NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
 ·Pacific Bell - SBC
| reply to misbehave
Re: Problems loading google (DNS issues possibly?)
said by misbehave  :I am having the same problem....  So are a bunch of 'at&t Yahoo! HSI' customers...
»Can't access Google domains.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
xfezz2
join:2005-12-13
Mokena, IL
| reply to xfezz2
Well at first I thought it was just me. I'm kind of relieved that its not. But at the same time it seems like a major issue. Hopefully it will be sorted out soon.
I'm still having issues. Mostly at night and the modem/router reset trick doesn't always work anymore. |
|
pokesph
It Is Almost Fast
Premium
join:2001-06-25
Sacramento, CA
clubs:
 ·Comcast
1 edit | reply to EG
said by EG :What issue does that trace reveal ? The destination server was reached. it may have been reached BUT it times out in a browser so it's for all intents and purposes dead and unreachable.
it did however fix itself within approx 30 mins. |
|
espaeth
Digital Plumber
Premium,MVM
join:2001-04-21
Minneapolis, MN | Can you paste up a trace for when it's working? Does the hop count change? |
|
gv452
@comcast.net | reply to xfezz2
Same issue. |
|
scottwed
join:2005-06-23
Lehi, UT
| Having the same issue. Using UT Comcast, all other websites work fine. Have to use alternate DNS IP to reach google.com. Problem is lasting hours each night. The problem always includes multiple Reset packets (part of the TCP header).
For some bizarre reason, I noticed that when the google.com problem happens, I can't reconnect my Hamachi VPN client. If the vpn session was already up, then it continues to work. If you reset the VPN connection, it will fail as it rotates through:
bravo.hamachi.cc, charlie.hamachi.cc, delta.hamachi.cc, could be more, I'm guessing there is also an alpha.
Anyone else also having the Hamachi problem at the same time? |
|
scottwed
join:2005-06-23
Lehi, UT
| Did some more research. I set up a 2 minute interval with wget (A web reques tool), and turned on a packet sniffer to track all Reset packets. I started the trace at ~9:50pm local time, and the problem goes away at 12am local time.
It's very consistent, I receive a properly formed Reset packet, along with another reset packet with a static sequence number. In my case, the static sequence number is 12503. The odd reset packet is sent in reply to web requests to google.com and vpn login requests to Hamachi's login servers. The problem goes away for both sites at ~midnight.
The double reset reply has the signature of the Sandvine Packet shaping appliance, known to be used by Comcast: »torrentfreak.com/images/comcast-rst1.txt
My understanding is that some ATT HSI customers are also experiencing this issue.
For the record, there is no way that this issue is related any type of Wireless encryption protocol used by an end-user or DNS configuration problem. I can consistently reach google.com using an external proxy server, and computers on other ISPs.
I'm starting to think we are getting caught in some sort of private battle between Comcast/ATT and Google. |
|
MrDaBomb
@netriver.net
| reply to xfezz2
I've been having the same problem the past few months. I talked with Tier 1 support at Comcast last night for about an hour. We reset my modem 4 times, my router, even plugged in my laptop directly to the modem. (It was more to humor the tech lady than any hope of that actually fixing it.) I've got a network engineer calling me back within a day or so. I spoke with my friends that have comcast and they all experience the exact same issue.
I wonder if their packet filter is seeing all the customer requests to google as a DDoS and blocking it for a few hours (like 4). It could be possible.
The great thing is that I can ping google.com, connect to it from my servers (who are on Global Crossing), but all HTTP traffic gets very swiftly reset. |
|
Comspastic
join:2007-10-22
Seattle, WA | reply to xfezz2
I happen to know a couple of IT guy's for google here in Seattle, apparently the issue is caching servers for dns not getting updates on comcasts end. |
|
telcolackey
The Truth? You can't handle the truth
join:2007-04-06
Death Valley, CA
| said by Comspastic :I happen to know a couple of IT guy's for google here in Seattle, apparently the issue is caching servers for dns not getting updates on comcasts end. Posts are saying that the problem is more than Comcast's caching servers, so what is Google doing differently that is causing this? |
|
atreznik
join:2004-08-30
Waterford, MI
| reply to scottwed
Google & Hamachi VPN timeouts
Comcastic HSI in detroit area. scottwed, I'm sitting in the hotel in miami and I wanted to reply so you knew you weren't the only one. Last thursday night (10/25) was when I first noticed issues with the google domain and also VPN connections via hamachi. Fairly similar symptoms; I had it up already (hamachi) and it seemed to work fine, however when Google stopped working I tried restarting my machine and then Hamachi couldn't resolve its servers and the game was over (literally).
