The forum is really laggy recently.
15 Sep 2025 20:06 #335041
by Hakan
Replied by Hakan on topic The forum is really laggy recently.
From here it sure doesn't look like a DNS issue.
It looks like a TLS handshake issue. As I mentioned earlier when comparing times to download the logo with and without http/https:
Here is a screendump of wireshark. The delay happens after the client (my Firefox) sends TLS Client hello. It takes sometimes a long time to get back a Server TLS hello up to a very very long time and even timeout. Right there. This time it took 17 seconds.
So the client has long ago gotten an IP address, any DNS queries was a long time ago. It's not DNS.
Even if I use the IP-address itself I get the same response. Later on firefox start to complain about certificate, but that's another story.
The network traffic and network delays are exactly the same with and without FQDN. So it's not DNS.
It must be that the traffic goes via cloudflare to the webserver instead of directly to the forum web server.
That was a surprise and rendered a bit of googling. QUIC protocol instead of TCP.
Of course, with so different network transport, no wonder one is faster than the other.
But why is the original TCP traffic so slow. Especially the TLS handshake?
It looks like a TLS handshake issue. As I mentioned earlier when comparing times to download the logo with and without http/https:
Here is a screendump of wireshark. The delay happens after the client (my Firefox) sends TLS Client hello. It takes sometimes a long time to get back a Server TLS hello up to a very very long time and even timeout. Right there. This time it took 17 seconds.
So the client has long ago gotten an IP address, any DNS queries was a long time ago. It's not DNS.
Even if I use the IP-address itself I get the same response. Later on firefox start to complain about certificate, but that's another story.
The network traffic and network delays are exactly the same with and without FQDN. So it's not DNS.
It must be that the traffic goes via cloudflare to the webserver instead of directly to the forum web server.
That was a surprise and rendered a bit of googling. QUIC protocol instead of TCP.
Of course, with so different network transport, no wonder one is faster than the other.
But why is the original TCP traffic so slow. Especially the TLS handshake?
Attachments:
Please Log in or Create an account to join the conversation.
16 Sep 2025 02:32 #335051
by tommylight
Go back and read, i never said it is CAUSED by ROOT servers nor their DNS, so WTH ???
And for future reference, if CloudFlare can find our server, but we can not, it is a DNS issue, but this time definitely not the main issue.
-
Hakan, thank you for trying to pinpoint the exact issue, TLS handshake should be done in milliseconds, not take 17 or more seconds.
Besides misconfiguration, overload, or most probably to old and to dead servers, there is no other reason for such a delay.
See the traceroute, there are several non responsive hosts there near the end and all inside their infrastructure.
Replied by tommylight on topic The forum is really laggy recently.
Rob, stop beating a dead horse, the picture above should have been more than enough to figure out what is going on.Yeah, apparently i forgot this:
Go back and read, i never said it is CAUSED by ROOT servers nor their DNS, so WTH ???
And for future reference, if CloudFlare can find our server, but we can not, it is a DNS issue, but this time definitely not the main issue.
-
Hakan, thank you for trying to pinpoint the exact issue, TLS handshake should be done in milliseconds, not take 17 or more seconds.
Besides misconfiguration, overload, or most probably to old and to dead servers, there is no other reason for such a delay.
See the traceroute, there are several non responsive hosts there near the end and all inside their infrastructure.
Please Log in or Create an account to join the conversation.
Time to create page: 0.404 seconds