Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Caught in Comcast Traffic Filtering?

Zonk posted more than 6 years ago | from the it's-the-craziest-thing dept.

Networking 385

marcan writes "Comcast users are reporting 'connection reset' errors while loading Google. The problem seems to have been coming and going over the past few days, and often disappears only to return a few minutes later. Apparently the problem only affects some of Google's IPs and services. Analysis of the PCAP packet dumps reveals several injected fake RSTs, which are very similar to the ones seen coming from the Great Firewall of China [PDF]. Did Google somehow get caught up in one of Comcast's blacklists, or are the heuristics flagging Google as a file-sharer due to the heavy traffic?"

Sorry! There are no comments related to the filter you selected.

Not me... (2, Informative)

omeomi (675045) | more than 6 years ago | (#21170081)

I'm on Comcast, and haven't had any problems. Doesn't mean they're not doing it elsewhere, but they don't seem to be doing it here.

Re:Not me... (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21170119)

Thanks for adding anecdotal noise to the discussion that adds absolutely nothing to the discussion. Thanks for posting pcap dumps with it too.

Fag.

Re:Not me... (0)

Anonymous Coward | more than 6 years ago | (#21170233)

Thanks for adding an inflammatory comment and immature insult that adds even less to the discussion.

Re:Not me... (3, Funny)

Anonymous Coward | more than 6 years ago | (#21170665)

I'm on Comcast, and I haven't had any problems either.

I also posted my Comcast anecdote on Slashdot, and haven't been flamed for it yet.

Re:Not me... (0, Offtopic)

GundamFan (848341) | more than 6 years ago | (#21170285)

So I take it any comment that doesn't boil down to "Comcast sucks!" will be met by you with contempt and little else. Could it be that the fact that not all Comcast customers seem to be effected could be important to this story? I think you are the one adding "noise" here.

Re:Not me... (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21170525)

Could it be that the fact that not all Comcast customers seem to be effected could be important to this story? I think you are the one adding "noise" here.

Could it be that if you can't even correctly use the word "affected" then you're not worth listening to? Lazy bastard.

Re:Not me... (0, Offtopic)

prelelat (201821) | more than 6 years ago | (#21170625)

At least he wasn't scared to be an Anonymous Coward. I don't see how your grammar corrections add anything to the discussion at hand. The fact remains if Comcast is doing some kind of traffic control and google is caught in it why are not all customers effected/affected? The answer might be that not everyone is on the same routing switch and that the traffic is handled different for each section. I know in Canada with Shaw the people in Vancouver are treated differently then the people in Edmonton because they have different hardware running their connection.

Re:Not me... (0)

Anonymous Coward | more than 6 years ago | (#21170489)

Hah! I was wondering what was going on.
Last month, EVERY Friday, between 9pm & midnight, we'd lose connection to the googinator for the rest of the night. Very strange.

Re:Not me... (4, Interesting)

Drachemorder (549870) | more than 6 years ago | (#21170717)

I'm on Comcast and I do notice some unusual "connection reset" errors every now and then. More than I would normally expect, at least. They happen when I'm trying to telnet/SSH into my Linux box from outside, when I try to download something on Steam, in fact during nearly anything that requires a connection to be established for any significant period of time. I never used to have this problem before Comcast assimilated my previous cable provider. Makes me wonder if it's deliberate.

Re:Not me... (1)

omeomi (675045) | more than 6 years ago | (#21170779)

More than I would normally expect, at least. They happen when I'm trying to telnet/SSH into my Linux box from outside,

That's interesting. I have had resets when SSHing one specific Linux box that I use for work, whereas all others have been fine. I don't know if that box is on a Comcast connection or not. But I haven't had any troubles SSHing into my own box from elsewhere.

Re:Not me... (1)

NickCatal (865805) | more than 6 years ago | (#21170785)

I'm not having any problems either.

One thing that doesn't bother me is that ISPS should do some traffic shaping if the line is saturated. That is OK by me. Hell, if there was really that big of a problem I would support having cache-technology on the ISP side that websites could enable. Why should I have to pull 'panda sneezing' from California when my neighbor just looked at it? Why am I not pulling it from my ISP's servers in downtown Chicago? Of course this would need to be approved by the site that has the data coming down from it, but is Youtube really going to say no if your ISP is offering to serve the data to their customers and tell youtube about it in a HTTP request? I don't think they would.

I would also prefer that VOIP, DNS and HTTP traffic have preferential treatment over file-sharing.

But in this case it just sounds like they can't figure out how to do it right.

Get the facts (5, Funny)

MyLongNickName (822545) | more than 6 years ago | (#21170087)

70% of all "file sharers" use Google. Anyone with even a small background in statistics can see that Google is behind all this piracy. Comcast is simply watching out for our economy. I say good for them. Now if they would only do something about that wretched Slashdot and its wanker community.

Re:Get the facts (3, Funny)

Shakrai (717556) | more than 6 years ago | (#21170243)

-1, Troll? This should have been modded funny. Or ignored. Or overated if it bothers you that much. But troll? I hope you pay in meta-mod.....

Re:Get the facts (1, Informative)

4D6963 (933028) | more than 6 years ago | (#21170369)

Wow, -1 Troll? Do people even think before moderating? For those who aren't subtle enough to get it on their own, the parent post is being sarcastic.

