To start with, I'm a Resident Engineer that works directly with Internet service providers network security teams. Please bare in mind asking things like restart the modem and make sure you are wired vs wireless are entirely unnecessary (looking at you Comcast support).... as I have made a career in troubleshooting network connectivity and security issues and have went through the process multiple times.
As I have been in the Network security industry for years, I was using my own 3rd party modem with Comcast and had little to no issues at all for years. Fast forward to the present when the local headend started enforcing removal of modems supporting older DOCSIS standards. Ok thats fine with me, I am all about modernizing infrastructure especially under the premise that speeds will increase, so sure lets give the older modems the boot. What options did I have? At this point due to time and workload I didn't have time to reconfigure my home network with another Comcast approved 3rd party modem so I opted for the simple answer and wanted to see what all the "Buzz" was about with the XB6 xFi Advanced Gateway and at least I would get my home network back up and going with minimal effort. Moving forward, we received the device, installed with minimal effort and was back up and running, but then we had odd issues.
- IOT devices such as smart home thermostat would no longer stay connected to the cloud services
- Chromebook would not work at all
- Nvidia Shield intermittent internet access issues
- Intermittent access to websites to any and all websites (frequency 3-5 times a day for 5-10 minutes or even longer time periods) with the browser error: “ERR_NAME_NOT_RESOLVED”
So finally after a few months of consistent DNS issues and having a little time to look in to this I began troubleshooting. Before I explain my troubleshooting steps, let me preface some of the main pillars of networking, so those without the knowledge, understand the workflow/process of being able to reach their favorite websites.
Edumacation from yours truly:
When you are on your Laptop/PC/mobile device and you open a browser and try to visit your favorite website there are alot of gears turning under the hood. Lets start with IP addressing. Every publicly accessible server on the internet has a public IP address. IP addresses can be used as source or destinations. Think of how you send mail to a relative, the source is your home address the destination is your relatives home address, the post office is responsible for picking up your mail and delivering it to your relatives home address. Imagine that the post office is the internet service provider (Xfinity) who picks up your "mail" (packets) from your xFI gateway and determines how to get it to the destination IP (where the server lives). Thats great and all and is really a convaluted process, because you could spend a career explaining how a service provider connects you to your favorite servers.
But theres another pillar of networking that needs to be taken in to consideration called DNS.
When you compose a letter and send it to your relative, you already know the destination address (or look it up in your space age Rolodex). But for your computer, it is unlikely it has said Rolodex with all of the internet servers IP addresses stored for every site on the internet. So your computer relies on talking to whats called a DNS server (The internet Rolodex). When your computer boots, or you connect via WiFi, your computer makes a request to the xFI gateway asking for a (local) IP address and DNS servers your computer can talk to, to resolve the website name your are visiting to an IP address.
Great so how does this all apply to Comcast XB6 xFI gateway?
Well when your PC connects and gets its local IP and DNS servers assigned from the XB6 you will have Comcasts DNS servers (126.96.36.199 and 188.8.131.52) but wait it also provides IPv6 DNS servers as well (2001:558:feed::1 and 2001:558:feed::2). Well we haven't talked about IPv6 so lets backup a bit. When the internet was created IPv4 was the standard used for IP addresses and assignment, but there was a limited number of public IPv4 addresses that can be assigned, so smart peoples created IPv6 which has many more IP addresses to use. Great now thats covered what does that mean for my PC?
Well when you go to a website your PC will prefer to use the IPv6 DNS server to resolve the website to an IP address so you can compose your packet (mail). Due to the PC's order of precedence in the networking stack. IPv6 is preferred over IPv4 if available. This is great we are using IPv6 but unfortunately for some unknown reason throughout the day IPv6 DNS queries from your PC through the xFI gateway to Comcasts DNS server gets dropped every once in while. Ok well that should be fine right? We still have an IPv4 DNS server we can talk to as well right?
Well in my case my PC can't talk to the Comcast DNS servers (184.108.40.206 and 220.127.116.11) through the xFI gateway. This means I can't translate a website name to an IP address so I get the error in my web browser: “ERR_NAME_NOT_RESOLVED” which means I can't compose the packets to send to the server cause I don't know the servers IP address.
Disclaimer Note: this "edumaction" is overly simplified, but the basic principles are what makes the internet today and I don't have a lot of time to fully go in to the depth from beginning to end how this works 🙂
Now on to Troubleshooting:
Well lets not discuss the hours on a Comcast support call, 5 resets of modem, re-provisioning, measuring of the transmit and receive levels of the xFi gateway to the headend, disabling of the Advanced security settings and the inability to get transferred from the Residential Support center to an informed network engineer that really makes the network work, not to mention being transferred between 10+ representatives to repeat the same processes and still no contact or representative to hold accountable for a subpar internet connection, also a promise from the support manager to call me back which has not happened at the scheduled time.... /end rant
Firstly we have to rule out the customers (me) network, PC, and xFI settings right?
ipconfig /allLinux (Ubuntu 18.04)
nmcli device show
sudo systemd-resolve --flush-caches
nslookup google.com 18.104.22.168Linux
dig google.com @22.214.171.124
nslookup google.com 2001:558:feed::1Linux
dig google.com @2001:558:feed::1
At this point you should be talking to Comcast, but I don't know what department will actually take you seriously and get an informed support representative to assist.
