We have very slow access to the Israel resources from clients located in US (taking minutes to load certain Web pages for example)
Israel/EU clients accessing the same resources do not see similar issues.
It does not seem to be related to the public internet - once affected users connect to VPN (both IL/US) to access local resources, all works as expected. The issue is only present in VPNless (/SAC) environment.
All Applications seem to be impacted.
Outbound channel was limited by QoS, causing delays of about 0.5-1s for RTT.
It did not affects local (Israel/ EU) connections, but drastically drop performance for overseas.
Modified QoS settings on local router/firewall to avoid throttling SAC traffic.
We see slow response time from the HAR file … the fact that some of these connections take a long time to close out triggers a second issue where the browser is simply waiting for a connection to free up so that it can send the next request.
The TCP connection is quick, the SSL handshake is quick but the response time to get the Web response is slow as shown below:
PCAPs confirmed very slow responses on local hosts with a large number of retransmissions.
PCAPs on local network showed quick response times.
Troubleshooting between network nodes led us to the problem router/firewall.