Skip to main content

    Support

    Offers

R
reis033
1st Topic
1st Reply

3 Messages

Thursday, October 19th, 2023 2:14 PM

Closed

Application-layer network problems

Twice this week I've had issues where I'm unable to connect to some (not all) websites. My network connectivity is fine - I can `ping` the same sites with no issues. I just can't connect to the websites on port 80 or 443. Monday afternoon (Oct 16) it lasted for an hour or two. This morning (Oct 19) it lasted about 45 minutes.

It appears that active connections are maintained, but new ones cannot be created. eg, my Spotify continued streaming until I stopped it, after which it could not reconnect. This sounds a lot like some kind of application-layer inspection or firewall system is getting overloaded.

- It is not a problem with my local network or modem. I can ping remote servers just fine. I can get access to some websites, but others are blocked.

- It is not a problem with my computer/laptop. I have tried two different computers, running two different operating systems (Windows & MacOS).

- It is not a browser problem. It affected Chrome, Firefox, MacOS wget command and Windows Powershell Invoke-WebRequest command.

% ping www.github.comPING github.com (140.82.113.4): 56 data bytes64 bytes from 140.82.113.4: icmp_seq=0 ttl=40 time=104.135 ms64 bytes from 140.82.113.4: icmp_seq=1 ttl=40 time=65.385 ms64 bytes from 140.82.113.4: icmp_seq=2 ttl=40 time=68.003 ms64 bytes from 140.82.113.4: icmp_seq=3 ttl=40 time=63.680 ms64 bytes from 140.82.113.4: icmp_seq=4 ttl=40 time=66.364 ms64 bytes from 140.82.113.4: icmp_seq=5 ttl=40 time=64.668 ms^C--- github.com ping statistics ---6 packets transmitted, 6 packets received, 0.0% packet lossround-trip min/avg/max/stddev = 63.680/72.039/104.135/14.417 ms% wget --timeout 10 https://www.github.com--2023-10-19 07:02:45--  https://www.github.com/Resolving www.github.com (www.github.com)... 140.82.113.4Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:02:56--  (try: 2)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:03:08--  (try: 3)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:03:21--  (try: 4)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:03:35--  (try: 5)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:03:50--  (try: 6)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:04:06--  (try: 7)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.--2023-10-19 07:04:23--  (try: 8)  https://www.github.com/Connecting to www.github.com (www.github.com)|140.82.113.4|:443... failed: Operation timed out.Retrying.

## Can't even get to XFinity.com
## It's interesting that the traceroute seems to go in circles, hitting the same addresses at different steps. Is that expected?

% ping www.xfinity.com
PING e10994.dscx.akamaiedge.net (184.30.87.233): 56 data bytes
64 bytes from 184.30.87.233: icmp_seq=0 ttl=55 time=41.209 ms
64 bytes from 184.30.87.233: icmp_seq=1 ttl=55 time=29.958 ms
64 bytes from 184.30.87.233: icmp_seq=2 ttl=55 time=30.808 ms
64 bytes from 184.30.87.233: icmp_seq=3 ttl=55 time=29.903 ms
64 bytes from 184.30.87.233: icmp_seq=4 ttl=55 time=33.964 ms
^C
--- e10994.dscx.akamaiedge.net ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 29.903/33.168/41.209/4.285 ms

% wget --timeout 10 www.xfinity.com
--2023-10-19 07:04:37--  http://www.xfinity.com/
Resolving www.xfinity.com (www.xfinity.com)... 184.30.87.233
Connecting to www.xfinity.com (www.xfinity.com)|184.30.87.233|:80... failed: Operation timed out.
Retrying.

--2023-10-19 07:04:48--  (try: 2)  http://www.xfinity.com/
Connecting to www.xfinity.com (www.xfinity.com)|184.30.87.233|:80... failed: Operation timed out.
Retrying.

--2023-10-19 07:05:00--  (try: 3)  http://www.xfinity.com/
Connecting to www.xfinity.com (www.xfinity.com)|184.30.87.233|:80... failed: Operation timed out.
Retrying.

--2023-10-19 07:05:13--  (try: 4)  http://www.xfinity.com/
Connecting to www.xfinity.com (www.xfinity.com)|184.30.87.233|:80... failed: Operation timed out.
Retrying.

--2023-10-19 07:05:27--  (try: 5)  http://www.xfinity.com/
Connecting to www.xfinity.com (www.xfinity.com)|184.30.87.233|:80... failed: Operation timed out.
Retrying.



