[SOLVED] cable modem requires reboot because one site falls off DNS?

Greg Rundlett (freephile) greg at freephile.com
Mon Sep 20 11:15:00 EDT 2010 

This problem happened again today.  We were unable to access a website that
we access repeatedly for business.  This time we couldn't access our
intranet.  I called Comcast and they said right away that they would disable
the "Smart Packet Detection" setting in the modem.  The support person
couldn't tell me what "Smart Packet Detection" was, but did say that nearly
100% of the time it resolved problems like this.  Now that I know what the
problem was, I can find similar stories all over the Internet going back
several years.

Quote from one story:

"Our Comcast business class cable modem (SMC make, model escapes me at the
moment) has a packet dropping feature called "Gateway Smart Packet
Detection".

I've yet to see any documentation on this "feature" but when left unchecked,
as is by default, you may black hole certain IP addresses simply by visiting
them too much. Or uploading to them too often. Our web team was editing a
site and this feature would constantly black hole the IP they were sending
to when this feature was left enabled."

http://nwlinux.com/blog/comcast-business-class-router-and-smart-packet-detection/
http://lmgtfy.com/?q=smart+packet+detection

Greg Rundlett




On Fri, Sep 3, 2010 at 4:32 PM, Dan Jenkins <dan at rastech.com> wrote:

>  On 9/3/2010 11:19 AM, David Miller wrote:
> >
> > On Fri, Sep 3, 2010 at 10:37 AM, Greg Rundlett (freephile)
> > <greg at freephile.com <mailto:greg at freephile.com>> wrote:
> >
> >     I have a strange problem where one (and only one as far as we
> >     know) particular website becomes inaccessible to our office.
> >
> >     The "fix" for this problem is to reboot the Comcast cable modem,
> >     however I don't understand how the modem could be the culprit.
> >
> >     The website in question is nnerenmls.com <http://nnerenmls.com>
> >      and the modem is configured to use Comcast's DNS servers....
> >     68.87.71.226
> >     68.87.73.242
> >
> >     One red herring:  It would seem that Comcast changed their DNS
> >     servers, because the ones currenty in the modem configuration do
> >     not appear in the list
> >     http://dns.comcast.net/dns-ip-addresses.php  I thought to myself,
> >     "I just switch to Google's Public DNS servers" (8.8.8.8 and
> >     8.8.4.4)  I'm pretty sure they are not going to change.  However,
> >     it doesn't make sense to me that one website would fail, while
> >     general DNS would still be working.  And, at the time of the
> >     failures, other people using Comcast can resolve that domain
> >     meaning it doesn't even appear to be an issue where the target
> >     domain is occasionally falling off the web.
> >
> >     Any ideas on what could cause this and how to troubleshoot?
> >
> >
> > We have that problem here time to time.  It doesn't appear to be a DNS
> > issue in our case it's always been a very strange routing problem that
> > happens after a bunch of correct hops.
> >
> > We are lucky enough to have a 2nd internet connection and when we have
> > this problem here I can traceroute from each connection and the
> > comcast one normally will get to the correct datacenter and then take
> > a different hop from our T1.  I've never been able to make any sense
> > out of it.  But for this reason I have a few sites setup to route out
> > our T1 so that it doesn't cause any interruptions in our business.
> >
> > Rebooting the comcast router in our case has always resolved this
> > routing problem.  I'd be interested in any theories as to what causes
> > the routing to go awry after many hops and outside of comcast's network.
> >
>
> We've had this strange routing problem several times over the last year.
> It makes no sense to me either, but power cycling the Comcast-provided
> SMSC cable modem/router has solved the problem in all four cases at
> three different clients. In one instance, the traceroute made it to the
> very last hop before their web server, and then died. I wondered if it
> could be some odd TTL issue. Comcast's tech support has been pleasant,
> but not very informative about the cause. Since power cycling works, and
> is quick, I haven't tried to diagnose it further though I'd like to know
> why it happens. In one of the other cases the route to a specific IP
> number immediately went along a completely different path than another
> IP that was in the same destination network. The other case appeared to
> start playing leap frog half way to the destination (hop E to hop F to
> hop E, etc.). The fourth occurrence I just had them power cycle. There
> may have been more cases, but I documented how to power cycle the cable
> modem for them (they are all small enough that it hasn't been a major
> issue) and haven't heard about recurrences.
>
>
>
>
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20100920/6d1d4700/attachment.html

More information about the gnhlug-discuss mailing list