a client of mine purchased a CCR1009-7G-1C-1S+ (Mikrotik Core router)
Now currently there is a fiber connection with the ISP router setup in bridge mode right in fornt of the client’s Mikrotik router.
The ISP router connection is connected to the Lan port 1 of the unit and is operating as the wan port.
Everything appears to be working as intended. However only Facebook has an issue where it isn’t loading images or videos.
I should mention everything was working correctly beforehand (on the previous ISP’s connection), but the client switched from a PPPoE internet connection recently to the new fiber connection.
Once they switched to the new ISP, I disabled the PPPoE connection and directly placed static IP’s provided by ISP into the mikrotik router for internet connection.
At first I thought maybe there is possibly some firewall rule causing havoc.
Saved the settings to a backup file, reset the entire router, insert static IP from ISP into the router to get the internet working.
Immediately with no firewall rules in place I am already receiving the same issue.
we have taken the ISP router out of bridge mode, bypassed the Mikrotik unit and plugged it directly into the client network, Facebook then works perfectly.
But we require the Mikrotik unit for a site-to-site vpn as well as mac users are using L2tp/ipsec VPN’s to connect remotely for work.
I have tried replacing the default DNS addresses from the ISP with ones from google and openDNS.
I’ve read online that it could be the MTU’s for the network ports. I’ve changed those and it made no difference.
I’ve also read on another forum topic post that too many device in a chain doing natting can cause this issue.
I’m basically stuck right now. I’ve spoken to people on the Discord Forum group MikrotikZA. They recommend I remove the ISP router completely and plug the fiber directly into the Mikrotik.
The mikrotik software package is on the latest stable version.
DHCP and DNS services were hosted by one of the clients servers. I disabled those services temporarily and enabled them on the mikrotik and it made no difference.
I am running quite a few clients using fiber via Mikrotik routers (Normally Hap lites or Hex S, including my own premises).
This is the first case where I run into this issue.
I’d just like to know if anyone has any other advice or tips on things I could check.
wanna do an export for us buddy and post it on here after you remove the sensitive info?
Now what you are initially talking about does sound like it could be MTU but I wouldn’t recommend just changing things willy nilly, from one of the host devices (gonna presume its windows) I would suggest opening a command prompt and running a ping to the net, what you want to add to this ping is a -f for do not fragment and a -l followed by the size of the packet you would liek to test i.e
ping 1.1.1.1 -f -l 1500
So if the packet is to big you will get an error of packet needs to be fragmented, I usually start at 1500 on the high end and something dumb like 1000 on the low end then just rule of halves it until I find the right number.
Once you have the number of the MTU you need we will 100% need your configuration to see where we need to apply this I.e if there is a vpn server they are using we would have to do it on the server, if you have a ppoe client we would need to edit that, if the limitation is on the isp side and not your then a mangle rule to clamp pmtu might be needed etc.
There is nothing on any MT device that is going to just block facebook traffic… although blocking all social media would be the most progressive feature/functionality of any router to date…
Even attempting to set this up on the router by layer 7 configuration is hard to do and it sounds like you just have a new router with default settings.
So it sounds more ISP related than router related.
This is an issue with Firefox and Facebook which is present now for almost 2 months. I can confirm it happens only on Facebook and only when using Firefox. It never happens with Edge or Chrome. I had to combine Firefox and Edge just to avoid this from happening. Why didn’t Firefox developers already solve this problem?..
Sorry for taking so long to finally come back to you on this. I’ve been extremely busy.
Even though the client had the router in their possession for like 6 months, they asked the supplier if they could return the router and they obliged.
I did ask them if I could take the router to my premises to see if I can replicate the problem and see if I could find a solution to the issue.
I mean, if this happened at one client, it could possibly happen again in the future elsewhere.
But the client did not bother even contacting me and informing me that they returned the router.
Eventually when my jobs settled and I had time I contacted them and they informed me they returned the router.
So yeah… Never found time to try any of the solutions suggested.
Thank you everyone for the effort, If I ever run into this issue again in the future I know where to look.
