simoncoles.org

Long Web Page Load Times on a Unifi Dream Machine Pro Network

in Networking, Troubleshooting, Unifi

I’ve been experiencing frustratingly slow web page load times on my home network recently, and after some investigation, I’ve traced the issue back to my Unifi Dream Machine Pro (UDM Pro).

Specifically some (not all) web pages take around 55 seconds to load. Really infuriating. Happens in for all devices on the network, but not all web sites.

The Problem

After hoping the problem would go away, it finally happened predictably when I was at my Mac. Developer Tools to the rescue!

The issue is that to prevent tracking, something in the UDM is setting well known trackers to have an address of 0.0.0.0.

➜  ~ host www.googletagmanager.com
www.googletagmanager.com has address 0.0.0.0
www.googletagmanager.com has IPv6 address 100::1
➜  ~ host cdn.amplitude.com
cdn.amplitude.com has address 0.0.0.0
cdn.amplitude.com has IPv6 address 100::1
➜  ~ host hexagon-analytics.com
hexagon-analytics.com has address 0.0.0.0
hexagon-analytics.com has IPv6 address 100::1

I think the idea is that this is an illegal address and browsers won’t attempt to route to it. Unfortunately that either never worked or stopped working, and now the browser is trying to get those assets and will try for 53 seconds before giving up. This is preventing the page from painting until the file has failed to be read.

The Solution

The solution for me was to create a network policy to cause the connection to 0.0.0.0 or 100::1 to be refused rather than just blocked. Because the browser gets a refusal rather than no answer, it continues with the page.

At the time of writing the screen you want is here https://192.168.1.254/network/default/settings/routing/firewall-zones (replace with your UDM’s IP address).

Click “Create Policy” and choose:

  • Name: “Block 0.0.0.0” or whatever you want
  • Source Zone: Internal, any and any.
  • Action: Reject
  • Destination Zone: External
  • Choose Specfic, and I selected “Add Multiple” to add both 0.0.0.0 and 100::1

Clock “Add Policy” and you’re all done.

Here’s a screen shot of mine:

Screenshot of UDM Pro firewall policy configuration