon Firewalla WAN hotspot seems to fix the issues, but I haven’t attempted it with every issue listed above.
Setup Change Log (as of today 8/2/24)
- Added 3x Unifi AP U6 LR (Added 7/26/24 | 6 days ago)
- Added Firewalla Router (Added 7/15/24 | 18 days ago)
- AT&T main IPv4 trace route server changed 7/28/24 (5 days ago). Ping increased from 8ms to 24ms. (Central TN to Atlanta GA)
- Enabled IPv6 on Firewalla Router & AT&T modem (7/28/24). I got a better IPv6 trace route for Atlanta GA game servers getting back my 8ms ping. My IPv4 latency tripled from 8ms to 24ms.
Misc Background Info:
Internet Route Change – On 7/28/24 I noticed my ping increased to a constant 47ms in Overwatch servers located in Chicago IL. For the last 2 years I have never seen it pass 31ms so I ran a tracert to 8.8.8.8 and noticed I’m taking the same geographical route to Atlanta GA from Central TN but the first hop outside my city is 23ms it would normally be around 7-11ms.
Trace RouteT:
- Firewalla - 192.168.99.1 – 1ms
- AT&T Modem – 192.168.1.254 – 1ms
- AT&T Local Hub – 1ms
- 174.25.246 (Atlanta, GA) – 23ms
- Nothing of note for hops (5-10 same 23ms)
- google.com 8.8.8.8 – 23ms
(If I run a trace RT using google’s IPv6 DNS I get my old ping at around 7-10ms. This also travels to Atlanta GA just on a different server route.)
My Current Theory:
I believe the AT&T servers I’m being routed through may be the problem. I didn’t notice these issues until 7/30/24, 2 days after my regular route was modified. If I connect my Firewalla to my Verizon phone hotspot as the WAN connection all issues above are resolved.
AT&T - 1000Mbps Plan (Since 2021 ~3 years without issues)
- MODEM: AT&T NOKIA BGW320-505 (In Passthrough)
- MODEM V: 4.27.7
- IPv4 On
- MTU: 1500
- DHCP: On (192.168.1.64-192.168.1.253)
- Subnet Mask: 255.255.255.0
- Public Subnet: Off
- Cascaded Router: Off
- IPv6 On
- MTU: 1500
- DHCPv6: On
- DHCPv6 Prefix Delegation: On
- Ports: Turned on 1G full duplex
- Wifi: Off (Both 2.4 & 5ghz. Using Unifi Aps)
AT&T Modem Firewall
- Packet Filter: Off (All)
- Ip Passthrough: On (DHCPS-fixed to mac address of Firewalla)
- Nat Default Server: Off
- Firewall Advanced: Off (All)
- Modems troubleshoot test (Results all pass)
- NAT Table: 504 Used of 8192
Fiber Status of AT&T Modem
- Vcc 3.42 (Normal Range 3.10-3.50)
- Tx Bias 83.26 (Normal Range 0.0-900)
- Tx Power 19.102 (Normal Range 10-35.5)
- Rx Power 0.122 (Normal Range 0.14-2)
Firewalla Gold (Revision Original)
Lan:
- Router Local IP: 192.168.99.1
- Subnet Mask: 255.255.255.0
- DHCPv4: On (192.168.99.1-192.168.99.254)
- DNS: 8.8.8.8
- DNS (Secondary): 1.1.1.1
- Lease Time: 86400
- IPv6: On
- IPv6 Interface Type: Prefix Delegation
- IPv6 Address Prefix: /64 (This should match my AT&T requirement)
- IPv6 Delegation: (Automatic AT&T Wan)
- DHCPv6: On
- Lease Time: 86400
- mDNS Relay: On
- SSDP Relay: Off
- Block ICMP (Ping): Off
Wan:
- Connection Type: DHCP
- Subnet Mask 255.255.252.0
- DNS: 8.8.8.8
- DNS (Secondary): 1.1.1.1
- IPv6: On
- IPv6 Prefix: /64 (This should match my AT&T requirement)
- Lease Time: 3600
- MTU: 1500
- Connectivity Test: On
- Block ICMP (Ping): On
- Other Firewalla Network Settings:
- Link Aggregation: Off
- Source Nat: On
- Source Networks: 192.168.99.1/24
- Port Forwarding: 32400 (Plex)
- DMZ: Off
Firewalla Settings:
Device Count: 96
Rules:
- Active Protect Rules (Default Bundle): On
- Ingress Firewall: On
- 32400 Port Open for LAN Plex
Active Protect: ON (Mode – Default)
Ad Block: On Strict (Only for Phones. PCs aren’t being blocked.)
Mode: Router Mode (Monitoring)
Routes: Off
Smart Queue: On (Static, FQ_Codel, High Priority LAN PCs)
DDNS: Off
(All other settings are off/not used)
Note: I have attempted to set up a rule to allow all internet traffic in and out to LAN PC & changed monitoring to off / emergency access.
Please sign in to leave a comment.
Comments
1 comment