For @Comcast_Support see Incident CR930002267, please find me someone that will troubleshoot the issue and be accountable instead of calling in and playing the support shuffle game.
For the rest of you that are experiencing these issues and are just trying to get by in your day and have ran in to this issue, post your experience and whether or not you were able to get anyone to resolve these issues for you or your detailed workarounds that have worked for you.
Hi @Kinggirl I am with you there, it is really frustrating when an issue is intermittent. As for my situation, no I have not had any resolution to this yet, still trying different options such as having a replacement Modem sent to rule out the modem hardware from being part of the issue, I'll update here if I get a resolution and any details surrounding it.
So when a device connects to the network generally you will get a DHCP lease giving you IP/DNS settings. What I have noticed in modern operating systems that connect via WiFi is that there is "smart" detection and testing of the settings given to your device (forgive me I don't remember the technical terms offhand). Your device when initially connected, will test via some hardcoded routines basically saying hey can I reach this external server by resolving the hostname via the assigned DNS and get the response back that I expect? If not consider this connection as "borked" and maybe auto-connect to your next saved/available WiFi network, or if you are on a mobile device, it may use your mobile data connection for further connections to the internet since it considers this connection "borked" (otherwise seen as connection successful but no internet). This is a feature that will enhance the user experience over time, but it is concerning as more devices connect via WiFi these days and troubleshooting becomes more complex and the level of support you get these days is most certainly not adequate.
Because DNS is such an important pillar of networking it does amaze me that @Comcast_Support is entirely unaware of the actual workflow of how DNS works between a client device and a DNS server and why they can't troubleshoot this simply from a command line on the modem backend or log DNS issues in the modem itself. I can't say for sure that this is your situation as to why you can only appear to work via the ethernet cable but there are some troubleshooting steps you can try.
First we probably have to cover the basics to make sure you can rule out your Mac / other devices:
1. Reset the modem (you have done that so proceed on 🙂 )
2. Check what IP/DNS settings you are getting from the xFinity gateway. First ensure you are connected via WiFi on your Mac, and launch your terminal, then type the following to get the IP settings currently assigned to you:
This will show you your IPv4 address the modem gave you as well as your IPv6 address
3. Next check what DNS servers you are assigned:
This will show you the DNS servers in the order of priority (top to bottom) the Mac will try to use to resolve website names to IPs.
4. Determine your Mac's default gateway (which should end up being the xfinity modem/router):
netsat -nr | head -5
The IP address normally ending in ".1" should be your gateway.
5. Now that you have all the available information from your Mac, lets test and make sure your Mac can reach the xFinity Modem:
Replace x.x.x.1 with whatever your results were from step 4 (your gateway). If you can ping that gateway consistently then you know between your Mac and the xFinity modem/router is good.
6. Next lets see if you can route to some external IP on the internet, lets use Googles reliable 126.96.36.199:
If the pings are successfull then great! We have established that you are at least capable of connecting from your Mac to the modem and send packets all the way out to Googles 188.8.131.52 and receive responses from that server.
7. Now lets see if the other main pillar of network actually works (DNS)
From the terminal on your Mac lets test a direct query to Comcasts IPv4 DNS server and see if it can resolve the hostname Google.com to an IP address:
dig @184.108.40.206 google.com
If you end up with a
"connection timed out; no servers could be reached"
then this is no bueno and for some reason you are unable to resolve DNS queries against Comcasts server.
Well why don't we try a 3rd party DNS server like ol reliable Google?
dig @220.127.116.11 google.com
Again connection timeouts ? Well Kinggirl, I think at this point you may be having the same issues as I.
But before declaring it so, lets at least make sure you can route to the Comcast DNS server. Note I say route which there is a key difference between routing and making a DNS query (for the network nerds out there you know Layer3 vs a Layer7 issue)
8. Let us see if we can route! ping the Comcast DNS server:
If you get timeouts then there maybe a networking issue with Comcast, which at least should be well known, amongst your area or at least within the support center and generally they move to resolve those issues.
But to be certain lets follow the route the packet takes from your Mac to the Comcast server, if you see any asterisks * then the last reported IP is where the issue begins.
Well, I think thats all I can cover as far as the basics on your end, what Comcast likes to do is:
1. reset your modem just by speaking to the automated attendant
2. speak with a live agent Tier1 who would like to confirm information, and potentially reprovision your modem (which again resets it)
3. Do another modem reset, this time checking the signal strength between your modem and their headend where all customers connect to.
4. Disable Advanced Security if this is enabled (depending on the model of your modem)
5. Wave their hands in the air like they just don't care and transfer you to another department - thats at least what happens to me 🙂
6. Get an on site tech scheduled to test / replace your modem should the existing one be faulty - mine didn't have one so I had to call in, and speak with managers and request another one to rule out the local hardware from being the problem (current stage of my life right now)