L

Visitor

 • 

13 Messages

Sunday, April 24th, 2022 4:34 AM

Closed

Cannot reach certain websites

About a week or so ago, I noticed I could not reach certain websites when connected to my comcast network, but I COULD reach them via a VPN through that same network, and also through my Verizon cellphone or hotspot. 

The details:

- I own the hardware: Gryphon router and a Netgear CM500 cable modem

- Confirmed that multiple devices in the house cannot reach the websites when on the Comcast cable network

- Those same devices CAN reach the same websites via a VPN or on a cell network/cell hotspot

- I am not a network engineer

- tried Comcast customer service, who shunted me over to Netgear, who wanted to charge me $130 for tech service. I don't believe either tech understood what I was saying.

I am a little handy, so while on the comcast network I did a traceroute on the sites that don't work. Here is one of them:

traceroute to xwavesoft.com (69.195.98.233), 64 hops max, 72 byte packets

1  www.gryphoncare.com (192.168.1.1)  2.990 ms  2.014 ms  1.561 ms

2  100.93.141.67 (100.93.141.67)  11.964 ms  10.218 ms  12.512 ms

3  po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89)  12.457 ms  11.630 ms  13.060 ms

4  po-2-rur301.roseville.mn.minn.comcast.net (68.87.174.157)  11.706 ms  12.930 ms  12.929 ms

5  68.87.174.105 (68.87.174.105)  11.929 ms  13.320 ms  14.133 ms

6  68.87.174.241 (68.87.174.241)  13.713 ms  20.313 ms  14.293 ms

7  69.139.176.209 (69.139.176.209)  17.979 ms  15.529 ms  12.406 ms

8  be-39821-cs02.1601milehigh.co.ibone.comcast.net (96.110.40.101)  33.735 ms  32.253 ms  31.362 ms

9  be-1213-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.102)  34.996 ms  32.258 ms  32.874 ms

10  be-304-cr13.champa.co.ibone.comcast.net (96.110.36.205)  30.939 ms  32.295 ms  31.143 ms

11  be-1313-cs03.champa.co.ibone.comcast.net (96.110.37.233)  32.339 ms  37.985 ms  34.207 ms

12  be-36731-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.234)  53.793 ms  46.793 ms  42.613 ms

13  96.216.180.114 (96.216.180.114)  42.423 ms  43.452 ms  41.458 ms

14  * * *

15  * * *

16  * * *

[goes to #64 before ending without connecting]

According to whois.arin.net, 96.216.180.114 belongs to Comcast Cable Communications, LLC (CCCS).

Here is a traceroute on a second website:

traceroute to [omitted, as the domain name is my own and I don't wish to share it] 64 hops max, 72 byte packets

1  www.gryphoncare.com (192.168.1.1)  4.081 ms  1.547 ms  1.360 ms

2  100.93.141.66 (100.93.141.66)  10.421 ms  10.736 ms  11.490 ms

3  po-309-345-rur301.roseville.mn.minn.comcast.net (24.124.173.81)  11.463 ms  11.269 ms  11.224 ms

4  po-2-rur302.roseville.mn.minn.comcast.net (68.87.174.158)  10.430 ms  10.653 ms  11.527 ms

5  68.87.174.109 (68.87.174.109)  12.358 ms  12.662 ms  11.394 ms

6  68.87.174.209 (68.87.174.209)  13.399 ms  11.640 ms  11.448 ms

7  96.108.188.169 (96.108.188.169)  14.793 ms  11.642 ms  13.857 ms

8  be-37011-cs01.350ecermak.il.ibone.comcast.net (96.110.43.1)  20.703 ms  22.214 ms  27.153 ms

9  be-2111-pe11.350ecermak.il.ibone.comcast.net (96.110.33.194)  22.005 ms  21.558 ms  20.934 ms

10  62.115.54.21 (62.115.54.21)  21.022 ms  24.841 ms  21.926 ms

11  * * *

12  kanc-bb2-link.ip.twelve99.net (62.115.138.74)  35.815 ms  35.099 ms  36.265 ms

13  * * *

14  dls-b23-link.ip.twelve99.net (62.115.138.65)  47.488 ms  44.344 ms  46.472 ms

15  dls-b1-link.ip.twelve99.net (62.115.113.85)  43.555 ms  48.574 ms  43.528 ms

16  cyrusone-svc067803-lag002972.ip.twelve99-cust.net (62.115.184.155)  51.849 ms  51.184 ms  51.399 ms

17  be-1003-r0.dfw4.cyrusone.net (209.172.218.38)  49.646 ms  51.059 ms  49.434 ms

18  be-4030-r1.hou1.cyrusone.net (209.172.217.242)  51.638 ms  50.486 ms  51.199 ms

19  * * *

20  * * *

21  * * *

[goes to #64 before ending without connecting]

On line 10, whois.ripe.net tells me 62.115.54.21 is located in Sweden(?). I am in the midwest of USA, connecting to (in this case) a server out in (I think) Utah…the hosting company is Bluehost.com. Why would the request be routed that way?

