So right now still tiada ahli2 yang berhormat got upgrade from 800mbps right?

I guess some ISP is special?
Unsure, can be their tech setup it wrongly?
Based on this thread, UniFi
https://forum.lowyat.net/topic/5073652/+100

I think If you feel slow down, then try disable IPv6 la, but the issues is mostly caused by the throttling of UniFi on SG, like the rerouting of HK to SG CloudFlare now....  
---
For your info, I performed testing on www.lazada.com.my with IPv4 and IPv6 of Google DNS and CloudFlare DNS.
Here is the result.

2606:4700:4700::1111, MY
2606:4700:4700::1001, MY
1.1.1.1, SG Akamai for IPv4/IPv6
1.0.0.1, SG Akamai for IPv4/IPv6

2001:4860:4860::8888, MY
2001:4860:4860::8844, MY
8.8.8.8, MY for both
8.8.4.4, MY for both

This is why I prefer Google DNS, lol.

For the extra, both IPv6 DNS got reaching issues for Public Bank's DNS server, lol.
https://www2.pbebank.com/

Yes, there is 10s timeout for public bank.(old is 30s)
This might be caused by the caching time TTL is 30s, but strange that if I check via Android network tools, it is fine....
---
More testing on PBe, it works well also on DNS over HTTPS, both IPv4/IPv6, so...
Seem like only happen on DNS over UDP for IPv6 la.

www.lowyat.net website take 2 second for  unfi to load when start.
Maxis load super fast. Please tell me why?

it might be load balancing mechanism using dns...if the application can handle it then what is the problem?

All are cat 6 cable connection.
lowyat take 2 seconds to load at the beginning only when using unfi.
It take maxis less then 1 sec to load. 

High end router Mikrotik RB5009

lowyat website respond faster when using maxis compared to unfi.
note that my maxis is using LTE.

Main reasons i downgrade from unfi 500mbps to maxis 300mbps paying the same price

164ms

what means by prefix? if they have 2 datacenter the slower server will be the one remotely accessing the shared database

You are saying me wrong, but supporting me with your proof lol.
And thanks for proofing me it is pbe's DNS server issues.
-----
Yes, it is TM issues to redirect customer wrongly to the server, or I should said, load-balancing or best-cost.

And nope, you are using wrong address.
I test on www.lazada.com.my la...

In browser, or any DNS eyes, lazada.com.my ≠ www.lazada.com.my, that's why you get your result wrong.
Same to lowyat.net ≠ forum.lowyat.net

Else, it is a big security that can harm for good, and yes I know a few gov website don't support jumping from lazada.com.my to www.lazada.com.my(as example), as browser just showing DNS not result error, lol.

So here u go~
Skip lowyat as same server, talk later.

PS: Somehow the A also need @, else it go to my router which is Google dns for A result, lol.
www.lazada.com.my:



And yes, during the testing, I found out IPv6 1.1.1.1 get return Malaysia Akamai, while IPv4 1.1.1.1 return SG Akamai.
But more strange, only dig still showing SG Akamai, the "Best Track" is returning MY Akamai already...

So yes, even using different query tools get different result, lol.

If I set my Secure DNS on my phone as one.one.one.one, the result is SG Akamai, same as dig.


Hei!
23.58.31.78???
lol, it is at India!!!

Much more fun to be play in the future!!!  
---
Back to lowyat.


http://[2606:4700:20::ac43:4a59]/cdn-cgi/trace


Other 681a also SG, IPv4 for HK yes.

So you ask me, why you said it is Johor?
Well, I locked it based on lowyat IPv6 address that provided 1 years ago.

Sorry, hide it as I still using it for JHB lol, later UniFi found out they forget this IPv6 address, it will get kicked to SG or HK lol.
http://[2606:4700:Hidden:Hidden]/cdn-cgi/trace


So after admin team look at it, found out the performance not good, then kicked it to new IP address?
This is a unknown answer for me...
----
For pbe, you half-half agreed with me, but using wrong address, still works la, lol.
I means the return result time, not the routing issues la...

