Hub 4, firmware 01.04.092.07.16.EURO.PC20, in router mode. TLS handshakes are stalling for ~5s when the firewall is enabled - problem clears when firewall disabled. Have pinhole reset the hub multiple times. SamKnows RealSpeed is reporting expected speeds, and the power levels / error counters look fine in the hub stats.
Is there a newer firmware available for this hub that fixes the issue, or should I be requesting a new Hub 5? I'm on Gig1 HFC if that matters.
This is likely VM deep packet inspection for getting SNI from client hello problem likely does not happen in modem mode
Thanks. Agree that's a potential cause. Whilst I have another firewall (Opnsense) behind the hub, I'd rather not expose that directly to the Internet so prefer keeping routed mode on the hub.
I'd prefer the supplied equipment worked as expected. Do you know if a newer firmware or a Hub 5 would resolve? Curious to know why the hub would be inspecting traffic anyway.
Another firewall, does that mean you have double NAT ?
Yes, the config was double NATted. Not my preference, but I'd left the hub in routed mode for a few reasons:
More testing today - turning the firewall off on the hub doesn't always prevent the TLS establishment delay. So, I bit the bullet, fixed (3) today and put the Hub into modem mode. Time will tell how stable the DHCP is. Thanks for the advice both.