It seems like a DNS problem in the Comcast network, but again, I'm not a network engineer. I don't see how this could be caused by either my router or modem.

Thoughts?

Accepted Solution

Visitor

 • 

13 Messages

3 years ago

Ok Bruce, I’m back with a solution! After having more websites become unreachable except via VPN or cell, I was pulling my hair out. Comcast couldn’t help, Gryphon, app devs, and site owners were scratching their heads. I reset both router and modem back to factory defaults and deleted/reinstalled the Gryphon app…nothing helped. 

I read some time back that getting the ISP to give you a different IP can help, but through DHCP it can be hard to “force” the ISP to issue a new one. One solution was to leave the cable modem off for a long time. It worked!

I left it off overnight and BOOM everything went back to normal. 

Visitor

 • 

13 Messages

3 years ago

I might as well note that the error I'm getting on the websites that I cannot reach is ERR_CONNECTION_TIMED_OUT

Gold Problem Solver

 • 

26.3K Messages

3 years ago

... whois.ripe.net tells me 62.115.54.21 is located in Sweden(?) ...

That IP is assigned to Telia in Sweden, but it's fairly common for ISPs to assign IPs to equipment operating in distant location. Also, it simply isn't possible to send a trace packet to Europe and get a response back in the indicated 21 milliseconds.

I can reach xwavesoft.com, although it's response is very sluggish. When one customer cannot reach a site but others can, it can mean the site or its webhost is blocking that customer's public Comcast IP. You can look up your IP at https://www.google.com/search?q=what+is+my+IP. You may need to ask the site's admins for help with this.

My trace to xwavesoft.com looks like:

C>tracert -4 xwavesoft.com
Tracing route to xwavesoft.com [69.195.98.233] over a maximum of 30 hops:
  1     1 ms     1 ms     9 ms  router1 [192.168.1.1]
  2     8 ms     9 ms     9 ms  96.120.9.181
  3     9 ms    37 ms     9 ms  24.124.216.181
  4     8 ms     8 ms     8 ms  96.110.24.214
  5     9 ms     8 ms     9 ms  96.110.25.65
  6    17 ms    17 ms    19 ms  be-34-ar01.mckeesport.pa.pitt.comcast.net [69.139.168.141]
  7    19 ms    18 ms    21 ms  ae-7.bar1.Pittsburgh3.Level3.net [4.68.106.85]
  8    75 ms    59 ms     *     ae2.3602.edge8.Denver1.level3.net [4.69.219.74]
  9     *        *        *     Request timed out.
 10    63 ms    69 ms    64 ms  69-195-64-113.unifiedlayer.com [69.195.64.113]
 11    62 ms    64 ms    63 ms  po99.prv-leaf6b.net.unifiedlayer.com [162.144.240.23]
 12    63 ms    64 ms    62 ms  69-195-98-233.unifiedlayer.com [69.195.98.233]
Trace complete.
Please be aware that there are 2 kinds of responses in this Forum: Replies and Comments. When you Comment on a post by scrolling down to "Comment on this post here...", I am notified of your response. But if you select Reply, I am NOT notified and may not be aware of your response.

(edited)

Visitor

 • 

13 Messages

@BruceW​ as a non-network engineer, I cannot ascertain how correct you are. 

But I can say that two of the websites that I cannot get to are my very own domains, domains that I have been able to reach for decades while being on Comcast’s services. 

Visitor

 • 

13 Messages

3 years ago

Bruce, I read your blurb under your post and saw you do not get notifications via replies to your posts. Rather, you suggested this method (straight up comment). So here you go. 

Gold Problem Solver

 • 

26.3K Messages

3 years ago

... you suggested this method (straight up comment). So here you go. 

Thanks for that!

When you access the site using a VPN or a cell network the IP the site sees your connection coming from is different than when you are trying to reach it on your Comcast connection. Your best bet is to contact the admins for the site's webhost. Either they are blocking your Comcast IP, or the network they are using is.

Good luck!

(edited)

Visitor

 • 

13 Messages

3 years ago

Hey Bruce. The problem is, i could get to two of the three sites for many, many years just via regular Comcast connections, not VPN/cell. never tried the xwavesoft one before. 

