Hi all,
I’ve been troubleshooting slow website loading in Chromium-based browsers and traced the issue to how my MikroTik RB5009 router handles DNS over TCP.
When Chrome falls back to TCP for DNS queries on port 53 (due to low entropy conditions - see DnsTransaction.UDP.LowEntropyReason in chrome://histograms), the router appears to mishandle multiple concurrent TCP connections.
I found a relevant discussion on this behavior between Chrome and Windows 11 here: https://lists.dns-oarc.net/pipermail/dns-operations/2023-March/021979.html
Using chrome://net-export, I observed that Chrome opens three separate TCP connections to the router (typically for A, AAAA, and HTTPS records).
However, only one of these receives a response; the others time out, causing noticeable delays in site loading.
I can reproduce this behavior by visiting a website with a high amount of dns requests like: https://www.dnscheck.tools
In the router logs, I also see messages like:
possible SYN flooding on tcp port 53
I’ve already increased max-concurrent-tcp-sessions under IP > DNS as per MikroTik documentation:
https://help.mikrotik.com/docs/spaces/ROS/pages/37748767/DNS#DNS-DNSconfiguration
I’m running RouterOS 7.19.1.
Notably, this issue doesn’t occur when using other resolvers (like Cloudflare or Windows AD DNS).
Also Chrome using UDP works fine with the RB5009 - the problem is specifically with Chrome using TCP for DNS and this router.
Has anyone else seen similar behavior or found a workaround?
