Comcast contact sought

Sun Sep 24 17:17:36 UTC 2023

I've been down this road many times before. You need to find your local
account manager/sales rep and ask them to remove the coding from the
account. This may result in losing the bundle price, so pair it with a
different service like Comcast Connection Pro or something like that.
Should keep it from coming back vs calling support over and over. If you
don't have a local account manager ping me off list and I can try getting
you in touch with someone I know. Good luck.

- Patch

On Sun, Sep 24, 2023, 9:37 AM Aaron de Bruyn via NANOG <nanog at nanog.org>
wrote:

> We get around the brain-damage by having our router grab all DNS requests
> and convert them to DoT or DoH using dnsdist. That probably won't work if
> you're hosting a DNS server on your cable connection though.
>
> Call the normal support number and have them disable the "Security Edge"
> service. The "best" they can apparently offer is that it'll stay disabled
> until your modem gets a firmware upgrade or is factory reset. Then you'll
> have to call back in and disable it again.
>
> Just be prepared that they're going to tell you it'll cost more for
> providing less service. Security Edge is horrible? Disabling it costs more.
> Don't need a phone number so Comcast can pad their numbers to the FCC?
> It'll cost you more. Same with not needing cable TV for your business. It
> costs you more because Comcast can't use you as a bargaining chip when
> negotiating with other media companies.
>
> -A
>
> On Sun Sep 24, 2023, 05:05 AM GMT, Al Whaley <awnanog at sunnyside.com>
> wrote:
>
> I am looking for a senior contact at Comcast.
>
> I have been trying to assist someone with a business connection that runs
> a server farm.  Recently the business cable modem started to short-stop
> port 53 for UDP and TCP.  Apparently, a transparent DNS proxy somehow got
> activated and all outbound traffic to any IPv4 or IPv6 address is
> intercepted and handled by the modem – or not handled.  Sadly, the proxy is
> stupid and a) ignores the intended destination address, and b) drops things
> it doesn’t know about, including any AXFR / IXFR and other more esoteric
> traffic, normal for DNS server installations, but not used by the public.
> The DNS servers are not able to do work, e.g. act as secondaries.
>
> I know others in the same configuration with servers that have been lucky
> and not had this ‘feature’ activated, but I have found several references
> on forums where people have been caught by this and unsuccessful in
> reaching anyone in management, so it is a known problem.
>
> Comcast doesn’t allow customer supplied DOCSIS modems with multiple fixed
> IPs.  Other avenues exhausted as well.
>
> I’m hoping someone at Comcast can disable this.  Attempts to go through
> customer service… well we all know where that ends up.  Escalations just
> don’t go to anyone technical or interested.
>
> regards
> Al Whaley
> Sunnyside Computing, Inc.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20230924/463e4438/attachment.html>