I am facing a persistent and highly complex technical issue with my Culver menu website that appears to be directly related to my network setup using MikroTik RouterOS. The website is designed to serve a full Culver-style menu with multiple categories, images, dynamic pricing, and API-driven content updates. While the site itself is stable at the application level, users intermittently report that the website loads partially, extremely slowly, or not at all depending on network conditions. What makes this problem particularly confusing is that the issue does not seem to be consistent across all users or devices, which strongly suggests a routing, DNS, or firewall-related problem within my MikroTik configuration rather than a pure web development issue.
One of the most noticeable symptoms is inconsistent DNS resolution and delayed initial connections. In some cases, users accessing the Culver menu website experience long delays before the page begins loading, while others receive timeout errors or partial page renders where CSS, images, or JavaScript fail to load. From packet captures and RouterOS logs, it appears that some DNS queries or TCP connections are either being delayed, cached incorrectly, or dropped entirely. This results in situations where the HTML loads but external assets do not, making the menu unusable. Changing DNS servers temporarily improves behavior, but the issue eventually returns.
Another major issue involves NAT, firewall rules, and connection tracking. The Culver menu website is hosted behind a MikroTik router that handles NAT, port forwarding, and firewall filtering. I suspect that aggressive connection tracking limits, fasttrack rules, or timeout values may be interfering with long-lived or concurrent HTTP/HTTPS connections required by the website. The menu loads multiple assets simultaneously, and under moderate traffic, some connections appear to be reset or silently dropped. Disabling fasttrack improves reliability but negatively impacts overall router performance, which suggests an interaction between fasttrack, firewall rules, and web traffic patterns.
From a routing perspective, I am also questioning whether policy routing, load balancing, or multiple WAN links are contributing to the problem. The MikroTik router is configured with failover and load balancing to ensure high availability, but it is possible that certain connections related to the Culver menu website are being routed asymmetrically. This could explain why SSL handshakes sometimes fail or why users experience inconsistent behavior depending on which WAN link their traffic is routed through. Logs show that some connections switch paths mid-session, which may be problematic for HTTPS traffic.
Additionally, I am concerned about RouterOS features such as Web Proxy, DNS cache, and connection limits affecting content delivery. Although the web proxy is disabled, DNS caching is enabled, and I am unsure whether TTL handling or cache poisoning protection could be serving stale or incorrect records. The website relies on CDN-hosted assets and third-party APIs, and if RouterOS is caching or filtering these requests incorrectly, it could explain why certain menu elements fail to load while others work normally.
I am reaching out to the MikroTik community to see if anyone has encountered similar issues where RouterOS configurations negatively impacted dynamic, asset-heavy websites. Any advice on best practices for firewall rules, fasttrack usage, connection tracking tuning, DNS configuration, or routing stability would be greatly appreciated. I am especially interested in recommendations for optimizing RouterOS to reliably serve a dynamic Culver menu website without sacrificing performance, security, or network resilience. I am not a technical person please assist.