Troubleshooting HTTPS timeouts in OS X Mountain Lion

The MTU handling in OS X Mountain Lion may not work with the configuration for some Web servers, and might need to be adjusted.

After upgrading to Mountain Lion, some OS X users have run into what appears at first glance to be a DNS-related problem in which they can't access certain Web pages. While most Web connectivity seems to work just fine, when accessing special pages like HTTPS (Hypertext Transfer Protocol Secure) connections the connection times out, resulting in programs like Safari claiming the server could not be contacted.

If you are having this problem, then try copying the server URL from your browser or other application and pinging it directly in the OS X Terminal using the following command:

Ping results in the OS X Terminal
If you can ping the server in the URL you are trying to reach, then the problem is likely not a DNS issue. Screenshot by Topher Kessler/CNET

ping www.cnet.com

If successful, the system will start listing the ping attempts to the hosts's IP address, along with the response times from the remote server. Such behavior would suggest the DNS configuration is not to blame, as the host name is resolvable and the host is online and responding. Therefore, the problem at hand may be related to a problem with how Mountain Lion is handling the network packet size for the connection to the remote system.

As with many forms of digital communication, network data is sent in packets to ensure integrity, so if one is corrupted it can be dropped and re-sent without having to send the entire communication string again. The packet contains header data and other "wrapper" information that determines how it is to be handled through routers along the way between systems, and then a data section that contains a small chunk of the usable data that is to be reassembled by the recipient computer.

It is optimal for a connection to use a packet size that is at the maximum transmission unit size of the network; however, small mismatches in the MTU settings for different devices may result in continually dropped packets for some connection attempts.

In an ideal situation, the network setup between both the recipient and sender will be tuned to the same MTU size, but in some instances even if they are tuned the use of a special protocol such as a security layer may add a few more bytes to each packet, resulting in it being larger than the set MTU size. This will result in the network splitting the packets, which in some instances may result in dropped packets if the split segments cannot be reassembled correctly.

MTU settings in OS X
Adjust the MTU size slightly to see if you can find a value that triggers a successful connection. Keeping the value as high as possible will ensure a more efficient connection. Screenshot by Topher Kessler/CNET

When this happens, an adjustment will need to be made to the network's MTU size so that the packets will be split differently and can be reassembled. Therefore, if you are finding that only some Web pages and other network communications within applications will not load the requested data, especially if the connection is secured, try adjusting your Mac's MTU settings.

These settings are done individually for each network port you have set up in your Network system preferences. Select your active connection and click the Advanced button, followed by selecting the Hardware tab, and you should see an option to Configure your hardware. In this menu choose "Manually" and you will then be able to edit the MTU size. The standard for this size is 1,500, which is the maximum for many Wi-Fi and Ethernet protocols, but you can customize this to be between 1,280 and 1,500 if needed.

There are many recommendations for the MTU settings to use for various connection types (PPPoE, PPP, or direct Ethernet), and for the most part keeping this number as high as possible is recommended. Therefore, to troubleshoot a situation in which you appear to be dropping packets for a particular network connection, try dropping the MTU value by 2 bytes followed by testing your connection. If the connection still does not work, then repeat this and drop the MTU size by another 2 bytes, until hopefully you are able to load the requested data.

In addition to adjusting MTU size, you can try a different hardware connection to your router. While a direct Ethernet connection is an easy option, it is less convenient than Wi-Fi, and often people do not have available hard-line connections. Another approach is instead to use another Wi-Fi protocol if your router supports it. While many routers these days use the higher-speed 802.11n as their preferred protocol, for compatibility they do also include 802.11g and 802.11b support, which often offers more than enough speed for a standard broadband connection.

In routers that support these different protocols you will often have two radios (one at 2.4GHz and another at 5GHz), so consult your router's manual and enable both radios, and then try connecting your Mac to one and the other to see if you can see a difference in loading behavior.



Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.

About the author

    Topher, an avid Mac user for the past 15 years, has been a contributing author to MacFixIt since the spring of 2008. One of his passions is troubleshooting Mac problems and making the best use of Macs and Apple hardware at home and in the workplace.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    iPhone running slow?

    Here are some quick fixes for some of the most common problem in iOS 7.