[ SOLVED ] Web browsers randomly stop talking to the Internet on MacOS … the WI-FI Strikes Back and Sophos so Good (actually bad)…

So, in the last part (this wasn’t intended to be a series) – I looked into a problem that I was having with my 2020 iMac where randomly all browser access to the Internet would just time out. Other Internet applications would continue to work (e.g. Teams) and other devices on my local network would also continue to function normally (well, at least what appeared to be normal).

In my previous post I had analysed a number of potential solutions to the issue which included:

  • Increasing the maximum number of File Descriptors that can be open at a time.
  • Disabling IPv6 on the Mac.
  • Completely resetting the IP configuration on the Mac.

Whereas the first two possibilities from the list above seemed to have some impact on the problem (and the File Descriptors change certainly made a real difference to the time that it took to eject a 4TB external drive) – the problem returned!

This was the point where it because really frustrating as I was really busy in work (obviously working from home) and it was getting to the point where browser access was dropping out every few minutes resulting in no internet access for anything up to 4 minutes at a time.

I was about to throw the Mac out the window (well, perhaps not quite that desperate, but I was certainly thinking of doing a full O/S reinstall) when my son ambled into the room and asked “what was up” with the Internet?

You see, my lad is on his break from finishing school and starting college, which basically means that he has three months of playing XBOX. I asked him what was wrong and he told me a tale of some pretty severe latency that he’d been experiencing for a few months during his gaming!

Of course, this information would have been really bloody useful a few days ago – but, to be fair to him; he’d assumed that it was me hogging all the bandwidth (because Facebook, this site and work stuff consumes the entirety of a 100 Mbps connection! Obvs!) and I had assumed to a certain degree that he might be the culprit too!

Anyhow, I had run a number of checks on the network whilst troubleshooting all of this issue and I had not seen anything that had really made me think that anything was really wrong … well not until my son told me about the Internet problems that he was experiencing.

You see, this was the first bit of information that I had which confirmed that the issue was outside of my Mac ecosystem. Up until this point I had assumed that everything else was fine and it was just a browser issue on my local machine.

It was at this point that I started to suspect something on my local network.

A little bit of local context and some sleuthing …

For context my home network was fairly straight forward, I’ve provided a summary diagram of the setup below :

The setup was:

  • FTTC VDSL Connection to the Internet rated at 80 Mbps.
  • ISP supplied VDSL router.
  • Google WI-FI hub with a single SSID.
  • WI-FI is disabled on the ISP router, but enabled on the Google WI-FI to allow for Devices on the home network connect to the Internet.

I use this setup because I like to separate roles between devices from different vendors (e.g. Internet Routing and WI-FI services) and maintain a firewall on both. I like my Internet facing device to perform no “local roles” and for it to exist on a separate sub-net which is NAT’ed with the said Firewalls in place.

For those folks who are not familiar with Google WI-Fi hubs on first looks they are great little devices that really make home Mesh networking really easy. They hide a lot of settings and make the process of setting up and managing a home network really straight forward – but they are “closed boxes”.

What I mean by that is some of the settings that you might find on products such as NetGear or ASUS are not configurable or visible.

For example (and this will become relevant a little later on) – the Google device supports both 2.4 and 5 GHz bands that broadcast from a single network SSID. You cannot configure a Google Device to use a specific band on a different SSID – it “iintelligently” analyses network conditions and switches you between bands when it determines that one is really busy – sounds good right? Well, not really – more on this later!

Now that I was beginning to think that there was a networking problem I thought that I would take a closer look at the WI-FI connection on my Mac.

For those who do not know, if you hold down the OPTION key whilst clicking on the WI-FI icon in the FINDER bar you will get a drop down that contains quite a lot of useful information about your current connection.

I was interested in the “Channel” as it provided me with the current band that my Mac was connected to from the image below you will see that at the time I was connected on Channel 64 in the 5 GHz band:

What I noticed was that the band would swap between 2.4 and 5 GHz every couple of minutes … now, does that sounds familiar?

The band switching seemed to correlate with the browser time outs – son of a beaaaaaaatch!

So, I decided the do a little bit more digging.

