HTTPS Slow, all known commands/patches have been applied without success :'(

Please follow the below template, it will help us to help you!

Expected Behaviour:

HTTPS blocked req are refused directly and my HTTPS website load

Actual Behaviour:

After try iptables rules... nothing fix the problem, it blocked directly http ads or bl site, for https its load 30 40 sec before say ERR_CONNECTION_REFUSED, its on: https://secure.quantserve.com/quant.js, doesnt work on few websites too (page not 100% charged but can be 100% charged on other client.. wtf?)

Debug Token:

7ri95ot2x6

Thanks!

What do these commands return?

sudo nmap --reason secure.quantserve.com -p443 -Pn
sudo nmap --reason secure.quantserve.com -p443 -sU -Pn

What about Use IPv6 ULA addresses for Pi-hole? This solved the HTTPS issues for me.

1 Like
Starting Nmap 7.01 ( https://nmap.org ) at 2018-04-08 17:29 CEST
Nmap scan report for secure.quantserve.com (192.168.1.30)
Host is up, received user-set (0.00016s latency).
Other addresses for secure.quantserve.com (not scanned): 2a01:e35:2e8d:24e0:40d4:e0a4:d943:7745
rDNS record for 192.168.1.30: orangepiplus
PORT    STATE  SERVICE REASON
443/tcp closed https   reset ttl 64
Nmap done: 1 IP address (1 host up) scanned in 1.50 seconds
Starting Nmap 7.01 ( https://nmap.org ) at 2018-04-08 17:31 CEST
Nmap scan report for secure.quantserve.com (192.168.1.30)
Host is up, received user-set (0.00019s latency).
Other addresses for secure.quantserve.com (not scanned): 2a01:e35:2e8d:24e0:40d4:e0a4:d943:7745
rDNS record for 192.168.1.30: orangepiplus
PORT    STATE  SERVICE REASON
443/udp closed https   port-unreach ttl 64
Nmap done: 1 IP address (1 host up) scanned in 1.52 seconds

ipv6 website on my orangepi dont work anymore.. I dont know why, my client have an ipv6 by the router with the dns by router too, on ipv6 test that work, but they dont reach the pihole with ipv6 adress, only ipv4. Look:

|2018-04-08 19:09:14|IPv6|android.googleapis.com|192.168.1.19|OK (forwarded)|INSECURE| Blacklist|
|---|---|---|---|---|---|---|
|2018-04-08 19:09:14|IPv4|android.googleapis.com|192.168.1.19|OK (cached)|INSECURE| Blacklist|
|2018-04-08 19:09:14|IPv6|ssl.google-analytics.com|192.168.1.19|Pi-holed|-| Whitelist|
|2018-04-08 19:09:14|IPv4|ssl.google-analytics.com|192.168.1.19|Pi-holed|-| Whitelist|
|2018-04-08 19:09:09|IPv6|s.youtube.com|192.168.1.19|Pi-holed|-| Whitelist|
|2018-04-08 19:09:09|IPv4|s.youtube.com|192.168.1.19|Pi-holed|-| Whitelist|
|2018-04-08 19:09:08|IPv4|www.google.com|192.168.1.19|OK (cached)|INSECURE| Blacklist|
|2018-04-08 19:09:07|IPv6|www.googleadservices.com|192.168.1.19|Pi-holed|-| Whitelist|
|2018-04-08 19:09:07|IPv4|www.googleadservices.com|192.168.1.19|Pi-holed|-| Whitelist|
|2018-04-08 19:09:07|IPv6|s.youtube.com|192.168.1.19|Pi-holed|-| Whitelist|

Before there was ipv6 client mixed with ipv4 but always with slow problem on different website.

In my router settings only have dns modification, dhcpv6 (disable) and 10 nexthope. not static ULA (fd) adress config or somethings

I have try to modify bunch of things on the orpi , interfaces file, etc... i dont understand :confused: On my other devices ipv6 worked just good and on the orange, one day no problem, one day ipv6 disappeared. :confused:

ifconfig (global ipv6 disappeared) :

eth0      Link encap:Ethernet  HWaddr e2:a6:3b:cd:02:fa  
          inet adr:192.168.1.30  Bcast:192.168.1.255  Masque:255.255.255.0
          adr inet6: fe80::e0a6:3bff:fecd:2fa/64 Scope:Lien
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Packets reçus:7556 erreurs:0 :0 overruns:0 frame:0
          TX packets:6513 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 lg file transmission:1000 
          Octets reçus:2530421 (2.5 MB) Octets transmis:2061264 (2.0 MB)
          Interruption:114

interfaces file

# armbian-config created
#source /etc/network/interfaces.d/*

# Local loopback
auto lo
iface lo inet loopback

# Interface eth0
allow-hotplug eth0
no-auto-down eth0
iface eth0 inet static
        address 192.168.0.30
        netmask 24
        gateway 192.168.1.254
        dns-nameservers 212.27.40.240 212.27.40.241

iface eth0 inet6 static
        address 2a01:e35:2e8d:24e0:40d4:e0a4:d943:7745
        netmask 128
        gateway fe80::e69e:12ff:fe81:9f45
        dns-nameservers 2a01:e00::1 2a01:e00::2

Thanks!

You're post was really hard to follow. Did you enable ULA in your router?

Sorry english hard for me thanks for edit :blush:

Dont have this sort of settings in my router see:

Technical details of my router: http://www.commentcamarche.com/faq/32638-freebox-revolution-fiches-technique

ISP: Free
Adressing : Proxad

If you disable IPV6 on your Pi-hole does the problem go away? This will rule out ULA as the problem.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.