Edit : ha, nevermind, someone had the common sense to mod it Funny.

Edit #2 : Oh yeah, didn't you know? Now you can edit your posts on Slashdot.

Re:Get the facts (0)

Anonymous Coward | more than 6 years ago | (#21170787)

Edit #2 : Oh yeah, didn't you know? Now you can edit your posts on Slashdot.

Since when? And how?

Oh cool (0)

Anonymous Coward | more than 6 years ago | (#21170767)

Since Windows users accounts for 99% of the pirates, can we just do one of the below?
  1. Sue MS?
  2. prohibit all windows?
  3. Finally, just shoot all the window users?
Hell, lets do all 3.

Re:Get the facts (1)

Opportunist (166417) | more than 6 years ago | (#21170939)

You have a great career in statistics ahead of you.

Google *is* the file-sharer (4, Insightful)

Paeva (1176857) | more than 6 years ago | (#21170101)

After all, doesn't Google host more copyrighted content than any other person/company in the world? ;)

follow the money (0)

Anonymous Coward | more than 6 years ago | (#21170105)

Has Comcast by any chance partnered with another search engine? Completely coincidentally of course?

Re:follow the money (1)

GundamFan (848341) | more than 6 years ago | (#21170439)

That is a genuinely good question, I don't know of any such partnership (I would guess that Slashdot would report it given what I have seen as far as Comcast coverage here) but it does seem like a plausible explanation. Money is defiantly at the heart of this issue if it is indeed intentional at all (I wouldn't put this past Comcast's ability to screw up).

My next questions would be: How bad is the disruption and how many users in what regions are affected?

Happened to me yesterday (1)

TheDrewbert (914334) | more than 6 years ago | (#21170133)

when my Google Apps site suddenly wouldn't work.

Gmail Notifier (4, Informative)

hansamurai (907719) | more than 6 years ago | (#21170139)

Starting yesterday my Gmail Notifier Firefox extension stopped working at home where we have Comcast, but at work it works just fine. I thought maybe the plugin had broken due to some API changes or something but I thought it was odd it worked one place and not the other. This really seems like it's related and even though I believe Gmail Notifier is a third party extension, it's still accessing Google's servers.

Comcast is really pissing me off. But what's my other option: Qwest DSL.

Re:Gmail Notifier (0)

Anonymous Coward | more than 6 years ago | (#21170281)

I wouldn't be surprised if they arn't meaning to block google, but their network is just such a piece of shit that it's doing it by accident. I moved away from comcast internet 2 years ago after 3 weeks of "we have people out there working on the problem right now" and no internet access.

Re:Gmail Notifier (3, Insightful)

ajs (35943) | more than 6 years ago | (#21170459)

Comcast is really pissing me off. But what's my other option: Qwest DSL.
Thankfully, I had RCN as an option. I pay them $20 extra per month for a static IP and run my home Web server and mail gateway there. I've never had a problem downloading Ubuntu or Fedora distributions with BitTorrent; Web traffic incoming or outgoing; or... well, anything.

Call your city. Ask them to re-evaluate Comcast as the local Cable provider or do what my town did: offer RCN as a competing provider.

Re:Gmail Notifier (1)

SevenHands (984677) | more than 6 years ago | (#21170775)

This is exactly what is needed here. Enough Comcast subscribers jumping ship would most definitely start a shift in company policy away from practices like this. Unfortunately, there is probably a large majority of clueless/less tech savvy Comscat subscribers who will merrily go along feeding the beast, mostly oblivious to what is happening.

Supporting small local ISPs is something I have always been totally for. The cost might be a bit higher, but usually I end up getting better services. Usually these smaller ISPs don't have an issue with a subscriber running small FTP/Web servers, whereas with large outfits like Comcast, this is either frowned upon, or outright banned.

Re:Gmail Notifier (1)

shredswithpiks (867616) | more than 6 years ago | (#21170883)

Qwest DSL was my only alternative, too. Glad I made the switch. 7meg all to myself. I don't get TOS letters for using too much bandwidth in one month. I don't get fake packets ruining bit-torrent and google. seems like an easy choice to me.

How can you tell? (1)

*weasel (174362) | more than 6 years ago | (#21170933)

I've been having the same problems on and off over the last couple weeks.

Problem is, I never thought to dig into it as my connection is regularly 'comcastic' (pejorative) during peak hours.
I'm not sure if you should consider yourself lucky or unlucky that you can actually tell the difference between their incompetence and malice.

I hope they get slapped (3, Interesting)

Daimanta (1140543) | more than 6 years ago | (#21170151)

Hard. Nothing worse than a pissed off multi-billion dollar company suing your ass off. That will teach them.

unfair competition (4, Insightful)

mr_mischief (456295) | more than 6 years ago | (#21170187)

Is the title clear enough? I can't imagine any judge or jury saying Comcast is allowed to impersonate Google and tell Comcast customers they're not allowed to use Google's services or that Google's services are overwhelmed and shutting down connections. That's essentially what forged, fraudulent RST packets from a MITM attack are doing. That can't possibly be considered a legitimate business practice in court.

