Community discussions

MikroTik App
 
saahil
just joined
Topic Author
Posts: 17
Joined: Sun Mar 05, 2017 12:15 am

CGNAT - Some sites not loading

Sat Aug 13, 2022 12:05 am

We are testing CGNAT on our network with a few users and mostly everything is working fine, only a handful sites which are not loading but they work fine if we do not use the CGNAT connection.

We've tested this url to generate the NAT rules https://cgnat.remontti.com.br/
Where by initial private IP is 100.64.0.0 and our public range x.x.x.0/24 and 4000 ports per IP.

Customers are created on radius server with static IP from the CGNAT range 100.64.0.10 [example].

Once customer is dialled in, when we try "what is my public IP" it also shows the right public IP x.x.x.10

On the PPP profile we applied TCP/MSS = yes, ppp server max mtu and max mru = 1500

Then IP-Addresses = we created all the x.x.x.1/32 to x.x.x.254/32 on the wan interface

All banking, ssl sites everything works. This one site we tested does not work is https://astro4edu.org/

Have tried changing dns, manually changing mtu on client side but nothing is working.

Any suggestions or assistance will highly be appreciated
 
metrotyranno
just joined
Posts: 14
Joined: Fri Mar 24, 2017 12:21 pm

Re: CGNAT - Some sites not loading

Sun Aug 14, 2022 2:53 am

Hi,

Out of experience, not being able to open some websites, whilst others work fine is generally MTU related. Keep in mind that whilst PPP is able to operate at an mtu of 1500, it still has 8 bytes of overhead. The path from the PPP concentrator to the end user would need to support an MTU of 1508.

Have you tried setting the max MTU to 1480 on the PPP server and see if this resolves the issue?

Who is online

Users browsing this forum: No registered users and 17 guests