https载入时间极长

GoogleCodeExporter commented 8 years ago

具体例子如paypal ，nicovideo 
这些网站的登陆是https，用autoddvpn的环境下载入极慢，必须取
消vpn，重启路由。

但Gmail和Google其它服务没有这种问题

有没有同样症状的？

Original issue reported on code.google.com by jno...@gmail.com on 7 Nov 2010 at 3:18

GoogleCodeExporter commented 8 years ago

DDWRT不開VPN 直接電腦VPN撥號，全部traffic走VPN這樣也會嗎？

Original comment by pahud...@gmail.com on 7 Nov 2010 at 1:12

GoogleCodeExporter commented 8 years ago

nope 
试验地址 http://im.live.cn/invite/IndexTcent.aspx
autoddvpn，点“登陆”，载入很长时间，无响应
vpn，点“登陆”，载入成功

Original comment by jno...@gmail.com on 8 Nov 2010 at 3:39

GoogleCodeExporter commented 8 years ago

看safari的活动页面，出现问题的页面都是css、js载入时间长，
这些页面的css 
js用http访问很快，但是整个页面是https的情况下，css 
js也成了https开头的，访问就很慢很慢

Original comment by jno...@gmail.com on 18 Nov 2010 at 3:10

GoogleCodeExporter commented 8 years ago

你可以提供這個css or js完整地址嗎？我這邊用curl試試看。

Original comment by pahud...@gmail.com on 18 Nov 2010 at 4:19

GoogleCodeExporter commented 8 years ago

facebook->右上角“帐号”－>“帐号编辑” 
详见附件

Original comment by jno...@gmail.com on 19 Nov 2010 at 12:25

Attachments:

[屏幕快照 2010-11-19 上午08.23.12.png](https://storage.googleapis.com/google-code-attachments/autoddvpn/issue-33/comment-5/屏幕快照 2010-11-19 上午08.23.12.png)

GoogleCodeExporter commented 8 years ago

我測試這個網址：https://s-static.ak.facebook.com/rsrc.php/z2/p/r/JdxYqDP
si1S.js

macbook-2:~ macbook$  time curl -I -v 
https://s-static.ak.facebook.com/rsrc.php/z2/p/r/JdxYqDPsi1S.js
* About to connect() to s-static.ak.facebook.com port 443 (#0)
*   Trying 125.56.146.110... connected
* Connected to s-static.ak.facebook.com (125.56.146.110) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
*    subject: C=US; L=Palo Alto; O=s-static.ak.facebook.com; 
OU=s-static.ak.facebook.com; ST=California; CN=s-static.ak.facebook.com
*    start date: 2010-09-10 19:59:52 GMT
*    expire date: 2011-09-10 19:59:52 GMT
*    common name: s-static.ak.facebook.com (matched)
*    issuer: C=US; O=Akamai Technologies Inc; CN=Akamai Subordinate CA 3
*    SSL certificate verify ok.
> HEAD /rsrc.php/z2/p/r/JdxYqDPsi1S.js HTTP/1.1
> User-Agent: curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 
OpenSSL/0.9.8l zlib/1.2.3
> Host: s-static.ak.facebook.com
> Accept: */*
> 
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Content-Type: application/x-javascript; charset=utf-8
Content-Type: application/x-javascript; charset=utf-8
< Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
< Pragma: 
Pragma: 
< X-Cnection: close
X-Cnection: close
< Cache-Control: public, max-age=30758968
Cache-Control: public, max-age=30758968
< Expires: Thu, 10 Nov 2011 01:42:35 GMT
Expires: Thu, 10 Nov 2011 01:42:35 GMT
< Date: Fri, 19 Nov 2010 01:33:07 GMT
Date: Fri, 19 Nov 2010 01:33:07 GMT
< Connection: keep-alive
Connection: keep-alive

