Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 28 subscribers
  • Views 1258 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TCP Latency and DNS retry issues

UJay

Hi

In my network environment, i am noticing a lot of TCP Latency and DNS retry issues. 

Currently i am using Unifi Switches and Unifi APs as network devices and they channel the traffic to the XG-115.

I have reached out to Unifi support team to see what can be done to fix these TCP Latency and DNS retry issues. They came back with a suggestion (after going thru all log files) to enable Smart Queue (or similar) for internet traffic. They mentioned that "every router/firewall manufacturer might have a different TE for it, but fq_codel based feature is used mostly for buffer bloat/latency."

My question to you all

Are there similar option available in XG115, which i can try to see whether TCP Latency and DNS retry issues (at clients) can be resolved?

Rough sketch of my network is as follows



This thread was automatically locked due to age.
  • 0

    Hi Ujay,

    what analysis have you done on the APs, I would suspect they are over loaded have a high latency?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hi Ian

    I have no more than 15 wifi clients in the entire network Two APs are used to have a better coverage at the building. 

    Hence overloading of APs is hard to believe. Also clients are not doing any streaming kind of activities. 

  • 0 in reply to UJay

    Hi UJay,

    if you haven't already you might try fine tuning your APs. Also have you tried continuous ping (packet size about 512B) from one of the misbehaving devices to see any descrepancies also tracert to the firewall a number of times.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Hello,

    this sounds more like a simple DNS problem or the famous MTU-size problems with the uplink, rather than something complex or complicated thing inside the firmware of an AP or switch or the firewall.

    When you say DNS retry issues, what does that mean from an endpoint view at your LAN/WiFi? Do you have timeouts of , let's say, 15-30 seconds before your request is resolved?  How is your DNS setup? Did you troubleshoot this?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hi Ian

    Sure i will check that. Most of these devices are IoT and Mobiles on WiFi APs. I have tried all know fine tuning options as well as followed recommendations from Unifi tech support. But the progress is negligible.  

  • 0 in reply to jprusch

    Hi Philipp

    End points are LAN and all these clients using WIFI APs. These clients are mix of IoT devices, Laptops and Mobile phones

    I am pointing the DNS entries as google IPs (8.8.8.8). There is no local DNS server. Even at the XG-115, the DNS ids are set to Google IPs 

    Clients are not login into any Microsoft Servers. 

    Firmware of both APs and XG-115 firewall are on latest versions.  

    I have tried all know fine tuning options as well as followed recommendations from Ubiquiti Unifi tech support. But the progress is negligible. 

    these are some of the error messages i see at Unifi Network Dashboard. 

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML