Foray into DOCSIS 3.0 - Weirdness of DNS Caching

A gigabit HP-ProCurve network switch in a nest...

Image via Wikipedia

I recently upgraded to a DOCSIS 3.0 cable modem - Motorola Surfboard SB6120. After sharing the MAC address and product S/N, the unit was provisioned by Comcast. All of the LAN clients were able to ping out and resolve FQDNs without issue. However, I have one rogue winxp client that seems to be caching some weird Comcast maintenance site. It was the only box that was not using our local proxy (TOR/Privoxy). Once I setup the client to use our pseudo-local proxy the problem went away. However, this was not an elegant solution due to the decreased speed of sending traffic through TOR. Personally, I don't have a problem using TOR. Works well for me. I suppose that I could have offered foxyproxy to this particular user. However the owner of that winxp box isn't really interested in using proxies. Go figure :-)

Anyway the weird cached maintenance site can be seen here.

After a bit of head scratching I realized that I had a DNS problem. For whatever reason, none of the clients could resolve a FQDN.

Most of the time spent on the phone with Comcast help desk/support was useless. Some of the excuses were, "the cable modem was too new", "your router/firewall is the culprit".. The simple troubleshooting script for the average one-eyed droid was exhausted after I presented my problem. In fairness to Comcast, there was one tech who seemed interested. He shared all possible DNS server IPs, both public and Comcast specific. Nothing solved the issue. We even tried GOOGs public DNS servers (obviously not ideal), but did not solve the issue.

I spent a few days fooling around and eventually reverted back to my tried and true Linksys Cable modem BEFCMU010 (DOCSIS 1.0).

Some things I checked during my trouble shooting effort:

Rebooted both firewall (Smoothwall 2.0) and 1GB network switch
Rebooted with Ativa wireless G WAP
Rebooted Cable Modem
grepped through the squid access logs on Smoothwall

Below are snippets from my squid proxy access log. I use squid as a cheap caching server. Judging from the logs, it seems that the some sites are being re-directed others are being authorized. Not sure why. - - [07/Jan/2010:11:35:46 -0500] "GET HTTP/1.0" 200 473 TCP_MISS:DIRECT - - [07/Jan/2010:11:37:09 -0500] "GET HTTP/1.0" 200 473 TCP_MISS:DIRECT - - [07/Jan/2010:11:37:52 -0500] "GET HTTP/1.0" 200 473 TCP_MISS:DIRECT - - [03/Jan/2010:18:05:16 -0500] "GET
com/search? HTTP/1.1" 302 500 TCP_MISS:DIRECT - - [03/Jan/2010:18:05:39 -0500] "GET HTTP/1.1" 200 484 TCP_HIT:NONE - - [03/Jan/2010:18:06:37 -0500] "POST HTTP/1.1" 0 0 TCP_MISS:DIRECT - - [03/Jan/2010:18:08:13 -0500] "GET HTTP/1.1" 302 526 TCP_MISS:DIRECT

Here are some of the things I learned in this failed attempt:

  • Onion Routers are terrific - I was able to circumvent the Comcast caching issue using TOR and Privoxy
  • Never buy newly released modems without understanding how they work with various ISPs
  • Don't expect provisioning to be a simple evolution
  • DOCSIS 3.0 has some real potential once it becomes mainstream and all ISPs begin to use it.

Wonder if other people have had any success with these newer cable modems...
I will likely re-visit this experiment once I return the SB6120 back to "Worst Buy"..
Perhaps I will have a better experience next time.

Reblog this post [with Zemanta]
  • Retiring the Smoothie
  • Analog Hole Musings
  • Comcast DNS snafu
  • Confessions of an Anonymous Facebook Employee
  • Monthly Archives


    OpenID accepted here Learn more about OpenID
    Powered by Movable Type 4.25

    About this Entry

    This page contains a single entry by AG published on January 9, 2010 12:02 PM.

    Related Entries in Movable Type was the previous entry in this blog.

    Analog Hole Musings is the next entry in this blog.

    Find recent content on the main index or look in the archives to find all content.