< 
* Connection #0 to host s-static.ak.facebook.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

real    0m0.745s
user    0m0.006s
sys 0m0.007s

大約0.7秒返回，不過這是autoddvpn + openvpn/graceMode

如果是PPTP模式的話：

macbook-2:~ macbook$ time curl -I -v 
https://s-static.ak.facebook.com/rsrc.php/z2/p/r/JdxYqDPsi1S.js
* About to connect() to s-static.ak.facebook.com port 443 (#0)
*   Trying 96.17.114.110... connected
* Connected to s-static.ak.facebook.com (96.17.114.110) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
*    subject: C=US; L=Palo Alto; O=s-static.ak.facebook.com; 
OU=s-static.ak.facebook.com; ST=California; CN=s-static.ak.facebook.com
*    start date: 2010-09-10 19:59:52 GMT
*    expire date: 2011-09-10 19:59:52 GMT
*    common name: s-static.ak.facebook.com (matched)
*    issuer: C=US; O=Akamai Technologies Inc; CN=Akamai Subordinate CA 3
*    SSL certificate verify ok.
> HEAD /rsrc.php/z2/p/r/JdxYqDPsi1S.js HTTP/1.1
> User-Agent: curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 
OpenSSL/0.9.8l zlib/1.2.3
> Host: s-static.ak.facebook.com
> Accept: */*
> 
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Content-Type: application/x-javascript; charset=utf-8
Content-Type: application/x-javascript; charset=utf-8
< Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
< Pragma: 
Pragma: 
< X-Cnection: close
X-Cnection: close
< Cache-Control: public, max-age=30744964
Cache-Control: public, max-age=30744964
< Expires: Wed, 09 Nov 2011 21:44:47 GMT
Expires: Wed, 09 Nov 2011 21:44:47 GMT
< Date: Fri, 19 Nov 2010 01:28:43 GMT
Date: Fri, 19 Nov 2010 01:28:43 GMT
< Connection: keep-alive
Connection: keep-alive

< 
* Connection #0 to host s-static.ak.facebook.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

real    0m1.435s
user    0m0.006s
sys 0m0.007s

大約1.4秒

你可以也試試看在mac下用這個指令把輸出貼上來嗎？

 time curl -I -v https://s-static.ak.facebook.com/rsrc.php/z2/p/r/JdxYqDPsi1S.js

Original comment by pahud...@gmail.com on 19 Nov 2010 at 1:34

GoogleCodeExporter commented 8 years ago

johndemacbook-pro:~ jnozsc$  time curl -I -v 
https://s-static.ak.facebook.com/rsrc.php/z2/p/r/JdxYqDPsi1S.js
* About to connect() to s-static.ak.facebook.com port 443 (#0)
*   Trying 96.17.114.110... connected
* Connected to s-static.ak.facebook.com (96.17.114.110) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):

然后。。。然后没有了，卡住不动了。。。。
但是我能打开facebook。。。

Original comment by jno...@gmail.com on 19 Nov 2010 at 1:41

GoogleCodeExporter commented 8 years ago

OK 你traceroute 96.17.114.110一下看看是否走了VPN GW IP？

Original comment by pahud...@gmail.com on 19 Nov 2010 at 1:44

GoogleCodeExporter commented 8 years ago

目前我推測可能是DDWRT裡面的PPTP模式如果SSL in 
PPTP的話會有問題，但我這邊沒有出現這個現象，也許是某些�
��體版本搭配某些硬件才會有的情況。

你可以試著清空rc_startup, 
讓DDWRT開機之後不做路由調整，僅播上PPTP，然後你手動把defau
lt GW設置到PPTP GW去，也就是全流量都走PPTP, 再繼續curl -v -I 
看看是否同樣情況，如果是的話就很可能是DDWRT的問題了，因
為你mac直接pptp撥號沒有這個問題對吧。

我建議你試試看openvpn的模式，或者換一台DDWRT看看，也許硬��
�規格比較好的試試。這樣交叉測試可以找到問題的可能。

Original comment by pahud...@gmail.com on 19 Nov 2010 at 1:49

GoogleCodeExporter commented 8 years ago

手動設置全流量走PPTP GW需要一些技巧，比較安全的方式是：

route add -host <你的VPN public IP> gw <你的WAN GW>
route del default gw <你的WAN GW>
route add default gw <你的VPN GW>

好了之後再traceroute指令確定是否到所有IP都走VPN了。

Original comment by pahud...@gmail.com on 19 Nov 2010 at 1:51

GoogleCodeExporter commented 8 years ago

因为设定比较麻烦，一直没有试验
今天刷了 SVN revision 15940，发现已经没有这个问题了。
正如之前所考虑的，应该是一个dd 
wrt本身的bug，现在估计已经修正了。
这个issue可以close了

Original comment by jno...@gmail.com on 19 Dec 2010 at 3:33

GoogleCodeExporter commented 8 years ago

Original comment by pahud...@gmail.com on 19 Dec 2010 at 1:02

Changed state: Invalid

zephyrer / autoddvpn

https载入时间极长 #33