http performance through our router is slow and unusable.
smtp, ftp,dns and all other protocols seem fine.
Some pages never return and the ten minutes later you may get half the page poorley formatted. The only thing I can think is that some of the http packets are being dropped somewhere along the line, but the fact that all other protocol seem fine, it must be http specific.
I'm going to swap out the firewall with a PC later just to confirm, but I am sure that it will not make any difference.
I have spoke to support and they have never heard of this before. Anybody got any idea's?
After checking the logs again I noticed lots of traffic with source port 80 hitting the firewall and getting dropped. (I have seen this before from the provider)
The source address of these packets were registered to plusnut and I remembered how I fixed it before (this is the strange bit)
I allowed (briefly) all tcp source port 80 dest any to our firewall and then tested web browsing. After seeing no drops I disabled the rule and everything works again.
If anyone senior (CCIE Level) reads this mail could they please give me an explanation why there seems to be some sort of NAT going on with our Web traffic. Some devices in your network seem to be hijacking our packets for some reason.