Rtd2's profile

Regular Visitor

 • 

4 Messages

Saturday, November 23rd, 2019 1:00 PM

Closed

Xfinity DNS Resolution Intermittently Fails 3x a Day

Greetings Friends. 

 

I have Gigabit xFi services with Comcast. New Router and a great signal. No Packet loss. 

 

For the last year, DNS resolution fails against the IPv4 Xfinity DNS servers - the DNS servers issued to my gateway by Xfinity and which propagates to my internal devices by DHCP. I can ping specific IP addresses with little to zero packet loss, but can't resolve any domain names. A gateway reboot fixes the problem, but this can't possibly be a permanent fix. 

 

Here is an example. 

XXXX is removing personal data

C:\Users\XXXX>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : XXXXX
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net
   Description . . . . . . . . . . . : Marvell AVASTAR Wireless-AC Network Controller
   Physical Address. . . . . . . . . : XXXX
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : XXXX
   Lease Obtained. . . . . . . . . . : Friday, November 22, 2019 8:07:05 AM
   Lease Expires . . . . . . . . . . : Thursday, November 28, 2019 11:19:16 PM
   IPv6 Address. . . . . . . . . . . : XXXX
   Temporary IPv6 Address. . . . . . : XXXX
   Link-local IPv6 Address . . . . . : XXXX
   IPv4 Address. . . . . . . . . . . : XXXX
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, November 22, 2019 8:07:03 AM
   Lease Expires . . . . . . . . . . : Saturday, November 30, 2019 11:06:02 AM
   Default Gateway . . . . . . . . . : XXXX
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : XXXX
   DHCPv6 Client DUID. . . . . . . . : XXXX
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
                                       2001:558:feed::1
                                       2001:558:feed::2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Looks good, right?

 

Let's try resolving against Xfinity issued DNS. Let's ping google first to make sure the connection is up through.....

 

Microsoft Windows [Version 10.0.18362.476]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\XXXX>ping 8.8.8.8

Pinging 8.8.8.8 with 32 bytes of data:
Reply from 8.8.8.8: bytes=32 time=15ms TTL=54
Reply from 8.8.8.8: bytes=32 time=13ms TTL=54
Reply from 8.8.8.8: bytes=32 time=13ms TTL=54

Ping statistics for 8.8.8.8:
    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 15ms, Average = 13ms
Control-C
^C
C:\Users\XXXX>ping google.com
Ping request could not find host google.com. Please check the name and try again.

Let's try nslookup....

 

C:\Users\XXXX>nslookup google.com
Server:  UnKnown
Address:  2001:558:feed::1

*** UnKnown can't find google.com: Query refused

Let's try a secondary non-xfinity dns server. Specifically, Google's DNS server at 8.8.8.8

 

C:\Users\XXXX>nslookup
Default Server:  cdns01.comcast.net
Address:  2001:558:feed::1

> server 8.8.8.8
Default Server:  dns.google
Address:  8.8.8.8

> cnn.com
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    cnn.com
Addresses:  2a04:4e42:200::323
          2a04:4e42:400::323
          2a04:4e42:600::323
          2a04:4e42::323
          151.101.65.67
          151.101.129.67
          151.101.193.67
          151.101.1.67

Hmmm.. that worked just fine. If I had to guess, the Xfinity DNS servers are not unable to authenticate my connection as a valid user and denies the query. Why it suddenly works on a reboot is beyond me.

 

These are the results after a gateway reboot / reset. 

 

C:\Users\XXXX>nslookup
Default Server:  cdns01.comcast.net
Address:  2001:558:feed::1

> cnn.com
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Non-authoritative answer:
Name:    cnn.com
Addresses:  2a04:4e42:200::323
          2a04:4e42:400::323
          2a04:4e42:600::323
          2a04:4e42::323
          151.101.193.67
          151.101.129.67
          151.101.1.67
          151.101.65.67

> google.com
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Non-authoritative answer:
Name:    google.com
Addresses:  2607:f8b0:4005:80b::200e
          172.217.6.46

Happens 3 times a day and the only resolution is a GW reboot. I've called tech support 2 dozen times, had techs to the house over a dozen times. Layer 1 (Physical) is great. Strong signal and no packet loss. 

 

Tech support will not transfer me to Level 2 Advanced Services support as they can't see the issue from their end. The GW is up and responding. They said once the internet is back up, they have to close the ticket. 

 

Help!

This conversation is no longer open for comments or replies and is no longer visible to community members.

Regular Visitor

 • 

4 Messages

5 years ago

Obviously, this is what's seen in the browser but thought I would post anyway.

 

Chrome Error

forum icon

New to the Community?

Start Here