Visitor
•
13 Messages
Cannot reach certain websites
About a week or so ago, I noticed I could not reach certain websites when connected to my comcast network, but I COULD reach them via a VPN through that same network, and also through my Verizon cellphone or hotspot.
The details:
- I own the hardware: Gryphon router and a Netgear CM500 cable modem
- Confirmed that multiple devices in the house cannot reach the websites when on the Comcast cable network
- Those same devices CAN reach the same websites via a VPN or on a cell network/cell hotspot
- I am not a network engineer
- tried Comcast customer service, who shunted me over to Netgear, who wanted to charge me $130 for tech service. I don't believe either tech understood what I was saying.
I am a little handy, so while on the comcast network I did a traceroute on the sites that don't work. Here is one of them:
traceroute to xwavesoft.com (69.195.98.233), 64 hops max, 72 byte packets
1 www.gryphoncare.com (192.168.1.1) 2.990 ms 2.014 ms 1.561 ms
2 100.93.141.67 (100.93.141.67) 11.964 ms 10.218 ms 12.512 ms
3 po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89) 12.457 ms 11.630 ms 13.060 ms
4 po-2-rur301.roseville.mn.minn.comcast.net (68.87.174.157) 11.706 ms 12.930 ms 12.929 ms
5 68.87.174.105 (68.87.174.105) 11.929 ms 13.320 ms 14.133 ms
6 68.87.174.241 (68.87.174.241) 13.713 ms 20.313 ms 14.293 ms
7 69.139.176.209 (69.139.176.209) 17.979 ms 15.529 ms 12.406 ms
8 be-39821-cs02.1601milehigh.co.ibone.comcast.net (96.110.40.101) 33.735 ms 32.253 ms 31.362 ms
9 be-1213-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.102) 34.996 ms 32.258 ms 32.874 ms
10 be-304-cr13.champa.co.ibone.comcast.net (96.110.36.205) 30.939 ms 32.295 ms 31.143 ms
11 be-1313-cs03.champa.co.ibone.comcast.net (96.110.37.233) 32.339 ms 37.985 ms 34.207 ms
12 be-36731-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.234) 53.793 ms 46.793 ms 42.613 ms
13 96.216.180.114 (96.216.180.114) 42.423 ms 43.452 ms 41.458 ms
14 * * *
15 * * *
16 * * *
[goes to #64 before ending without connecting]
According to whois.arin.net, 96.216.180.114 belongs to Comcast Cable Communications, LLC (CCCS).
Here is a traceroute on a second website:
traceroute to [omitted, as the domain name is my own and I don't wish to share it] 64 hops max, 72 byte packets
1 www.gryphoncare.com (192.168.1.1) 4.081 ms 1.547 ms 1.360 ms
2 100.93.141.66 (100.93.141.66) 10.421 ms 10.736 ms 11.490 ms
3 po-309-345-rur301.roseville.mn.minn.comcast.net (24.124.173.81) 11.463 ms 11.269 ms 11.224 ms
4 po-2-rur302.roseville.mn.minn.comcast.net (68.87.174.158) 10.430 ms 10.653 ms 11.527 ms
5 68.87.174.109 (68.87.174.109) 12.358 ms 12.662 ms 11.394 ms
6 68.87.174.209 (68.87.174.209) 13.399 ms 11.640 ms 11.448 ms
7 96.108.188.169 (96.108.188.169) 14.793 ms 11.642 ms 13.857 ms
8 be-37011-cs01.350ecermak.il.ibone.comcast.net (96.110.43.1) 20.703 ms 22.214 ms 27.153 ms
9 be-2111-pe11.350ecermak.il.ibone.comcast.net (96.110.33.194) 22.005 ms 21.558 ms 20.934 ms
10 62.115.54.21 (62.115.54.21) 21.022 ms 24.841 ms 21.926 ms
11 * * *
12 kanc-bb2-link.ip.twelve99.net (62.115.138.74) 35.815 ms 35.099 ms 36.265 ms
13 * * *
14 dls-b23-link.ip.twelve99.net (62.115.138.65) 47.488 ms 44.344 ms 46.472 ms
15 dls-b1-link.ip.twelve99.net (62.115.113.85) 43.555 ms 48.574 ms 43.528 ms
16 cyrusone-svc067803-lag002972.ip.twelve99-cust.net (62.115.184.155) 51.849 ms 51.184 ms 51.399 ms
17 be-1003-r0.dfw4.cyrusone.net (209.172.218.38) 49.646 ms 51.059 ms 49.434 ms
18 be-4030-r1.hou1.cyrusone.net (209.172.217.242) 51.638 ms 50.486 ms 51.199 ms
19 * * *
20 * * *
21 * * *
[goes to #64 before ending without connecting]
On line 10, whois.ripe.net tells me 62.115.54.21 is located in Sweden(?). I am in the midwest of USA, connecting to (in this case) a server out in (I think) Utah…the hosting company is Bluehost.com. Why would the request be routed that way?