As Dig failed to showing the slowness part, and also different AAAA + A result, which means DIG don't = real-world performance.

PS: I reopen browser for each test, else it is default to DNS cache lol.
With browser, it is following the result from Best Trace, slowing 10s.

But if you enabled DNS over HTTPS, result changed.



For interesting part?
Yes, it need a reopen of browser to trigger it, flush DNS or flush idle connection on Chrome don't happen.

Second Strange part?
on Chrome showing stall, not DNS.

It can be the DNSSEC issues, which I then perform testing, yes, it is.

https://dnssec-analyzer.verisignlabs.com/www2.pbebank.com

So the slowness is caused by not DNS, or DNS caching, but the pbe failed to host DNSKEY?

This, I need to use fiddler to capture Firefox, see did it query for DNSKEY, but I am hungry now, lol!!!
----
In the end, well, new stuff on the surface now.
1. DIG is not the real-world
2. Google DNS really can go crazy, giving India IPv4 as result, lol
3. Public bank lacking DNSKEY?

Now your turn, I wonder did DNS give different result based on requester's IP address.

For me, I am at Melaka, which is nearby SG, more easier to be taken as SG customer.

Later post the CF's IP address that is public for KUL lol.

Thanks for sharing me extra IP address, I get different CloudFlare Johor than yours, lol.
Also thanks not sharing the abuse IP address, as it is really abuse. :thumbsup:

I give up, I telling you 99% of times, google DNS give better result, which is Malaysia CDN, and yes, in case it is laggy because MY CDN(Any, Tencent or Akamai or Alibaba) back to SG/HK server caused by crappy TM backbone, then I will switch to one.one.one.one
1. I am not doing that, I just tell everyone, switch to DNS over HTTPS to solve this slowness issues.
Somehow browser need to obtain DNSKEY from the PBE website server, but DNS over HTTPS might already provide DNSKEY, so there is no 10s delay on opening PBE website for the first time.

5 years ago with that old Chrome it is much worse result, the DNSKEY don't cached and expired during browsing of PBE, I think Firefox and Chrome solved this issues, based on me need to relaunch browser to reproduce this issues.
Also yes, 5 years ago there is no DNS over HTTPS yet.

PS: Might not be the DNSKEY, but I lazy to discover, because the solution is switch to DNS over HTTPS.

2. I told them to use IPv6 instead of IPv4, all my result pointing to IPv6 provide better routing(cloudflare going to SG for lowyat)and better DNS result because the IPv6 is more precise on where are you(lazada going to MY or SG for any DNS).

I think you have been messed up with someone, I am fine with it lol.
Because I am same line with you, disable IPv6 and thinking it will solve everything?

Hei, how about Steam gamer?
Now Steam all using steamwork that depend on P2P!!!

IPv4 = Steam P2P Relays server
IPv6 = Steam Friend shared IPv6 and directly connected

Also CGNAT.

So, nope, I reject on disabling IPv6, because bad network is better than dead network.
It is just like telling everyone use 5GHz WiFi on IoT, but not thinking it is possible 100 meter passing multiple wall, which 2.4GHz perform better.
How about those get interference at 2.4GHz?
Go 5GHz with router put outdoor, problem solved!

Sadly, most people don't hand-craft like me, written the IP Address into host file as need, not saying Android phone need ROOT or VPN DNS apps to do that, and local VPN burn a lot battery life.
So yes, most of my method don't works well for regular user, which easy to be solved by burn money, going VPN, get new router and IoT supported 5GHz, lol.
Yup, like I said, I share it out, everyone did it, then the traffic to JHB too large, it will still get load-balanced to SG in the end, lol.

And same to the abuse, I think you might have idea about it now.
If, DIG works as real world, how did I get different result from ping???