Re:unfair competition (4, Insightful)

Shakrai (717556) | more than 6 years ago | (#21170293)

That's essentially what forged, fraudulent RST packets from a MITM attack are doing

I fail to see how they think these types of "traffic management" tools will work in the long run. It's only going to encourage the P2P users to adopt more protocol masking/encryption techniques to hide from these devices. And then what are you left with? Blocking encrypted traffic? Breaking the internet by refusing to route packets directly between end-users and only routing them to major sites?

In a fair world with a fair marketplace they'd have two options. They could choose either one and the market would decide which was best: 1) Stop selling unlimited service and switch to a metered model. 2) Upgrade their friggen network to support it.

Re:unfair competition (4, Insightful)

mr_mischief (456295) | more than 6 years ago | (#21170437)

I'm still not convinced the bandwidth is Comcast's major concern. Comcast still makes the majority of their money from being a cable company, and only uses Internet access as a diversification method, don't they? All the Comcast commercials I see are for cable TV, not for Internet access.

It seems to me the whole rage against P2P traffic (which is how lots of games are played, BTW, and how almost all VPNs are set up) is not so much about capacity as about a conflict of interests on the part of Comcast. They're the content delivery network for TV programming and music (they have music channels like DirecTV does, don't they?). They are wanting to make sure you use your cable TV for getting video and audio, because that's where they get a bigger cut.

Re:unfair competition (4, Interesting)

Shakrai (717556) | more than 6 years ago | (#21170633)

That's an interesting take on it. And as far as I'm aware there is no DSL provider in the United States doing anything like this. It certainly seems to be the case in the wireless world. The carriers removing or blocking features that may compete with their own content offerings.

One wonders what the solution to this is. Prohibit someone from being in the content business AND the delivery business at the same time? They'd fight you tooth and nail on that -- and you'd have the "free market" types after you as well.

In any case I think they will shoot themselves in the foot in the long run. What happens when all P2P traffic is encrypted and looks like any other encrypted protocol (ssh, ssl, etc)? At that point you may be able to identify WHICH subscriber is using p2p (bittorrent stands out like a sore thumb for the sheer volume of connections it establishes) but how will you identify which individual packet is p2p and shape it? Or will they just start sending random RST packets to ALL your connections, including (as TFA suggests) Google?

If bandwidth IS the issue then in the long run they only have two options. Invest in some upgrades or stop selling "unlimited" service. Personally I'd take the best of both worlds. I'd offer a "premium" package aimed at p2p users (no monthly bandwidth limit and/or higher speeds) and use the money from that to expand my network.

Re:unfair competition (1)

bhima (46039) | more than 6 years ago | (#21170661)

Isn't all that new HD content, and Comcast's very own VOIP and, all those SD channels, and all those music channels, and all their other crap carried on the same network?

Surely they'd rather have all that bandwidth going to paying HD content subscribers, rather than those filthy file-sharers!

Oh and they'd like to continue to oversell capacity too, thanks!

Re:unfair competition (1, Insightful)

Anonymous Coward | more than 6 years ago | (#21170637)

They are on a metered model! They just don't tell you what your limit is.

Re:unfair competition (2, Insightful)

Shakrai (717556) | more than 6 years ago | (#21170703)

They are on a metered model! They just don't tell you what your limit is.

That's not quite true. My electric company won't cut off my service if I use more electric this month then I did at the same time last year.

Metered service could work in one of two ways. They provide you with X gigabytes of bandwidth and charge you an overage rate for each gigabyte over that (or cut you off for the rest of the month), or they just charge you X dollars per gigabyte and maybe a small monthly fee. That's how electric or gas works.

That said, I don't think metered service would play very well. What happens when someone gets a huge bill because of their PC being owned? It'd be a PR nightmare for them and their competitors would doubtless use it against them (our service is unlimited!). So they'd have little choice but to invest in their network.

I actually have some sympathy for them. But it only goes so far. They shouldn't have the right to sell something as "unlimited" when it's really not. Plain and simple.

Would be kind of awesome... (3, Interesting)

Luke Dawson (956412) | more than 6 years ago | (#21170195)

If Google were being wrongly flagged, and Google ends up suing the ass off Comcast to put an end to this bullshit.

What? (1)

JK_the_Slacker (1175625) | more than 6 years ago | (#21170199)

Just who are these goggle people, and why are they trying to clog my internets?

Seriously, Comcast needs to rethink things. It's pretty obvious they don't actually want to be a responsible ISP. Why do they stay in the game? There are perfectly acceptable ways to make money without being vilified for every decision you make.

Oh me oh my! (-1, Offtopic)

scorpiowulf (1181651) | more than 6 years ago | (#21170211)

http://www.wulfram.com?mkid=31257 [wulfram.com] - The plot thickens! I wonder how deep this one will go, intervention to stop Google's world domination?

Re:Oh me oh my! (1, Offtopic)

khallow (566160) | more than 6 years ago | (#21170535)

How do you report spamming? It's odd that I've never seen it before on slashdot.

Re:Oh me oh my! (-1, Offtopic)

scorpiowulf (1181651) | more than 6 years ago | (#21170597)

Don't be silly, it's not spam, I posted an on topic comment. You, on the other hand, went entirely off-topic. Congrats.