% traceroute xfinity.com
traceroute to xfinity.com (96.99.240.130), 64 hops max, 52 byte packets
 1  192.168.0.1 (192.168.0.1)  26.628 ms  3.266 ms  3.147 ms
 2  100.93.91.195 (100.93.91.195)  36.472 ms
    100.93.91.194 (100.93.91.194)  46.870 ms
    100.93.91.195 (100.93.91.195)  17.595 ms
 3  po-323-363-rur401.denver.co.denver.comcast.net (96.216.161.61)  32.993 ms
    po-323-364-rur402.denver.co.denver.comcast.net (96.216.161.149)  36.842 ms
    po-323-363-rur401.denver.co.denver.comcast.net (96.216.161.61)  19.437 ms
 4  po-2-rur401.denver.co.denver.comcast.net (68.86.103.9)  33.112 ms
    po-400-xar01.denver.co.denver.comcast.net (68.85.89.213)  34.956 ms
    po-2-rur401.denver.co.denver.comcast.net (68.86.103.9)  8.936 ms
 5  be-306-arsc1.denver.co.denver.comcast.net (24.124.155.129)  42.505 ms
    po-400-xar01.denver.co.denver.comcast.net (68.85.89.213)  12.712 ms
    be-306-arsc1.denver.co.denver.comcast.net (24.124.155.129)  18.880 ms
 6  be-306-arsc1.denver.co.denver.comcast.net (24.124.155.129)  14.218 ms
    be-36011-cs01.1601milehigh.co.ibone.comcast.net (96.110.43.241)  31.569 ms
    be-306-arsc1.denver.co.denver.comcast.net (24.124.155.129)  13.662 ms
 7  be-1411-cr11.1601milehigh.co.ibone.comcast.net (96.110.39.78)  28.535 ms
    be-36021-cs02.1601milehigh.co.ibone.comcast.net (96.110.43.245)  32.219 ms
    be-1411-cr11.1601milehigh.co.ibone.comcast.net (96.110.39.78)  17.510 ms
 8  be-1111-cr11.1601milehigh.co.ibone.comcast.net (96.110.39.66)  36.156 ms
    be-301-cr21.350ecermak.il.ibone.comcast.net (96.110.37.145)  65.744 ms
    be-1211-cr11.1601milehigh.co.ibone.comcast.net (96.110.39.70)  27.765 ms
 9  be-1221-cs22.350ecermak.il.ibone.comcast.net (68.86.82.245)  68.939 ms
    be-304-cr21.350ecermak.il.ibone.comcast.net (96.110.37.157)  62.713 ms
    be-1221-cs22.350ecermak.il.ibone.comcast.net (68.86.82.245)  31.597 ms
10  be-1321-cs23.350ecermak.il.ibone.comcast.net (68.86.82.249)  55.063 ms
    68.86.93.182 (68.86.93.182)  64.782 ms
    be-1221-cs22.350ecermak.il.ibone.comcast.net (68.86.82.245)  43.546 ms
11  et-3-36-1-sas04-d.ashburn.va.ndcasbn.comcast.net (96.108.75.118)  74.071 ms
    68.86.93.182 (68.86.93.182)  60.035 ms
    et-4-36-1-sas04-d.ashburn.va.ndcasbn.comcast.net (96.108.75.126)  78.460 ms
12  et-3-36-1-sas04-d.ashburn.va.ndcasbn.comcast.net (96.108.75.118)  62.054 ms
    et-0-0-59-1-ss09b-d.ashburn.va.ndcasbn.comcast.net (96.108.96.6)  64.264 ms
    et-3-36-1-sas01-d.ashburn.va.ndcasbn.comcast.net (96.108.75.98)  79.446 ms
13  * et-0-0-35-1-ss09b-d.ashburn.va.ndcasbn.comcast.net (96.108.96.198)  73.182 ms *
114  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
31  * * *
32  * * *
33  * * *
34  * * *
35  * * *
36  * * *
37  * * *
38  * * *
39  * * *
40  * * *
41  * * *
42  * * *
43  * * *
44  * * *
45  * * *
46  * * *
47  * * *
48  * * *
49  *^\zsh: quit       traceroute xfinity.com

Question

 • 

Updated 

1 year ago

 • Edited

213

3

0

Was this helpful?

reis033

3 Messages

1 year ago

Happened again, this time for only about 90 seconds.

##
## Some network available, others not. 
## Can ping google, but not connect to site
## This resolved itself after about 90 seconds this time. 
##

% ping xfinity.com
PING xfinity.com (96.99.240.130): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
^C
--- xfinity.com ping statistics ---
7 packets transmitted, 0 packets received, 100.0% packet loss

##
## But 1.1.1.1 works
##

% ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=55 time=43.782 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=55 time=19.555 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=55 time=19.908 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=55 time=15.460 ms
64 bytes from 1.1.1.1: icmp_seq=4 ttl=55 time=15.066 ms
64 bytes from 1.1.1.1: icmp_seq=5 ttl=55 time=12.774 ms
^C
--- 1.1.1.1 ping statistics ---
6 packets transmitted, 6 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 12.774/21.091/43.782/10.455 ms