 The odds that all three sites suddenly start blocking Comcast is low, especially considering xwavesoft sells an app that uses their domain to sync their iOS app to their Mac app (which is how I found out there was a problem in the first place…no syncing was occurring). 

it simply wouldn’t be in their interest to block a giant American internet provider. 

(edited)

Gold Problem Solver

 • 

26.3K Messages

3 years ago

... i could get to two of the three sites for many, many years just via regular Comcast connections ...

Things change? I don't know what those sites are, and even if I did, likely all I could do is refer you to their admins. I see no evidence that Comcast is blocking the sites.

Since I can't help you further, I'll again suggest that you contact those who may be able to, and again wish you good luck.

If you wish you are welcome to send me a DM with the sites you are concerned about and I'll see if I can be more helpful. Note that I am not Comcast, just another customer trying to help out.

Visitor

 • 

13 Messages

3 years ago

Bruce, thank you for your offer and suggestions, and I’ll reach out to see if the site admins are blocking Comcast. Might take you up on your offer, but first I’m asking friends in this geographic area and on Comcast to test those sites too. 

Question: does the router get its DNS info from Comcast (as I assume)?

Comcast locks down even non-Comcast routers and I cannot change anything via the admin panel except reset or adjust frequency (haven’t done either…the factory reset is next on my list if nothing else works). As mentioned I have non-Comcast equipment (modem is on approved list and has worked fine since 2017).

Gold Problem Solver

 • 

26.3K Messages

3 years ago

... Question: does the router get its DNS info from Comcast (as I assume)? ... Comcast locks down even non-Comcast routers ...

That's true for Comcast gateways and maybe even customer owned gateways, but since you have a standalone modem and router you should be able to set the DNS servers to anything you want. I've never found much value in that, but you should be able to do it unless the Gryphon doesn't have that option (I'm not familiar with their gear so I don't know).

Visitor

 • 

13 Messages

3 years ago

The plot thickens…

I have discovered that both my domains AND xwavesoft.com are ALL hosted on bluehost.com resolving to the same physical address, but are hosted by bluehost.com (my domains) and hostmonster (xwavesoft). A quick glance at social media reveals extensive issues at bluehost.

it is still odd that I cannot reach them while on my home Comcast cable network. I had a friend who lives close by also try. He is also on Comcast, but he could reach all three domains with no problem. Here his traceroute to xwavesoft.com.

