This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG 310 problem - YouTube buffering, poor peformance HD streaming

Hello,

I am trying to figure out if I have a configuration problem that is causing YouTube buffering when users are trying to watch at HD resolutions. I am unsure if the issue is actually the XG firewall or possibly might be related to our ISP, AT&T. However, I'm going to assume firewall for now as I have no reason to suspect the ISP. First off, I'm still learning my XG 310 so I might not be understanding of certain features.

The problem: users are seeing erratic performance when viewing YouTube content especially when in HD mode or 4K. Buffering, stalled playback, etc. When checking the firewall during these times, we are nowhere near our bandwidth limits, plus CPU (4-6%) and memory usage (28-34%) are all low. The frustrating thing is that sometimes the videos will playback with no issue at all. Perfect. Other times the problems. Conversely, when comparing against say Netflix, we have no issue at all in playing back through that service.

I have created a Web filtering exception with the following URL matches:

Matching URLs:

^[A-Za-z0-9.-]*\.ggpht\.com\.?/

^[A-Za-z0-9.-]*\.googlevideo\.com\.?/

^[A-Za-z0-9.-]*\.youtube\.com\.?/

^[A-Za-z0-9.-]*\.ytimg\.com\.?/

I am bypassing all scanning features: HTTPS Decryption, Malware Scanning, and Policy Checks. We do not have the Sandstorm feature.

At this point I am stumped on what I need to do next or what is lacking. I have tried to use logging to narrow down my search but I'm not sure how/what I should be looking for or logging exactly. I was thinking maybe the web proxy cache might be related? But other than the 'Restart' button, I'm not sure what I can control on that feature.

So any advice or suggestion is much appreciated. Let me know if you need other/different information.

Thanks!

This thread was automatically locked due to age.

Parents

0 Russell Harris over 7 years ago

Bump

Anyone have a similar issue or advice?

Thanks!

Russell
Cancel
Vote Up 0 Vote Down

Cancel
0 Nonamegame over 7 years ago in reply to Russell Harris

Yes. I don't think this is the issue. I have these rules and more. I think this is a bufferbloat issue. Goto http://www.dslreports.com/speedtest

I guarantee that you also have the same bufferbloat issue. This is something I am still researching about and I need to fix. It's something to do with Sophos XG configuration and QOS. I haven't figured it out yet.

^[A-Za-z0-9.]+\.googlevideo\.com/videoplayback

https?//youtube.com

^[A-Za-z0-9.-]*\.ggpht.com/

^[A-Za-z0-9.-]*\.ytimg\.com/

^[A-Za-z0-9.-]*\.googleapis.com/

^[A-Za-z0-9.]+\.youtube\.com/videoplayback

^[A-Za-z0-9.-]+\.googlevideo\.com/videoplayback

^[A-Za-z0-9.]+\.ytimg.com/

^[a-za-z0-9.-]+\.youtube\.com/videoplayback

^[A-Za-z0-9.-]*\.youtube\.com/

youtube.com
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 7 years ago in reply to Nonamegame

Hi guys,

have you tried turning off safe surfing in web -> general settings?

Ian
Cancel
Vote Up 0 Vote Down

Cancel
0 Russell Harris over 7 years ago in reply to Nonamegame

Thanks for this info. I agree that is a more likely issue. I will say things seem to have gotten better. I'm able to stream 4K UHD it seems.

I have done two recent firmware updates so possibly that has helped.

Although, I will keep an eye out and learn more on the bufferbloat issue.

Thanks!

RH
Cancel
Vote Up 0 Vote Down

Cancel
0 Russell Harris over 7 years ago in reply to rfcat_vk

It's been off the whole time.

Thanks,

RH
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 7 years ago in reply to Russell Harris

Hi,

do you experience this issue in V17.0 MR5?

We fixed an issue with the proxy and "big" range header files.

Cheers
Cancel
Vote Up 0 Vote Down

Cancel
0 Nonamegame over 7 years ago in reply to LuCar Toni

Its much less. Most streaming services work fine now but fast forwarding is still an issue. It takes time to buffer. I am more and more convinced this is a bufferboat issue. Just not sure how to solve it. I hope Sophos community members that have resolved the bufferbloat issues are able to draft a simple guide.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Nonamegame over 7 years ago in reply to LuCar Toni

Its much less. Most streaming services work fine now but fast forwarding is still an issue. It takes time to buffer. I am more and more convinced this is a bufferboat issue. Just not sure how to solve it. I hope Sophos community members that have resolved the bufferbloat issues are able to draft a simple guide.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 LuCar Toni over 7 years ago in reply to Nonamegame

Hi,

can you explain in a few sentences, how to reproduce it?

Another point: Best case in such an scenario: Build new policy on top : Testclient with any services to WAN. Disable all the security features like Proxy, IPS, AppCtlr etc. and test it again. Afterwards enable in this test policy the features and try it.

If you are able to get closer to the affected module, we can try to find a solution.

This is how i troubleshoot my appliances.

Cheers.
Cancel
Vote Up 0 Vote Down

Cancel
0 CMR over 7 years ago in reply to LuCar Toni

Do you have udp 443 enabled or only tcp?

Google seems to more and more be preferring udp these days, it is about 20% of our Google traffic now.

Cheers,

Charles
Cancel
Vote Up 0 Vote Down

Cancel
0 Michael Dunn over 7 years ago in reply to CMR

Google using UDP is the QUIC protocol, and anything using it is not scanned by the proxy.

In 17.1 there will be checkbox to easily disable/block QUIC so that it falls back to normal traffic.
Cancel
Vote Up 0 Vote Down

Cancel