Internet slowness Issue

🆕 Connectors Client Connector
,
#1

Hi experts, Need your assistance on the Internet slowness issue.

GRE+PAC Files used along with ZAPP- Packet Filter based (1.0)
Speed have dropped from 200Mbps to 2Mbps on ISP2. Download is slow, upload speed is OK
When the traffic is sent to Zscaler directly via WAN link (instead of GRE), still the speed is slow. Again, Download is slow, upload speed is OK
But when connected directly via Internet router to force the traffic via WAN link, the speed is good
Checked via different ISP (ISP1) and it works perfect via GRE itself.
When running Pcaps on the user’s PC, getting ‘TCP Window Segment’ followed by the TCP Window update. If PC is the problematic one in handling the traffic, the same PC is working fine when testing via ISP1 (It’s been tested with the same PC in wired network on same NIC)
Also, observed ‘new fragment overlaps old data’ retransmission from Zscaler IP towards the client.
Ran MTR by ZTAC and no latency is observed on the transit path from the WAN to Zscaler.
Not sure where is the problem or wat should be looked into.

Please note, it’s just the routers that is differentiating the traffic to Zscaler via different ISPs. The core switches, firewalls in the transit path remains the same in both the cases.

Please help. Thank you

#2

Just a guess - have you checked maximum MTU size ? MTU size can be configured in the ZCC app profile (forwarding profile). I would try setting something like 1300 and retest speed.

Regards Thomas

#3

We were used MTU 1370, worked well in different network infrastructures.

#4

Hi Thomas
Thanks for the reply. I’ve tested this behaviour without ZAPP (ie only with PAC file) and still the issue persists.
By the way, can you let me know where is the option of configuring MTU in Forwarding profile as I’m unable to locate it?

#5

It’s in the Advanced section which you have to expand to see it.

image
image528×669 42.8 KB

#6

Hi Gordon
As mentioned earlier, I’m using Tunnel V1.0 and I guess this wouldn’t be applicable.
The MTU is using 1436 when traversing via GRE tunnel.
Also, this has been tested with only PAC file via WAN link (without GRE) and still the issue persists. Direct traffic to the Internet works fine and if the destination is Zscaler, slowness is noticed.
any thoughts?

#7

You can do it at the OS level as well:

netsh interface ipv4 show subinterface
netsh interface ipv4 set subinterface “Wi-Fi” mtu=1370 store=persistent