Hi, I’m back with probably weird problems nobody else has. I have noticed that at random times and with random IP/domains I have random latency, sometimes multiple seconds long. Of course I did initially suspect DNS but my DNS latency looks fine, at least server side:
(If that happens to the device it’s not just happening once, but it’s like for every single site and for quite some time, the browser seems to connect to the site and then stop, it’s sadly mostly on mobile devices so hard to see more than the loading bar, expecially in the instant it happens)
It seems to stem from building up the TCP connection and even package loss some times I think.
My network is basically:
Netgear GS305E
One unknown (but “premium” back then) unmanaged switch that has worked for like 10 years with no problem
Unifi APs
A FritzBox router
A CoreDNS/PiHole/cloudflared DNS service
Are there like any tools to actually like see where the latency comes from? That can like run in the background for a while or so?
It just normally is, I have fiber, the latency is good and then suddenly on one device sites load like 5 - 10s or sometimes even fail to load at all. Like it not just some sites take longer or so, there definitely seems to be a networking issue there, especially since it only happens on those select devices (all android interestingly, when I think about it). It it also hasn’t been there for years but suddenly it started to happen a few weeks ago. It’s definitely an anomaly and not the internet being the internet. By 5-10s also don’t mean until the site is fully leaded, but just until the initial request is even done. It would be fine if it’s just a bad site, but there seems to be some wrong on TCP or lower.
It fells like packets go missing or so and get retransmitted and missing again or so, but that’s just a guess, since I have no idea how to measure what’s actually happening.
Since you’re using android devices, they’re probably connected via wifi… start analyzing your wifi status.
The first is to start with a simple ping, send 5000 packets from the device to the lan machine which is connected with a cable and then the other way around. Watch the times and if it loses packets.
I know cases on 5G where the response time fluctuated and every second / third packet had delays of up to 2000-3000ms.
Check the signal strength, change the channel, do a traffic analysis if nothing extra is sent from your mobile device.
Install a firewall on the device and block traffic and look at the logs of what is trying to access the network.
WiFi status is fine, at least according to unifi, which already tracks latency and connectivity. 5G coverage is really well and I’m not in the city, so there’s basically nothing on the 5G channel. With the FritzBox there was also a second WiFi interface that so it’s not specific to unifi, but eben now that I’m running all unifi it’s still happening. Channel analysis is also regularly done by the unifi APs, so that should be a problem, they report low interference.
Interestingly enough my own android phone is just fine (the affected devices aren’t mine, which makes it a lot harder). I can try some sort of firewall / analyzer app, any recommendations? I can see any one app to generate traffic that causes it (especially since all of these devices are from different manufacturers), but maybe that’s something that can help. Will also try to just ping them for s bit and see if something drop. Although it’s intermittent so it’s definitely going to be hard to reproduce…
Wireshark has filters/analyzers that can measure and show TCP ack latency.
You could run t-shark on the router and dump stuff into a log for later analysis… which would allow you to see whether e.g. 1 wifi host is affected and others not, or if one internet host/network is having hiccups at the same time while others are fine, or if all wifi hosts are having hiccups at the same time.
You could also in parallel run mtr on one of your hosts, and dump output into a file (same principle - it’ll help differential analysis).
That’s correct it’s too few that I think it’s the issue, but I’ll investigate, I think I can get request logging out of core DNS. Maybe I’m just too dump to read charts or so.
you can use tracert to see where the high ping is on your connection.
if its a remote host then its a case of it is what it is. and the delays are likely down to there servers not your pc.
that being said run tracert on your network. the numbers you get back should be in the region of 64ms for linux and 128 for windows devices.
also a managed switch will allow you to segment your traffic.
It happens mostly with remote servers, but that is because the people using the affected devices only use them with a browser pretty much. But: in that timeframe, basically all pages have the same issues and it fine on other, generally unaffected devices.
As for the switch, the one where basically everything is connected is unmanaged, so that makes it kinda hard to setup a mirror port…
We do have an older fridgey but it’s happening all over the house, not just where the fridge is located (and it’s a German house, so all the walls are hardened concrete and do probably block something like that after like 2 walls)