Theory... (1, Interesting)

njfuzzy (734116) | more than 6 years ago | (#21170221)

Maybe Google is including some spoofed information in their packets, to test what Comcast is filtering for (and/or to sabotage the filtering system with false positives). There was a time when it wouldn't have surprised us to see their "Don't be evil" policy extended to this kind of jab at an evil policy elsewhere.

Push it one step further... (5, Interesting)

KingSkippus (799657) | more than 6 years ago | (#21170359)

What if Google, a (justifiably) huge advocate of network neutrality, is deliberately sending the type of RST packets that imitate Comcast's faked packets, specifically to Comcast IP addresses, knowing the inevitable fallout that would result? It would make an already bad situation for Comcast far, far worse, and it's likely that the requested Senate investigation would turn into nails in the coffin for those who want preferential treatment of packets on the Internet.

For a company that does no evil, if they could pull it off, it would be absolutely diabolical. But then, it could easily be one of those "ends justify the means" kinds of situations. At any rate, all I can say is "MWAH HAH HAH HAH HAH!!!! Suckers!"

(No, I don't actually believe that's what's happening, but man, what an AWESOME plan to make network neutrality happen once and for all.)

Re:Push it one step further... (2, Insightful)

random coward (527722) | more than 6 years ago | (#21170573)

"...it could easily be one of those 'ends justify the means' kinds of situations."

The ends should justify the means. The problem is when you start thinking the ends justify ANY means.

Happens to be on two 'other' networks.. (1)

rmallico (831443) | more than 6 years ago | (#21170835)

I have google as my homepage and the screen I am recieving the error on is the stocks gadget. I get ALL of the google content for my iGoogle page and the only one that fails to render. I have seen this happen on two other networks. My work ip (through HQ leasing in Seattle) and it happened while on the road at a marriott hotel... can't see this as only a comcast thing unless all the other networks are downstream...

It could be technical incompetence (1)

Cracked Pottery (947450) | more than 6 years ago | (#21170229)

Before a move a couple of years ago I had been on Comcast for several years and had numerous issues. They couldn't seem to keep a DNS system working. I wish I had known about Opendns back then. Nothing is ultimately surprising, but I find it hard to believe that Comcast's anti-p2p methods would target google.com.

Re:It could be technical incompetence (2, Informative)

reset_button (903303) | more than 6 years ago | (#21170355)

It seems like it's not DNS. From the forum:

I'm in Houston on Comcast and noticed this as well. For the record, I use the OpenDNS servers, so unless multiple DNS servers are having trouble reaching Google, the problem is most likely with Comcast.

I noticed this same thing in Seattle on Comcast. I use my works DNS so its definitely not a DNS issue as I can do a "ping google.com" and get the ip lookup address. The ping times out but typing the ip address into my browser works.

I've experienced problems connecting to google for a couple months and have been following the DSL reports thread. DNS has been eliminated from the equation so it appears that the problem is due to some unforeseen consequence of sandvine filtering or some other massive screwup at Comcast.
The problem is spoofed RST packets.

Re:It could be technical incompetence (1)

TheLink (130905) | more than 6 years ago | (#21170371)

What's so good about using opendns? They look like they're doing a variation of Verisign's Site Finder.

How about running your own DNS server? Or get a list of DNS servers from various ISPs round the world that work and rotate through the IPs.

iptables fake RST detector (5, Interesting)

EmagGeek (574360) | more than 6 years ago | (#21170235)

use connection tracking on this one:

iptables -I INPUT -j LOG -p tcp -m tcp --tcp-flags RST RST -m conntrack --ctstate NEW,INVALID

The fake RST will probably not have a valid sequence number for the established TCP connection, so the Linux stack will flag it as a NEW connection, and the fact that you're getting a RST for a NEW connection should be good enough alarm.

Or maybe it would also work with just the matching code

iptables -I INPUT -j LOG -p tcp -m tcp --tcp-flags RST RST -m state --state NEW,INVALID

What do y'all think?

Re:iptables fake RST detector (1)

19thNervousBreakdown (768619) | more than 6 years ago | (#21170449)

Why wouldn't it have a valid sequence number? Don't they only need a single packet to get the proper sequence number? Wouldn't most TCP implementations throw away a sequence number that was so far off?

Re:iptables fake RST detector (1)

EmagGeek (574360) | more than 6 years ago | (#21170571)

I don't know how the Linux stack handles TCP sequence impropriety. But, you may be right. That's why I was asking - the point is that I bet there is a way to use iptables to avoid being stomped on my the comcast whores. With a little collaboration, perhaps that solution can be found.

Re:iptables fake RST detector (1)

19thNervousBreakdown (768619) | more than 6 years ago | (#21170769)

OK, I went back and RTFA. It appears they do send a correct SEQ RST, along with one in the 12xxx range. The problem is, they send them, spoofed, in both directions. So, even if you did come up with a way to ignore valid RSTs when there was an invalid RST very nearby, you'd also have to make the remote host not honor RSTs from you.

And, of course, since they're your ISP, they can just stop delivering your traffic. I'd suggest letting everyone you possibly can know about this, hopefully get it into the papers in some form that Joe Sixpack can understand, or at least one that makes him mad, and wait for Comcast to backpedal. On the slower, but more effective front, there's class action lawsuits, and even slower but still more effective is legislation. That's really all you have available to you, since you most likely don't have a choice in providers.