##
## date, just for tracking purposes
##

% date
Thu Oct 19 10:55:26 MDT 2023


##
## Google
##

% ping google.com
PING google.com (142.250.72.78): 56 data bytes
64 bytes from 142.250.72.78: icmp_seq=0 ttl=114 time=30.204 ms
64 bytes from 142.250.72.78: icmp_seq=1 ttl=114 time=13.171 ms
64 bytes from 142.250.72.78: icmp_seq=2 ttl=114 time=24.084 ms
64 bytes from 142.250.72.78: icmp_seq=3 ttl=114 time=13.620 ms
64 bytes from 142.250.72.78: icmp_seq=4 ttl=114 time=15.986 ms
^C
--- google.com ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 13.171/19.413/30.204/6.671 ms


##
## Can't get to the website though
##

% wget google.com
--2023-10-19 10:55:45--  http://google.com/
Resolving google.com (google.com)... 142.250.72.78
Connecting to google.com (google.com)|142.250.72.78|:80... failed: Operation timed out.
Retrying.

--2023-10-19 10:55:54--  (try: 2)  http://google.com/
Connecting to google.com (google.com)|142.250.72.78|:80... failed: Operation timed out.
Retrying.

^C

0

0

flatlander3

Problem Solver

 • 

1.5K Messages

1 year ago

Xfinity equipment, or something else?  Might have some test options with something else.  For looking at it:

In all cases, what do you line statistics look like on your gateway/modem if you log into it?  Bunch of errors, especially the PLC one?  Channels dropping and rebonding in the error logs?  Wonky power levels?  See -->    https://forums.xfinity.com/conversations/your-home-network/internet-troubleshooting-tips/602dae4ac5375f08cde52ea0 

How about when this happens, if you look at the IPV6 address your gateway/modem is getting, is it blank -- Release, and then just not getting the rebind, or that stalling out for a while?  Maybe copy what it is now, and then what it is when it dies then works again.  Different IPV6 address?

3

0

reis033

3 Messages

@flatlander3​ Personal equipment, Netgear C6250-100NAS.

The line stats look fine as of now. I have not checked during an outage. I'm not sure what the "PLC one" errors refers to, I don't see "PLC" listed on the router status page or the linked forum post. Current state as of now:

How about when this happens, if you look at the IPV6 address your gateway/modem is getting, is it blank

Have not checked, but I will. Copied down the current address, not posting it here because I already get enough port scans. :P

Thanks!

1 year ago

0

flatlander3

Problem Solver

 • 

1.5K Messages

@breischl​  I got a netgear C6220 at one location that I refuse to upgrade.  When the upstream power drifts much past 50dBmV, it starts having issues and will self reboot if it gets much past what you are showing.  Maybe around the 54-55dBmV range.  It should be much lower.  40-45ish

Is there a splitter or any kind of line filter involved?  An attenuator perhaps you can remove?  Or is this a direct run right to your Netgear.  It's shoving awfully hard to try to get a signal out.  Clean run from where the service enters your residence to your Netgear would be a great test.

In my case, I found a surge/lightning suppressor that was interfering and actually causing link issues with upstream.  

Edit:  You won't see the PLC one on a DOCSIS 3.0.

(edited)

1 year ago

0

XfinityJustinC

Official Employee

 • 

1K Messages

Hello, @reis033. Thank you for reaching out over Xfinity Forums for support today, you have contacted the right place in regard to the block website issue. I appreciate all the detailed information you have provided. With using your own modem, our advanced security features shouldn't be blocking the websites. 

 

I apologize if I overlooked this, as you have been doing a lot from your end. Have you attempted an ipconfig/flushdns? 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

1 year ago

0

Yenrab-AZ-OV

Visitor

 • 

3 Messages

1 year ago

There is something strange going on inside the Comcast xFinity network when it comes to routing / resolving destinations that rely on akamaiedge. The vast majority of the Internet works, but certain sites and destination are broken. The Home Depot website is a great example. Notice how the same CDN entry is resolved to entirely different IP addresses when comparing my two Internet providers? It's broken on Comcast, but works on T-Mobile 5G Home Internet. Same problem happens for the Apple App Store.

I've escalated to a local Comcast xFinity contact who has a proven track record for getting issues in front of the correct network engineers. No point in troubleshooting further since it is a not a local equipment or service issue. I can reproduce or correct the issue just by failing over between my two Internet connections.

Using Comcast Xfinity, www.homedepot[.dot]com resolves:
e14801.x.akamaiedge.net [23.40.26.68]
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

Using T-Mobile Home Internet, www.homedepot[.dot]com resolves:
e14801.x.akamaiedge.net [104.122.30.7]
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)

1

0

XfinityMarcus

Official Employee

 • 

1.3K Messages

@Yenrab-AZ-OV, thank you for reaching out and using the Community Forum. Have you already gotten in contact with someone to resolve this issue?

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

1 year ago

0

forum icon

New to the Community?

Start Here