It seems like a DNS problem in the Comcast network, but again, I'm not a network engineer. I don't see how this could be caused by either my router or modem.
Thoughts?
Accepted Solution
lost_in_space
Visitor
•
13 Messages
3 years ago
Ok Bruce, I’m back with a solution! After having more websites become unreachable except via VPN or cell, I was pulling my hair out. Comcast couldn’t help, Gryphon, app devs, and site owners were scratching their heads. I reset both router and modem back to factory defaults and deleted/reinstalled the Gryphon app…nothing helped.
I read some time back that getting the ISP to give you a different IP can help, but through DHCP it can be hard to “force” the ISP to issue a new one. One solution was to leave the cable modem off for a long time. It worked!
I left it off overnight and BOOM everything went back to normal.
0
0
lost_in_space
Visitor
•
13 Messages
3 years ago
I might as well note that the error I'm getting on the websites that I cannot reach is ERR_CONNECTION_TIMED_OUT
0
0
BruceW
Gold Problem Solver
•
26.3K Messages
3 years ago
That IP is assigned to Telia in Sweden, but it's fairly common for ISPs to assign IPs to equipment operating in distant location. Also, it simply isn't possible to send a trace packet to Europe and get a response back in the indicated 21 milliseconds.
I can reach xwavesoft.com, although it's response is very sluggish. When one customer cannot reach a site but others can, it can mean the site or its webhost is blocking that customer's public Comcast IP. You can look up your IP at https://www.google.com/search?q=what+is+my+IP. You may need to ask the site's admins for help with this.
My trace to xwavesoft.com looks like:
Please be aware that there are 2 kinds of responses in this Forum: Replies and Comments. When you Comment on a post by scrolling down to "Comment on this post here...", I am notified of your response. But if you select Reply, I am NOT notified and may not be aware of your response.
(edited)
1
lost_in_space
Visitor
•
13 Messages
3 years ago
Bruce, I read your blurb under your post and saw you do not get notifications via replies to your posts. Rather, you suggested this method (straight up comment). So here you go.
0
0
BruceW
Gold Problem Solver
•
26.3K Messages
3 years ago
Thanks for that!
When you access the site using a VPN or a cell network the IP the site sees your connection coming from is different than when you are trying to reach it on your Comcast connection. Your best bet is to contact the admins for the site's webhost. Either they are blocking your Comcast IP, or the network they are using is.
Good luck!
(edited)
0
lost_in_space
Visitor
•
13 Messages
3 years ago
Hey Bruce. The problem is, i could get to two of the three sites for many, many years just via regular Comcast connections, not VPN/cell. never tried the xwavesoft one before.
The odds that all three sites suddenly start blocking Comcast is low, especially considering xwavesoft sells an app that uses their domain to sync their iOS app to their Mac app (which is how I found out there was a problem in the first place…no syncing was occurring).
it simply wouldn’t be in their interest to block a giant American internet provider.
(edited)
0
0
BruceW
Gold Problem Solver
•
26.3K Messages
3 years ago
Things change? I don't know what those sites are, and even if I did, likely all I could do is refer you to their admins. I see no evidence that Comcast is blocking the sites.