Re:iptables fake RST detector (1)

giminy (94188) | more than 6 years ago | (#21170913)


Assuming that Comcast is injecting a RST with a valid sequence number (next in an open connection), it would be impossible* to distinguish between a generated RST and a real one. If they are indeed resetting your connection, and your kernel's tcp stack is not written by a 3-year-old, then they are most certainly using a valid sequence number.

Ignoring all RSTs would eventually fill your TCP stack with open connections and cause your kernel to barf. I *think* that RST is pretty uncommon on a decent network, though. Someone else chime in. So you could maybe ignore RST's and go for days and days without needing to reboot? One could also write a kernel module that killed any connection with no traffic after X hours. So yeah, it could be made to work...

It is a bit frightening that this is happening to begin with. You are paying for the Internet, not some subset/crippled form on the Internet...

Reid

* Okay, not impossible...you might be able to determine its fakeness based on timing (the RST would have to be injected in between the average time between two normally-spaced packets), but iptables isn't that good...If you had a stateful firewall, you could queue the RST for a few seconds, and if no more normal (ACK+NOFIN+NORST) traffic comes in on the stream for a few seconds, only *then* accept the RST and pass it up to your computer.

Go even further and ignore fake RST? (4, Interesting)

SIGBUS (8236) | more than 6 years ago | (#21170453)

This looks like it could be extended - add a -j DROP rule after the -j LOG (log the offending packet, and then send it to the bit bucket).

Sadly, NO (1)

nweaver (113078) | more than 6 years ago | (#21170937)

All IDS RST/FIN injectors (the Bro IDS [bro-ids.org] has one, the great firewall of china uses one, Sandvine uses one) get the sequence #s from the TCP packet, so the injected RST packets are in sequence.

Going Mad (1)

fsulawndart (860628) | more than 6 years ago | (#21170237)

Wow. I thought I was going mad. This happens very often with my Crapcast.

This explains everything! (0)

Anonymous Coward | more than 6 years ago | (#21170255)

I'm a comcast user and Google has been unaccessible on and off for several months now. If this is because of sandvine (intentionally or otherwise) this would be quite the bombshell. Comcast seems to be doing their best to ensure that net neutrality will become a fact of life in the future.

Google could fix Comcast's ass tout suite (5, Funny)

R2.0 (532027) | more than 6 years ago | (#21170277)

When loading a Google Page, an intermediate page pops up saying

"Your ISP is interfering with the transmission of data requested from Google our users, and as a result we are unable to consistently provide advanced services to you. You will be redirected to a more basic version of Google's services so that we can provide as much as we can in the manner you have come to expect from us".

Wait 10 seconds, then redirect to Google's non-AJAX pages.

I predict hordes with torches and pitchforks (led by a little old lady with a claw hammer)

Re:Google could fix Comcast's ass tout suite (4, Funny)

Sangui5 (12317) | more than 6 years ago | (#21170387)

It would be great if they also provided links to various federal and state fraud statutes...

And links to your state's AG office...

And little adwords ads on the side for local law firms.

Hey Zonk!!! (0)

Anonymous Coward | more than 6 years ago | (#21170297)

What the hell did Comcast do to piss you off anyway?

Google Web Accelerator Error (2, Interesting)

Laoping (398603) | more than 6 years ago | (#21170337)

Not sure if this is anything, but I use Google Web Accelerator on Comcast at home. Lately, I have been getting a lot of DNS issues at home with it. When I take my laptop to school, I do not get any DNS issues.

Re:Google Web Accelerator Error (1)

Technician (215283) | more than 6 years ago | (#21170505)

Not sure if this is anything, but I use Google Web Accelerator on Comcast at home. Lately, I have been getting a lot of DNS issues at home with it. When I take my laptop to school, I do not get any DNS issues.

Plug in another DNS server. May I suggest Verison, Open DNS, ScrubIT, or any of the other free DNS servers? I use ScrubIT as it is safe for work. As a bonus, most malware sites don't work. It keeps the AV software much quieter.

what the anti net neutrality crowd has to say (1)

unity100 (970058) | more than 6 years ago | (#21170341)

huh ? despite the fart that you were going to put has not been out, there is malpractice. explain this to us.

First hand experience here (0)

Rooktoven (263454) | more than 6 years ago | (#21170383)

I had a billing issue with Comcast (which was their error) and my service was all redirected to their load Comcast software page. After spending an hour or so with tech support and billing, I was told all was OK. At this point most websites worked EXCEPT google. Any attempt to go to Google redirected to comcast. If I did a ping or an nslookup of google, that too, reflected a COMCAST ip address.

I called back. The Comcast tech schmuck told me then that I needed to reboot all my machines and my router, and my linksys box to fix it. I replied that it certainly seemed to be an intentional DNS routing issue on their end, and rebooting would be kind of silly. He then told me he couldn't do anything else without me doing that, nor could he transfer me to other tech support. He further said it seemed to be a billing issue again.

I didn't have time to argue as I had to pick up someone at the airport, and the next day everything worked again. But as far as f*cking with Google access--

COMCAST ABSOLUTELY POSITIVELY WILLFULLY REDIRECTS GOOGLE TRAFFIC WHEN THEY WANT TO.

I can't wait for Google to set up a new backbone with their dark fiber and totally screw Comcast.

