As I have experienced ,Most of the PPPoE users are facing the problem to open up some specific
websites when they are dialing the PPPoE from wireless modem/Wifi router. But when they are dialing from their PC directly then there is no problem with these kind of issues .
You may notice , The users will not be able to open up the certain banking websites and also some government websites as well .
Let me show you to find the problems easily and also you just have to play with the TCP Mss in your mikroitk NAS or Mikrotik Router .
lets start ...
The above report I have captured from my TCP Analyzer to verify that what exactly the problem is being happening .
Lets create the TCP Mss rules for that and will try once .
Rule-1
/ip firewall mangle
add action=change-mss chain=forward comment="Internet MSS Changing" disabled=\
no new-mss=1452 out-interface=Internet protocol=tcp tcp-flags=syn \
tcp-mss=1453-65535
add action=change-mss chain=forward disabled=no in-interface=\
Internet new-mss=1452 protocol=tcp tcp-flags=syn tcp-mss=\
1453-65535
websites when they are dialing the PPPoE from wireless modem/Wifi router. But when they are dialing from their PC directly then there is no problem with these kind of issues .
You may notice , The users will not be able to open up the certain banking websites and also some government websites as well .
Let me show you to find the problems easily and also you just have to play with the TCP Mss in your mikroitk NAS or Mikrotik Router .
lets start ...
| TCP options string = 02040564010303020402080a0048792c00000000 |
| MTU = 1420 MTU is not fully optimized for broadband. Consider increasing your MTU to 1500 for better throughput. If you are using a router, it could be limiting your MTU regardless of Registry settings. |
| MSS = 1380 MSS is not optimized for broadband. Consider increasing your MTU value. |
| Default TCP Receive Window (RWIN) = 16416 RWIN Scaling (RFC1323) = 2 bits (scale factor: 2^2=4) Unscaled TCP Receive Window = 4104 In Windows 7, unless "TCP/IP Auto-Tuning" is disabled, only the Current TCP Window is displayed. Use the latest TCP Optimizer for tweaking. You seem to be using Google Chrome. Note that Chrome can modify the TCP Window for sockets it creates under some OSes, and therefore servers may not get your OS-assigned RWIN value. FAQ RWIN is not multiple of MSS. If your OS supports setting RWIN directly, consider changing it to a multiple of MSS for optimum performance. Other RWIN values that might work well with your current MTU/MSS: 63480 (up to 2 Mbit lines, depending on latency. MSS * 46) 126960 (1-5 Mbit lines, depending on latency. MSS * 46 * 2) 253920 (2-14 Mbit lines, depending on latency. MSS * 46 * 2^2) 507840 (8-30 Mbit lines, depending on latency. MSS * 46 * 2^3) 1015680 (25-60 Mbit lines depending on latency. MSS * 46 * 2^4) |
| bandwidth * delay product (Note this is not a speed test): Your current TCP Window limits you to: 657 kbps (82 KBytes/s) @ 200ms latency Your current TCP Window limits you to: 263 kbps (33 KBytes/s) @ 500ms latency Consider increasing your RWIN value to optimize TCP/IP for broadband. |
| MTU Discovery (RFC1191) = ON |
| Time to live left = 113 hops TTL value is ok. |
| Timestamps (RFC1323) = ON Note: Timestamps add 12 bytes to the TCP header of each packet, reducing the space available for useful data. |
The above report I have captured from my TCP Analyzer to verify that what exactly the problem is being happening .
Lets create the TCP Mss rules for that and will try once .
Rule-1
/ip firewall mangle
add action=change-mss chain=forward comment="Internet MSS Changing" disabled=\
no new-mss=1452 out-interface=Internet protocol=tcp tcp-flags=syn \
tcp-mss=1453-65535
add action=change-mss chain=forward disabled=no in-interface=\
Internet new-mss=1452 protocol=tcp tcp-flags=syn tcp-mss=\
1453-65535
Rule-2
/ ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn tcp-mss=1361-65535 action=change-mss new-mss=1360 disabled=no
Note-Don't run and Don't try to this both rules at a time .