The screenshot on phone just for simple record, the real world is, I use ping on my computer, the result is same as the screenshot.
I use browser on my PC, result same.

Only DIG is different.
See?

DIG is good, but not when server treat differently to tools and real-world application.
Then you will be like, DIG IS FINE, customer FAULT!!!

So is my fault that DIG get different result from PING that request over DNS UDP, or BEST TRACE, or DNS over HTTPS, or DNS over TLS???
DIG fighting 4 different method to obtain the AAAA and A result, only DIG came out wrong result.

Your conclusion, this guys is fault, DIG is the only ANSWER because it is It is real time. It is reliable. It is battle tested!!!
Your Bowser is doing it wrong, as it get the different result than DIG!!!

Just like Google did to other browser, not chromium based?
Ban this feature!!!

Then you gonna tell all of them, change to Chrome, your own fault using Firefox and Safari!!!
Why use Safari on iOS! go to Chrome!
The fault is at DNS side, because same time I run all 4 tools, only DIG get different result, even after ttl, and others 4 changed/updated the result, that's what I observer.

Hmm, thanks for new knowledge, yes, it is trouble for keeping low latency, but not target high bandwidth lol.
So yes, promise is done, 50ms, but crappy because throttling by TM.

Sound funny it is 50ms, but getting throttling to like 1-10 MBPS, and it is enough for CloudFlare, lol.
Fun fact, you know why Google did this?

During the switching on IPv4 to IPv6 few years ago, TM has silently enabled IPv6 support for Streamyx customer, then for the first month, no throttling from Streamyx to Google own server.
Then after they was like DUDE, no more high QoS for normal Streamyx customer!!!

The speed is getting throttling sharp, again(why again? they already throttling to Streamyx user on IPv4), 480 KBPS.
Only method, is just what I did now.
Enforcing Johor CloudFlare server, let the CloudFlare bring the data from SG Server to Johor Server, so I can enjoy my internet.
But I guess you need sharp answer, so here it is.
During that time, IPv6 99% of time it is providing Google server instead of TM peer server, which you can fell the slowdown on Google, 480 KBPS.

Solution?
Hope your IPv4 DNS give you IPv4 result that end up as TM peer server, else, feel the pain of 480 KBPS watching YouTube.(Yes, throttling because YouTube mostly, but it also hurt Google as there are same to TM ISP, lol)
For YouTube that is real pain, because Google choose which very_long_hostname_that_choose_which_IP_you_should_connected.video.youtube.com, so I had to face 3-5 times of wrong result(Google server), then hoping it finally give me TM peer server.

That, forced me to start writing own host files until now, including Bilibili which was using Sina and other server as their free video server hoster during that time, and now, still crappy at HK server back to China Mainland, lol.
Yes, as above, I will switch as I need, if slowness detected, then jump in between one.one.one.one and google dns la.
Easy.

India is not the problem, because it is still 50ms without random jumping to 200ms and feel the slowness and jitter.
It works fine! As long as no one notify the slowness!

The problem is too heavy throttling on TM side!!!

Wrong, you are not point the error on DNSKEY, which might be the possible, but pointing it is USER PROBLEM again.
You are looking me too down, I am not that stupid, if this is caused by extension, why all website is fine, except PBE?

Remember?
I am firefox user, I know the regular method.
1. Hold shift, safe mode
2. if safe mode fine, then extension error
3. If safe mode failed, then browser or website issues
4. 2=True? Time to perform half-half solution, disable half of your extension, until problem solved, then seek those small range extension.

Anyways, if it end out to be extension, it, will be interesting bug, lol.
----
Tested, nope, not extension, safe mode same issues.


Not a Public Bank customer, fine to me.
Let the Public Bank solve it, not me.

I am other bank's regular customer, lol.

But yes, I might try observe and learn how this happen, so to prevent it happen when I deploy my own la, lol.
Still

Conclusion, based on real world result, not DIG tools.