Re:First hand experience here (5, Informative)

ledow (319597) | more than 6 years ago | (#21170579)

It's called DNS caching.

Did you actually flush your DNS caches like, say, the one in your router, the one in your linksys box, the one on your PC? You can do it manually but the quickest way for a lot of equipment is to reboot. Hence the suggestion.

Additionally, it was quite likely google because something on your machine (maybe yourself "trying" the connection) had accessed google while the DNS redirection was in place (that was how they "redirected" you to their page). Once you'd done it once it'd linger until the TTL's had expired all the way back to your computer. Ping, nslookup, etc. would ALL show the Comcast IP until that happened, which could be minutes, hours, days, months, depending on your setup.

In your case, it looks like it was less than 24-hours, because it worked the next day without having to reboot. If you had rebooted immediately, it would have all worked when it came back up. That's WHY he was telling you that.

Before you start throwing accusations around, delve into such things just a little bit deeper.

Re:First hand experience here (1)

yuna49 (905461) | more than 6 years ago | (#21170813)

Windows is an especially bad culprit in these cases. It caches client-side DNS lookups unless you reboot or run "ipconfig /flushdns" from the terminal. It always drives me crazy when I'm mucking with a DNS server in a client's office. The Windows machines refuse to acknowledge the changes I've made unless forced to do so.

Re:First hand experience here (1)

Technician (215283) | more than 6 years ago | (#21170581)

I replied that it certainly seemed to be an intentional DNS routing issue on their end, and rebooting would be kind of silly.

Did you try using a non Comcast DNS server? Try using 4.2.2.1 (Verison) or another free server other than Comcast next time that happens. Delete the default settings in your router and plug them in. Reboot the computers to get new DNS info from the router and check it.

Not comcast (2, Informative)

The MAZZTer (911996) | more than 6 years ago | (#21170761)

Your OWN COMPUTER was redirecting you to Comcast (maybe you should be indignant towards Microsoft? >_>). It's called DNS caching.

In Windows a simple ipconfig /flushdns can take care of that, although some applications, such as Firefox, keep their own DNS caches which must also be cleared (In Firefox there's a DNS cache timeout in about:config somewhere, you just set it to 0 and then back and that should flush the cache).

Also the tech was almost right... restarting your computer WOULD have fixed it (since DNS caches are only kept in memory and would have been wiped when you rebooted) although it wouldn't have been the OPTIMAL solution.

Let me take you through the steps your computer took.

  1. You try to access Google while your billing issue is present.
  2. The Comcast DNS server gets your request for www.google.com.
  3. The DNS server sees you haven't been paying your bills (so they think, anyways) so instead of returning the IP address of google.com, it returns the IP address of the Comcast server.
  4. Your computer receives this address. It has no way of knowing it's not really Google.
  5. It saves the address in the DNS cache so it won't have to look it up later.
  6. Your computer connects to this IP address and requests the webpage.
  7. The Comcast server returns a boilerplate "GIVE ME MONEY" page.
  8. Time passes and you fix the billing problem.
  9. The Comcast servers take you off the "redirect all traffic to Comcast" list so all future DNS requests will be correct.
  10. You try to access Google again.
  11. Your computer notes that you've already accessed this website, so it already knows the IP address (so it thinks). It skips the DNS step and uses the already known IP address (which is actually Comcast's).
  12. Your computer connects to this IP address and requests the webpage.
  13. The Comcast server returns a boilerplate "GIVE ME MONEY" page.
  14. You call tech support and complain, and fail to implement the proposed solution.
  15. You leave for the airport.
  16. Your computer (assuming you left it on) notes that it's been a while since you DNSed www.google.com. Thus it deletes the IP from it's cache, and will requery it again.
  17. You return from the airport and try google.com again.
  18. The Comcast DNS server gets your request for www.google.com.
  19. No billing issue, so it returns the proper address for Google.
  20. Your computer receives this address.
  21. It saves the address in the DNS cache so it won't have to look it up later.
  22. Your computer connects to this IP address and requests the webpage.
  23. Google returns it's homepage.

Re:First hand experience here (1)

tomz16 (992375) | more than 6 years ago | (#21170791)

So whenever you don't understand something you make up your own explanation and then claim it's the absolute truth? Unfortunately, that approach does not make you an expert on DNS.

FYI, the comcast rep was correct... While it is possible that their DNS server is malfunctioning in some really really bizarro way and feeding you a legit response with an incorrect value, it is INFINITELY MORE likely that your own local DNS cache is poisoned with the wrong value because of their redirection scheme.

Rebooting your computer and router would have most likely helped. When they started redirecting your traffic to their own captcha page, they may have poisoned your local DNS cache (in your router, computer or both) with the wrong IP for any page you requested. This is one common (albeit stupid) way to redirect traffic, and why you saw the comcast page for every single web address you typed in. Ideally, this entry should have had a low timeout value, but not all caching DNS software respects that value. Resetting the device (in this case BOTH your computer and router) usually clears your DNS cache data, and would have likely helped your problem.