Since I can't help you further, I'll again suggest that you contact those who may be able to, and again wish you good luck.
If you wish you are welcome to send me a DM with the sites you are concerned about and I'll see if I can be more helpful. Note that I am not Comcast, just another customer trying to help out.
0
lost_in_space
Visitor
•
13 Messages
3 years ago
Bruce, thank you for your offer and suggestions, and I’ll reach out to see if the site admins are blocking Comcast. Might take you up on your offer, but first I’m asking friends in this geographic area and on Comcast to test those sites too.
Question: does the router get its DNS info from Comcast (as I assume)?
Comcast locks down even non-Comcast routers and I cannot change anything via the admin panel except reset or adjust frequency (haven’t done either…the factory reset is next on my list if nothing else works). As mentioned I have non-Comcast equipment (modem is on approved list and has worked fine since 2017).
0
0
BruceW
Gold Problem Solver
•
26.3K Messages
3 years ago
That's true for Comcast gateways and maybe even customer owned gateways, but since you have a standalone modem and router you should be able to set the DNS servers to anything you want. I've never found much value in that, but you should be able to do it unless the Gryphon doesn't have that option (I'm not familiar with their gear so I don't know).
0
lost_in_space
Visitor
•
13 Messages
3 years ago
The plot thickens…
I have discovered that both my domains AND xwavesoft.com are ALL hosted on bluehost.com resolving to the same physical address, but are hosted by bluehost.com (my domains) and hostmonster (xwavesoft). A quick glance at social media reveals extensive issues at bluehost.
it is still odd that I cannot reach them while on my home Comcast cable network. I had a friend who lives close by also try. He is also on Comcast, but he could reach all three domains with no problem. Here his traceroute to xwavesoft.com.
traceroute to xwavesoft.com (69.195.98.233), 64 hops max, 52 byte packets
1 10.0.0.1 (10.0.0.1) 4.255 ms 2.410 ms 2.190 ms
2 100.93.141.66 (100.93.141.66) 11.189 ms
100.93.141.67 (100.93.141.67) 12.380 ms
100.93.141.66 (100.93.141.66) 13.647 ms
3 po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89) 8.246 ms
po-309-345-rur301.roseville.mn.minn.comcast.net (24.124.173.81) 11.288 ms
po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89) 12.025 ms
4 68.87.174.105 (68.87.174.105) 11.431 ms
po-2-rur301.roseville.mn.minn.comcast.net (68.87.174.157) 11.711 ms
68.87.174.105 (68.87.174.105) 13.142 ms
5 68.87.174.105 (68.87.174.105) 12.983 ms
68.87.174.241 (68.87.174.241) 12.870 ms
68.87.174.105 (68.87.174.105) 14.192 ms
6 69.139.176.209 (69.139.176.209) 14.946 ms
68.87.174.241 (68.87.174.241) 14.709 ms
96.108.52.9 (96.108.52.9) 16.628 ms
7 69.139.176.209 (69.139.176.209) 17.489 ms
be-39841-cs04.1601milehigh.co.ibone.comcast.net (96.110.40.109) 30.018 ms
68.87.174.237 (68.87.174.237) 17.628 ms
8 be-1313-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.106) 29.748 ms
be-39821-cs02.1601milehigh.co.ibone.comcast.net (96.110.40.101) 29.905 ms
be-1413-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.110) 31.150 ms
9 be-1113-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.98) 31.996 ms
be-302-cr13.champa.co.ibone.comcast.net (96.110.36.197) 29.540 ms
be-1414-cr14.1601milehigh.co.ibone.comcast.net (96.110.39.126) 31.270 ms
10 be-1414-cs04.champa.co.ibone.comcast.net (96.110.37.253) 30.193 ms
be-302-cr14.champa.co.ibone.comcast.net (96.110.39.5) 30.223 ms
be-1213-cs02.champa.co.ibone.comcast.net (96.110.37.229) 35.754 ms
11 be-1314-cs03.champa.co.ibone.comcast.net (96.110.37.249) 30.902 ms
be-36711-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.226) 41.067 ms
