Unable to reach Verizon CDN via Comcast

JeremyCaney · ‎03-04-2020

Some resources hosted on Verizon's Content Delivery Network (CDN) are not loading via Comcast XFinity—at least from my home network.

Microsoft's cloud service, Azure, uses Verizon CDN and, as a result, many Microsoft-related sites take a while to load and/or are not rendering properly due to timeouts when accessing (primarily) JavaScript and CSS files. These same resources can be loaded without issue using the same devices and browsers at other location or via my cellular data plan.

Some hostnames I've noticed this on:

ajax.aspnetcdn.com
az416426.vo.msecnd.net
az725175.vo.msecnd.net

Each of these resolves to cs22.wpc.v0cdn.net.

My network troubleshooting skills are pretty rusty, but doing a tracert on each of these yields a timeout for any hops beyond 10.0.0.1, which is the local (LAN) IPv4 address of my XFinity router. That makes me assume that these requests are being blocked by my router. Is that a valid interpretation?

My initial assumption was that this was being blocked by the newly released XFinity Advanced Security feature. If that's the case, however, these resources aren't showing up in the threat history for any of the devices being used. If these are being blocked by the XFinity router, they're not being reported via the XFinity Advanced Security dashboard in the xFi app.

Does anyone have any insight into how to mitigate this issue? Is there a way to temporarily disable XFinity Advanced Security to determine if that's causing interference here? Are there other troubleshooting steps that I can employ to isolate this issue?

EG · ‎03-04-2020

@JeremyCaney wrote:

That makes me assume that these requests are being blocked by my router. Is that a valid interpretation?

Yes.

My initial assumption was that this was being blocked by the newly released XFinity Advanced Security feature. If that's the case, however, these resources aren't showing up in the threat history for any of the devices being used. If these are being blocked by the XFinity router, they're not being reported via the XFinity Advanced Security dashboard in the xFi app.

Does anyone have any insight into how to mitigate this issue? Is there a way to temporarily disable XFinity Advanced Security to determine if that's causing interference here? Are there other troubleshooting steps that I can employ to isolate this issue?

Try disabling it and see;

https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!

JeremyCaney · ‎03-04-2020

@EG: Thank you so much for the quick response, and the link. I should have looked up how to disable Advanced Security before opening this thread. That resolves the issue.

This raises a couple of more questions, however:

How do we report false positives to Comcast?
Why aren't these "threats" being reported in the xFi app?

I imagine this is a concern for Verizon, Azure, and anyone using their services. I discoerved this because a client uses Azure Application Insights—whose client-side library is hosted on this domain—and, as a result, their site was loading really slowly from my home network.

Jeremy

EG · ‎03-04-2020

I don't believe that they currently have a system in place yet for reporting / whitelisting.

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!

Unable to reach Verizon CDN via Comcast

Re: Unable to reach Verizon CDN via Comcast

Re: Unable to reach Verizon CDN via Comcast

Re: Unable to reach Verizon CDN via Comcast