Ive already ordered dsl (1)

WrongOne (872463) | more than 6 years ago | (#21170391)

I hate the slow speed im gonna get from dsl, but slow is better than not working. I wonder why it only seems google is affected?? Could this be comcast trying to extort $$$ from google??? All these years i figured yahoo and google search results must be close. Having comcast blocking google, opened my eyes to just how bad results from yahoo are. I need my google... i needz it NOW!!!!!

going on for months with google maps (5, Interesting)

Trailer Trash (60756) | more than 6 years ago | (#21170401)

I have been unable to use Google maps for months now on Comcast. I have called them, but, you can guess how that went. Yahoo maps and Mapquest work fine, but on Google I get about half the tiles filled in before it stops. And I mean it stops. It ends up looking like a checkerboard. Occassionally it will finish a couple of minutes later, but typically it never does.

Getting Comcast to fix it seems unlikely.

Re:going on for months with google maps (1)

north.coaster (136450) | more than 6 years ago | (#21170743)

I sometimes see this same problem both at work and at home. Neither use Comcast, so I suspect that the problem is on Google's side.

Re:going on for months with google maps (1)

Bourbon Man (76846) | more than 6 years ago | (#21170907)

I use Google Maps a lot, both home and work, two different providers, and have had no problems since I moved here (NW Chicago burbs) a year ago. Neither provider is Comcast.

Re:going on for months with google maps (1)

yuna49 (905461) | more than 6 years ago | (#21170885)

Are you using the "Image Zoom" plugin on Firefox? This is known to conflict with Google maps.

I think I've been seeing this for the last week (0)

Anonymous Coward | more than 6 years ago | (#21170421)

I surf to a google page, maps.google.com, or local.google.com, type in an address, get expected response. Wait a few minutes, type in a new address - can't re-submit data on that connection. I must hit 'reload' to establish a new connection.

I _really_ suspect comcast is causing this with their RST crap, but I haven't had the time to wireshark things out. Is anyone else seeing anything similar?

This is recent, and very annoying.

Servers too? (1)

sanosuke001 (640243) | more than 6 years ago | (#21170427)

I have also been having trouble with my HTTP and FTP servers on my machine. Last week it worked fine and now I get connection refused errors to my HTTP and FTP servers. Though, my BitTorrent still works fine. Haven't had any trouble with Google.

It's great how consistent they are. Oh, I'm in CT. Though, dropping Comcast this week. Gonna grab FiOS. That 20/20 plan looked nice and I can live without television. Comcast isn't worth the cost.

Re:Servers too? (1)

EmagGeek (574360) | more than 6 years ago | (#21170605)

I hope you like getting a new IP every few hours... and having lots of ports blocked (25, 80, 81, 8080, 443, 445, 137-139, to name a few).

Re:Servers too? (1)

sanosuke001 (640243) | more than 6 years ago | (#21170887)

I use a hostname that auto-updates itself so that's not a problem. And until recently, I didn't have any problems with ports blocked. Or is that from FiOS? I haven't looked into it yet. If I have to, I'll get DSL.

Re:Servers too? (1)

shredswithpiks (867616) | more than 6 years ago | (#21170741)

surprised you didn't get TOSed for hosting HTTP...

Comcast annoyed at Google for drop in PageRank? (1)

xmas2003 (739875) | more than 6 years ago | (#21170471)

Google recently "Page Rank Slapped" a number of major sites ... maybe Comcast was one of 'em and this is how they have decided to respond ... ;-)

Re:Comcast annoyed at Google for drop in PageRank? (1)

Jugalator (259273) | more than 6 years ago | (#21170679)

If true, I'm sure Comcast's customers think this was a great move! :-p

Wait, they do still have customers, right?

Can we please pay attention to the dates... (-1, Troll)

RKThoadan (89437) | more than 6 years ago | (#21170473)

Somebody went Googling for Comcast problems and didn't pay attention to the dates.

I know, it can sometimes be hard to figure out how old the information on a website is, but these are web forums with dates on each post! Those dates say 2005 and 2003! This is just a little bit old.

Re:Can we please pay attention to the dates... (0, Troll)

BlowHole666 (1152399) | more than 6 years ago | (#21170611)

I guess the rest of slashdot does not care about dates. It just shows the mobs bias against whoever is near the top of the hate list. The post does not have to be correct and slashdot would hate them if it goes against Linux, privacy, or open source. I could post Sun Micro systems kills kittens to help produce a better version of Java and /. would hate Sun.

Re:Can we please pay attention to the dates... (0)

Anonymous Coward | more than 6 years ago | (#21170627)

You are the biggest retard ever. Those are the registration dates of the users. If they had been post dates they would be sequential. Notice the second set of post dates at the bottom of each post? The ones that start at Oct 29 2007?

Re:Can we please pay attention to the dates... (3, Informative)

marx (113442) | more than 6 years ago | (#21170635)

You're looking at the date the posters joined the forum, not the date of the post.

Re:Can we please pay attention to the dates... (0)

Anonymous Coward | more than 6 years ago | (#21170667)

dude, check the post date not join date

luma fucked around with this message at Oct 30, 2007 around 05:29

Re:Can we please pay attention to the dates... (0)

Anonymous Coward | more than 6 years ago | (#21170729)

You need to pay attention. All posts are from 2007, the 2003/2005 are the dates those users joined.

Re:Can we please pay attention to the dates... (1)

Xzzy (111297) | more than 6 years ago | (#21170777)

You were looking at the member join dates.

The post date is in the lower right corner (lower left for SA), and all of them linked in the story are from the past week or two.