You don't try open Public Bank website on your own side, using Private/Incognito, first-time, uncached, with DNS UDP(not over HTTPS).
You don't try switching one.one.one.one which solved laggy issues during Guess It 2.0 Lazada live event, which solved laggy on livestream video.(by jumping to SG server instead of MY server)
you don't try switching to dot-jp.blahdns.com as private DNS on your Android, which enforce UC Webview engine to happy connect to far server that avoid laggy and deploy(yes, Taobao always forgot to deploy and causing event load failed issues on HK server, lol) issues on Taobao.
(And also using HK DNS server sometimes, or Ali DNS, because Ali DNS IPv4 on Malaysia, but IPv6 on China, lol.)

You, point it out, it is my fault, to doing all those step, to "workaround" TM bad routing issues, workaround Public Bank 10s timeout issues, workaround lazada SG and MY server issues, using host file to using Johor server for CloudFlare issues.

In the end, Yes, it is my fault la, lol.

I also don't, but my neighbor and my housemate are both using laptop to perform P2P transfer, suck out all the WiFi Channel for their 24/7 uploading, yuck....

Come on!!!
P2P please use it on cable la!!!
Fxxk you, no!
I tried, thanks!!!

You live in your own world la, no reply to you anymore, thanks, I hope you are happy living in your little world.

Hei, I done my part, it is 1%, happy?
Bye.

And for you, here is the gift.

https://zh.moegirl.org.cn/zh-hans/%E6%88%91...%89%9B%E8%82%89
https://www.bilibili.com/video/BV1vu4y1a72J/

蛮不讲理(Unreasonable), here is my tags for you.

Blaming others to win for your answer, saying your logic is better than my logic, lol!!!
----
It is just like, I drive 10 years old car, I do maintenance and checking car period, based on the car's manual.
Then, it crashed, the result is there is bug or stackoverflow happen on the car's break assistance Firmware, very hard to trigger, it taken a certain degree to press on the break on certain time, certain speed, certain force.

With a lot of effort, I finally found it out, proof it.
Then you are like: Hahahahaha, I told you it is your fault, you should not using this old and low end B40 car!!!
And drive your new car away, on the TM bad route.

Another nice troll by you, lol.

Are we at /k?
I am sure I am on "Networks and Broadband"

Here is your result, safe mode + profiling.


It did nothing, but showing it is DNS error, again, as F12 - networking.

Based on bugzilla, they mention their profiling tools are greatly limited, lol.
Anyways, I am here to learn based on Truth, not TROLL!!
Fuck off if you do nothing to this thread!!!

More here


https://developers.cloudflare.com/1.1.1.1/i...ns-error-codes/


https://developers.cloudflare.com/1.1.1.1/i...ns-error-codes/

Compare with others IPv4 only website, but supported AAAA.


And you still change topic to another side, ignoring other's website AAAA record are FINE.
Blame on user error.

Sure?
You are changing topic.

I run dig aaaa pbebank.com @8.8.8.8, you run dig aaaa pbebank.com +trace that showing no error.

You dare to post your result at
dig aaaa pbebank.com

And proof it is not "status: SERVFAIL"?

Also
dig aaaa pbebank.com @8.8.8.8 pls.

Yes, it works, because it is "status: NOERROR"
The router's DNS relay only drop on "status: SERVFAIL".



So, as long as no "status: SERVFAIL" with error on DNSSEC, it is fine.

"TM AS4788 had recently installed RPKI validator and will be dropping the “Invalid” route by November 2023. Please update your ROA accordingly."

https://ipinfo.io/AS4788/42.188.192.0/19

Now, which tool is giving the correct result for UNIFI-HOME AS4788 with the prefix 60.50.0.0/32?

https://rpki.cloudflare.com/?view=bgp&valid...efixMatch=lspec



or

https://rpkitest.nlnetlabs.net/