Some websites load extremely slow

I've setup Pi Hole on a virtual server running Debian testing.

It works fine for most of the websites I visit, but some websites load extremely slow. Examples are heise.de, mobile.de, kicker.de, and telefon-treff.de. On other websites, the website loads, but parts of it are missing, like the pictures for the articles on golem.de apart from the five to six articles on top of the page.

It seems like part of the requests for these websites run into timeouts, leading to load times on the order of 30 to 60 seconds.

Other websites, like tagesschau.de work fine without any noticeable delays.

I've recorded a debug log and uploaded it under token h9hx823cgp.

Any help would be highly appreciated!

Problem solved! :smiley:

I've checked my firewall and found several connection attempts on port 443 that were dropped. By allowing HTTPS/port 443 for those clients allowed to use Pi Hole all the websites mentioned above load almost instantly.

I just don't understand the connection between the problem and traffic on port 443 as I thought Pi Hole would only need port 53/DNS to work properly (and the web interface on port 80).

Could somebody please explain that to me?

All ads will be redirected to the Pi-hole's IP address. If they are requested over HTTPS, then they try to get the ads via HTTPS (i.e. port 443) from the Pi-hole. If your firewall simply drops the packages, the browser doesn't get any reply and, hence, waits for a long time, maybe periodically repeating its request. If however, your firewall does not silently drop the packages, they will reach the Pi-hole device which will respond with: "Whoops, what you are looking for is not here." and the browser stops loading them, accordingly (and just leaves them out).

2 Likes

Understood, thanks for the explanation!

I still don't understand what to do yet.
I configured my router to redirect all port 80 and all port 443 traffic to the PI
Both IP4 and IP 6

The firewall on the PI rejects all incoming traffic at port 443

And many websites load very very slow. What am I doing wrong. Can someone please explain me step by step?

Do you have IPv6 support on your network + internet access? Try http://ipv6-test.com/

yes I have. Its al working fine with IPv6. Pi Hole is working, but some webpages like www.buienradar.nl load terribly slow.

That uses all https requests. Check out a blocked request via the dev tools (F12) Networking tab. Send a screenshot of one of the request's Timing section.

Example:

It starts loading after the first 47 seconds

That means that the port 443 on the Pi-hole is not rejecting traffic. It's actually dropping it, meaning that it doesn't tell the requester to stop waiting around for an answer. If you set it to reject traffic, then the browser will know to stop waiting for it.

I understand that I should do that with a firewall. Any suggestion of that's possible from the command line? I mean on the Pi Hole?

Use IPTables.
An example might be:

sudo iptables -A INPUT --dport 443 -j REJECT

It gives an error:

iptables v1.4.21: unknown option "--dport"

is a gui available?

There are some GUIs out there, but not an official one. The example also needed a protocol, which would make it:

sudo iptables -A INPUT -p tcp --dport 443 -j REJECT

Thank you. It is faster, but still much slower than without Pi Hole. The website now takes about 15-20 seconds to start to load. Some other sites still are slower.
Do you have any other suggestions?

That's the main fix I know of. There may be other things you can do to lower the time. I haven't looked into that part much.