be-1114-cs01.champa.co.ibone.comcast.net (96.110.37.241) 30.355 ms
12 96.216.180.114 (96.216.180.114) 42.147 ms
be-36741-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.238) 41.409 ms
96.216.180.114 (96.216.180.114) 41.657 ms
13 96.216.180.114 (96.216.180.114) 43.479 ms * 43.171 ms
14 69-195-64-113.unifiedlayer.com (69.195.64.113) 42.493 ms *
69-195-64-111.unifiedlayer.com (69.195.64.111) 43.183 ms
15 69-195-64-111.unifiedlayer.com (69.195.64.111) 41.157 ms
po97.prv-leaf6a.net.unifiedlayer.com (162.144.240.11) 42.240 ms
69-195-64-113.unifiedlayer.com (69.195.64.113) 42.858 ms
16 69-195-98-233.unifiedlayer.com (69.195.98.233) 42.081 ms
po97.prv-leaf6a.net.unifiedlayer.com (162.144.240.11) 42.330 ms
69-195-98-233.unifiedlayer.com (69.195.98.233) 42.397 ms
I am going to contact bluehost now.
(edited)
3
0
lost_in_space
Visitor
•
13 Messages
3 years ago
Well, I've chatted for quite some time with Bluehost, and they don't seen any problems on their end. They are not blocking my IP.
So what next? I dread calling 800-934-6489 for xfinity customer service, as they were of no help last time. Is there any way to actually get ahold of someone that knows a thing or two about their network?
(edited)
0
0
BruceW
Gold Problem Solver
•
26.3K Messages
3 years ago
If your router has a "clone MAC" or "use this MAC" feature, use it to change its WAN MAC address. Then reboot the modem and, after it has stabilized, reboot the router. That should cause Comcast's DHCP server to assign an different public IP.
Or switch to a different router if you have one.
Or, if your Mac has an Ethernet port, for a test connect it directly to the modem. Then, as above, reboot the modem and when it has stabilized, reboot the computer.
After doing one of the above see if you can connect to the troublesome sites.
(edited)
0
lost_in_space
Visitor
•
13 Messages
3 years ago
Ok Bruce, I used my son's gaming PC. Nothing worked at first, but a reboot of the modem fixed that. I can indeed get to those three pesky sites via a direct plugin to the modem.
Does this mean the fault likely lies with the Gryphon router?
0
0
BruceW
Gold Problem Solver
•
26.3K Messages
3 years ago
My best guess is it means that, despite their denials, Bluehost (or its network, or one of the other companies involved here) was blocking your original public Comcast IP. Changing the device directly connected to the modem caused your public IP to change, and Bluehost is not (yet!) blocking the new IP. The systems that block IPs are often not well understood by webhost staff. They may not even be aware that such systems exist.
Comcast can't help you here. Most of their staff won't know what we're talking about. You could give contacting Unified Layer a try since Bluehost doesn't seem to know what they are doing.
0
lost_in_space
Visitor
•
13 Messages
3 years ago
Another turn of events: on a hunch I contacted the Gryphon router people (the nicest people ever, btw) and after updating the router with the newest firmware (not even pushed out yet, fresh!) we discovered that somehow a bunch of sites like bing, Disney, my sites, xwavesoft etc were blocked on everyone else’s account, but get this, NOT ON MINE! BTW Gryphon is an phone app-based parental control type of router.
Not only are the permissions wacky, but somehow the software is corrupted and permissions are bleeding over onto my account. Permissions are obv wacky too (stuff I never set).
Of course I had checked MY user account multiple times for just this scenario! But I was outfoxed by janky software! Gaaaahh!
I left it as is for the second level engineers to sort through, but I am sure a router reset to defaults is next.
Bruce, if you never hear from me again, then that means the router is indeed the culprit. I really appreciated the support, man. Wasted 1.5 work days on this.
(edited)
0