traceroute to xwavesoft.com (69.195.98.233), 64 hops max, 52 byte packets

1  10.0.0.1 (10.0.0.1)  4.255 ms  2.410 ms  2.190 ms

2  100.93.141.66 (100.93.141.66)  11.189 ms

    100.93.141.67 (100.93.141.67)  12.380 ms

    100.93.141.66 (100.93.141.66)  13.647 ms

3  po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89)  8.246 ms

    po-309-345-rur301.roseville.mn.minn.comcast.net (24.124.173.81)  11.288 ms

    po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89)  12.025 ms

4  68.87.174.105 (68.87.174.105)  11.431 ms

    po-2-rur301.roseville.mn.minn.comcast.net (68.87.174.157)  11.711 ms

    68.87.174.105 (68.87.174.105)  13.142 ms

5  68.87.174.105 (68.87.174.105)  12.983 ms

    68.87.174.241 (68.87.174.241)  12.870 ms

    68.87.174.105 (68.87.174.105)  14.192 ms

6  69.139.176.209 (69.139.176.209)  14.946 ms

    68.87.174.241 (68.87.174.241)  14.709 ms

    96.108.52.9 (96.108.52.9)  16.628 ms

7  69.139.176.209 (69.139.176.209)  17.489 ms

    be-39841-cs04.1601milehigh.co.ibone.comcast.net (96.110.40.109)  30.018 ms

    68.87.174.237 (68.87.174.237)  17.628 ms

8  be-1313-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.106)  29.748 ms

    be-39821-cs02.1601milehigh.co.ibone.comcast.net (96.110.40.101)  29.905 ms

    be-1413-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.110)  31.150 ms

9  be-1113-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.98)  31.996 ms

    be-302-cr13.champa.co.ibone.comcast.net (96.110.36.197)  29.540 ms

    be-1414-cr14.1601milehigh.co.ibone.comcast.net (96.110.39.126)  31.270 ms

10  be-1414-cs04.champa.co.ibone.comcast.net (96.110.37.253)  30.193 ms

    be-302-cr14.champa.co.ibone.comcast.net (96.110.39.5)  30.223 ms

    be-1213-cs02.champa.co.ibone.comcast.net (96.110.37.229)  35.754 ms

11  be-1314-cs03.champa.co.ibone.comcast.net (96.110.37.249)  30.902 ms

    be-36711-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.226)  41.067 ms

    be-1114-cs01.champa.co.ibone.comcast.net (96.110.37.241)  30.355 ms

12  96.216.180.114 (96.216.180.114)  42.147 ms

    be-36741-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.238)  41.409 ms

    96.216.180.114 (96.216.180.114)  41.657 ms

13  96.216.180.114 (96.216.180.114)  43.479 ms *  43.171 ms

14  69-195-64-113.unifiedlayer.com (69.195.64.113)  42.493 ms *

    69-195-64-111.unifiedlayer.com (69.195.64.111)  43.183 ms

15  69-195-64-111.unifiedlayer.com (69.195.64.111)  41.157 ms

    po97.prv-leaf6a.net.unifiedlayer.com (162.144.240.11)  42.240 ms

    69-195-64-113.unifiedlayer.com (69.195.64.113)  42.858 ms

16  69-195-98-233.unifiedlayer.com (69.195.98.233)  42.081 ms

    po97.prv-leaf6a.net.unifiedlayer.com (162.144.240.11)  42.330 ms

    69-195-98-233.unifiedlayer.com (69.195.98.233)  42.397 ms

I am going to contact bluehost now.

(edited)

Expert

 • 

110.1K Messages

@lost_in_space​ 

FWIW. There are some wild routing loop problems going on in that route !

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

Visitor

 • 

13 Messages

I chatted with the bluehost tech person, and they mentioned they handle support for hostmonster too. Then my mac died 😑

Visitor

 • 

13 Messages

@EG​ Which route? I'm no network engineer. All three that I posted look screwy, with too many hops and similar sounding IP names.

(edited)

Visitor

 • 

13 Messages

3 years ago

Well, I've chatted for quite some time with Bluehost, and they don't seen any problems on their end. They are not blocking my IP.

So what next? I dread calling 800-934-6489 for xfinity customer service, as they were of no help last time. Is there any way to actually get ahold of someone that knows a thing or two about their network?

(edited)

Gold Problem Solver

 • 

26.3K Messages

3 years ago

... they don't seen any problems on their end. They are not blocking my IP. ...

If your router has a "clone MAC" or "use this MAC" feature, use it to change its WAN MAC address. Then reboot the modem and, after it has stabilized, reboot the router. That should cause Comcast's DHCP server to assign an different public IP.

Or switch to a different router if you have one.

Or, if your Mac has an Ethernet port, for a test connect it directly to the modem. Then, as above, reboot the modem and when it has stabilized, reboot the computer.

After doing one of the above see if you can connect to the troublesome sites.

(edited)

Visitor

 • 

13 Messages

3 years ago

Ok Bruce, I used my son's gaming PC. Nothing worked at first, but a reboot of the modem fixed that. I can indeed get to those three pesky sites via a direct plugin to the modem. 

Does this mean the fault likely lies with the Gryphon router?

Gold Problem Solver

 • 

26.3K Messages

3 years ago

... Does this mean the fault likely lies with the Gryphon router?

My best guess is it means that, despite their denials, Bluehost (or its network, or one of the other companies involved here) was blocking your original public Comcast IP. Changing the device directly connected to the modem caused your public IP to change, and Bluehost is not (yet!) blocking the new IP. The systems that block IPs are often not well understood by webhost staff. They may not even be aware that such systems exist.

Comcast can't help you here. Most of their staff won't know what we're talking about. You could give contacting Unified Layer a try since Bluehost doesn't seem to know what they are doing.

Visitor

 • 

13 Messages

3 years ago

Another turn of events: on a hunch I contacted the Gryphon router people (the nicest people ever, btw) and after updating the router with the newest firmware (not even pushed out yet, fresh!) we discovered that somehow a bunch of sites like bing, Disney, my sites, xwavesoft etc were blocked on everyone else’s account, but get this, NOT ON MINE! BTW Gryphon is an phone app-based parental control type of router.

Not only are the permissions wacky, but somehow the software is corrupted and permissions are bleeding over onto my account. Permissions are obv wacky too (stuff I never set). 


Of course I had checked MY user account multiple times for just this scenario! But I was outfoxed by janky software! Gaaaahh!

I left it as is for the second level engineers to sort through, but I am sure a router reset to defaults is next. 

Bruce, if you never hear from me again, then that means the router is indeed the culprit. I really appreciated the support, man. Wasted 1.5 work days on this. 

(edited)

forum icon

New to the Community?

Start Here