I didn't check for reset packets but that theory seems to make sense. I had to go out of town abruptly for work to trinidad and puerto rico and didn't get a chance to flushdns after I changed DNS servers for my router. By the way I agree with you, I have several computers behind a Dlink 1310 with TKIP and wired or wireless, it makes no difference, encryption or otherwise, not that it should. Will try a proxy when I get back as well. BTW, I like your theory about a battle between Comcast/ATT and Google.
I am interested to see someone get to the bottom of this...
Apologies for the incoherent style I'm near exhaustion. Trust me though I'm usually right on the ball.
I'm anxious to get home and see everything working okay and get Hamachi back up. That would be just Comcastic. |
|
scottwed
join:2005-06-23
Lehi, UT
| Thanks Atreznik, it's good to know that my symptoms are reproducible at other locations. From my location, the routes to Google and Hamachi servers are drastically different once they leave Comcast (Level3 vs ATT). I did not see the issue at all this Sunday.
So I had another thought today, this one doesn't depend upon any paranoia about private company battles. What if the packet shaper simply has a total daily traffic limit per domain? Everyone gets home from work, and starts surfing, the limit gets hit on many, but not all nights.
I'm still trying to identify when the problem starts each night, so if there is a consistent start period, then I'm going right back to 100% paranoia 
One partial argument against the sloppy Sandvine configuration theory; I've noticed that Yahoo is still available throughout the downtime. It also doesn't explain why Hamachi is affected.
If you want full-blown paranoia, one side or the other is trying to force the issue of a "net-neutrality" bill, something that I think is well intentioned but dangerous for the Internet. |
|
MrDaBomb
@comcast.net
| reply to xfezz2
Re: Problems loading google (DNS issues possibly?)
I'm sure it isn't a DNS issue. Google's web servers respond to straight IP requests. For instance, right now www.google.com resolves as 72.14.253.103 for me (its different depending on your geographical location). If you go to »72.14.253.103/ you'll see the google start page. When Comcast is blocking Google, I get HTTP reset errors from that site, but when I goto another location (SSH Proxy tunnel through a server thats connected through Global Crossing) I can bring up that IP's website fine.
I totally agree its something with Comcast's packet filter. Whether it is intentional or not, it shouldn't be happening, and Comcast should be a LOT faster about fixing this kind of problem. |
|
svideo
join:2007-10-30
| reply to xfezz2
I'm seeing the same thing on Comcast in Grand Rapids, MI. DNS does not appear to be the problem. I have packet captures and a detailed description posted up here. The short version is that I'll see TCP RSTs against google but nowhere else, across 2 different IPs (my TTL had expired while testing). All other traffic works as expected, including pings to the google hosts. |
|
artlogic
@comcast.net
| reply to xfezz2
I live in a small town, South of Lansing, Michigan, and this exact issue was happening to me about a week ago. I lost connection to certain Google sites for 3 hours or so. I started investigating it, because I could access it from other locations. Here's what I found:
* Other folks with Comcast in Lansing proper were not having this issue.
* WireShark captures (which I saved) show what appear to be TCP RST packets being injected
* Whatever was doing this seemed to be looking for a HTTP header, specifically: "Host: google.com" or some variant - I could connect by IP - in fact I just used the IP I got from pinging google.com which worked.
IMHO, it appears as if Comcast is filtering HTTP traffic specifically - and looking for google.com in the host header. I'm not sure if someone if maliciously screwing with their bittorrent filtering software (which officially doesn't exist) or if Comcast is doing limited testing of web filtering technology, but I can say that the issue I experience was NOT a DNS issue. If anyone would like to see my packet captures, let me know. |
|
greeneg
@comcast.net
| Not sure if this violates posting policy, but for those that are trying to debug this can you please report your findings to »www.google.com/support/bin/reque···x=answer so the members of traffic team inside Google can either pressure Comcast to fix this issue or double check the settings on Google's infrastructure to assure that this issue is not being caused by any unintentional changes. Thanks. |
|
Comspastic
join:2007-10-22
Seattle, WA | reply to telcolackey
Google hasn't changed anything. He's saying it's related to root and caching servers, and it doesn't have to do with google at all. Sorry i don't know that much about DNS. |
|
nosprings
join:2007-10-30
Englewood, CO | reply to artlogic
I would like to see the captures |
|
nosprings
join:2007-10-30
Englewood, CO | Can anyone post traces showing the resets? I want to see if I was having the same problem |
|
clayjar
join:2007-10-30
Plainfield, IL
|  dump.txt 7,628 bytes
tcpdump from port 80 |
said by nosprings :Can anyone post traces showing the resets? I want to see if I was having the same problem Here's a dump of data on port 80 on my box while trying to connect to www.google.com. Hope that helps. |
|