I live in a flat. In the last two years three telco’s have installed FTTP services to the blocks and they have been really popular with residents who have been offered significant discounts on 1Gig connections to draw them in.

Now, WI-FI is ultimately a radio based technology and works on channels. Multiple WI-FI networks can use the same channel – but the closer they are to one another the greater the risk of interference and therefore performance problems.

If you are the background (bedtime) reading type then there are some good articles on the subject:

I downloaded a little app called WI-FI Explorer Lite (for £1.99) from the app store which gave me a really good visual insight into what was going on around my own WI-FI network.

The screenshot below shows that in my area that the there is a lot of channel cross over on my 2.4 GHz band. This was interesting because it was clear from the information that I had found on my Mac the Google WI-FI was forcing me from 5GHz to 2 GHz and then back again continuously.

From the screenshot below – you can see that the 5GHz band is less busy (but still has a fair amount of subscribers) – and – I was able to work out that when performance was normal I was connected to this band.

So I am almost out of popcorn  … what did you think was wrong and what did you do?

Glad that you asked! Well my guess is that there is something wrong with my Google WI-FI device. Perhaps a dodgy firmware, faulty or just too smart for it’s own good!

I think that where I live is very busy for WI-FI services and my Google Device is trying to intelligently switch between bands. I cannot force a band on the Google device (like you can on others) – so I cannot elect to pick one – the lesser of two evils if you will.

So what I have done is activated the WI-FI capability on the ISP’s VDSL router and connected my iMac and my son’s XBox directly and decided to continue to monitor with everything crossed!

After all of that, did I get my happily ever after?

In a word … no!

There was no doubt that eliminating the flapping Google Wi-Fi from the equation helped overall performance – certainly helped my lad’s XBOX gaming sessions as his problems went away – but, within a day of me thinking that I had finally cracked it the problem returned – and this time with a vengeance.

Honestly – there was a morning where I think between constant reboots I probably managed to achieve about 10 minutes of Internet access. I was ready to launch the thing out of the window, quit working in IT and go to live as a monk.

This clearly needed a new approach in my thinking. I decided to go back to basics and list out what were now the main components of hardware and software which led to Internet connectivity on my home network and consider what I knew about them.

In essence when broken down at a very simple level I had (going from left to right in the diagram):

  1. The Internet – my connection to it was up, online and from what I could see there were no issues with the quality of the link.
  2. ISP VDSL Router – Device was up, online no problems with connectivity to the Internet or to the local area network.
  3. Sophos – I will come to this in a moment!
  4. iMac Firewall – historically, I have had this enabled in MacOS and had no problems – but just to be sure I disabled it for a brief period and it made no difference to the problem.
  5. iMac – this device was functioning normally and I could connect no problems to anything other than the Internet. I had run a number of the Apple supplied diagnostics and all of them said the Mac was working fine.

So, that just left Sophos to have a look at.

I’ve used Sophos for a number of years on my Mac – mainly because it is OK as a product and it’s free! I decided to have a look at some of the settings in the control Dashboard and my attention was drawn to the “Web Protection” function.

This is the functionality of Sophos that constantly monitors the websites that you are accessing ensuring that they are not delivering Malware or other nastiness to your machine – so it does good things, but it struck me as what was now the last possible thing that could be wrong.

I disabled it and …. that was the problem! It is now two weeks and I have not had a single issue. I turned it back on after the two weeks and the problem came back.

Fab-a-fecking RAMA! – Wooo hooo and get in there! Finally got to the bottom of a problem that I’ve have on and off for a number of years!

Of course the challenge that I now fact is that I am less secure because I have needed to disable quite an important component of my security – so I am currently pondering options that I have around that – but I am chuffed that I have managed to get stable Internet access back.

In hindsight, perhaps the answer was obvious after the point that I took the Google Wi-Fi out of the equation and my lads XBox experience went back to normal as that wouldn’t of had Sophos in the mix – however it also confirms that in essence I also had two issues:

  1. Faulty Google WI-FI device.
  2. Sophos Web Content Protection.

As a learning point from this – if I were to experience this problem again, or indeed if anyone out there see it – check your Malware / AV first. In my case it was Sophos – but there are a lot of other vendors out there that have similar functionality around Web based protection.

Hope that this helps someone along the way.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.