Re:Can we please pay attention to the dates... (1)

z0idberg (888892) | more than 6 years ago | (#21170801)

You sure you're not looking at the dates the forum users joined rather than the post dates?

Re:Can we please pay attention to the dates... (1)

The_DoubleU (603071) | more than 6 years ago | (#21170845)

You mean the Join date of the user?
Like the person who reported the problem.
xfezz2
join:2005-12-13

His post has a time stamp of 2007-10-14 01:26:48

Can YOU please pay attent to the dates. Thanks!

Oh noes! (1)

ZaSz-RH (923115) | more than 6 years ago | (#21170513)

China is attaking Google!

Is this only a recent development? (0)

Anonymous Coward | more than 6 years ago | (#21170521)

Because I have comcast in the Minneapolis metro area and there was a point a couple weeks ago when it seemed like google.com was completely down for me for almost a day. I asked other friends around town if they could access google, and all of them could (but none of them have comcast). No one else I knew online was having any trouble with it either.

I'd also like to note that there was no file sharing going on at this time or at any time that day. I was kind of perplexed about it at the time, but now that there's some indication it might be related to this other bullshit, I am just pissed off about it. The next time it happens I'm going to spend some quality time on the phone with a comcast rep and see if I can't at least shout them into giving me one of those sweet new subscriber discounts since they jacked my rates up almost $20 without offering any new service a while back.

time for IPSec? (2, Interesting)

mikeee (137160) | more than 6 years ago | (#21170609)

IPSec would thwart this sort of attack (since it encrypts at the IP layer, you can't forge a RST packet in the TCP header). Yeah, it costs more CPU, but that's not a problem for modern PC clients, and I suspect Google can handle it, too. Is it time for this to become SOP?

Now, whether MS would be cooperative in that, I dunno... I know XP supports it, but not too much about configuration specifics.

red letter day on /. (0)

Dance_Dance_Karnov (793804) | more than 6 years ago | (#21170629)

news involving google which isn't "google did something today! it's news because it's GOOGLE!"

next you'll be telling me about an apple story that isn't about apple putting 'i' in front of something or 5th hand reports from a blogger that someone, somewhere said something about apple or itunes.

things are not looking good for Google these days (1)

e-scetic (1003976) | more than 6 years ago | (#21170727)

I just found out that Spybot S&D, Norton Spyware, etc., block my Google ads just because some of them point to servers run by Commission Junction, a very large and reputable affiliate advertising company. If you click my ads (and I pay for those clicks) and you've got S&D installed then you get a "server not found" or "unable to connect" error.

I wonder if this is similar to the backstory over at ATT and Comcat. In their zeal to destroy copyright infringers (or whatever the hell they're doing over there) they're killing innocent bystanders. They've adopted the Blackwater approach to IT.

Got hit by this a few weeks ago (1)

JeffL (5070) | more than 6 years ago | (#21170825)

A few weeks ago I was at a house with Comcast, and none of us could reliably access Google. All other sites seemed to work. Several hours later (or perhaps the next morning) connections to Google were fine again. At the time I thought it might be a problem with Google, and that would be front page news on Slashdot, but nothing appeared, and I forgot about it.

That mystery is solved now...

Comcast shenaigans (3, Interesting)

Danathar (267989) | more than 6 years ago | (#21170859)

I recently moved from one house serviced by comcast to another and I can tell you there is DEFINTELY something screwy going on, and it's not just bittorrent trafic.

I've done bandwidth tests and my upstream STARTS at a nice 1.5MB/s and then 15 seconds later drops to 30K/s EVERY TIME.

What this does is give false results when people are doing speed tests. When you do your test you get great results (in my case 15Mb/s downstream and almost 2Mb/s upstream) for the first 15 or 20 seconds. Then after that it just BLOWS.

Comcast needs to wise up (0)

Anonymous Coward | more than 6 years ago | (#21170863)

They are on course to alienate their customers. Never a good thing. Then again my tolerance is much lower. I dropped them and got DSL/Satellite after the second $5 price hike in as many months almost 8 years ago...

Never looked back. All I do is game so DSL is good enough, better in fact. I need 1.5kbps to game LAWL.

Bail on them, they suck ass and will always screw you. Now that they don't allow P2P, there's no reason to stay there...

-AC

This was happening to me. (1)

ndriscoll (1015401) | more than 6 years ago | (#21170871)

I have been getting connections reset on and off the the past week or so on Comcast. I found that if I did an nslookup, it was only the first IP address that had problems. The others worked fine, so I just browsed to http://72.14.207.99/ [72.14.207.99] . Unfortunately, trying to use the iGoogle home page redirected back to http://google.com/ig [google.com] and was reset, but the web search worked. You could probably modify your hosts file to get around the resets if one of their IP addresses works.

It comes with the Extra Value pack (1)

argiedot (1035754) | more than 6 years ago | (#21170895)

Sorry, your internet access pack does not include access to Google. You can access Google by upgrading to the Extra Value pack.

Wikipedia page (4, Informative)

sunderland56 (621843) | more than 6 years ago | (#21170897)

Someone knowledgeable about this issue should update the wikipedia page about sandvine. [wikipedia.org]

The way it's written now, everyone should use Sandvine - it sounds like wonderful software.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?