US Cable Support > Comcast HSI > [Business] ARP Packets from Comcast are Flooding My LOCAL Networ

reply to whfsdude

Re: [Business] ARP Packets from Comcast are Flooding My LOCAL Ne

reply to whfsdude
As stated in the OP's original post,

"Shouldn't my modem/router (SMCD3G-CCR) be dropping these, instead of broadcasting them to the LAN?"

So apparently he is using the router feature of the device...

Hey all,

I hope this isn't seen as me hijacking this thread, but I wanted to update after my novel / rant earlier.

I was so upset about losing 24/7 support for business class that I called the Comcast billing department. The rep I spoke to was quite surprised, and after placing me on hold to speak to his supervisor came back to tell me that neither he nor his superior were aware of any change in business class support policy. He gave me a number to contact Comcast corporate (I almost fell out of my chair). They actually answered "Comcast corporation, how may I direct your call?" so I assume I actually was speaking to the folks in Philly.

The lady I spoke to in customer relations took notes and placed me on hold, then returned to assure me that Biz class is still supported 24/7 and that apparently I had suffered through a major snafu in their phone system. She promised that the system would be tested after hours and that everything possible would be done to prevent this happening again in the future. I intend to give them a few days and test it out myself, but for now I'll assume they are taking action.

It seems all the Comcast planets aligned against me yesterday! At least they gave me a month's service credit - it doesn't make up for what I went through, but it's something. My contract is up in just over a month, and my choice for ISP going forward will depend on the final resolution to this event.

Now, if someone could tell me why those packets keep coming from 96.64.18.1 addressed to 255.255.255.255, and then stop them from passing from the gateway into my router (after all, that's what started this whole ordeal) I'd be a bit happier, but I wouldn't dream of calling support about it for fear of losing several more days of work...

Thanks whfsdude for the info on 'proxy ARP' - at some point, I'll inquire about that being a possible solution.

Thanks for reading - we now return to our originally scheduled poster!
(Best of luck jtcasas - hope it gets straightened out for you)

I got "hit" with this early morning last Friday. Had no signal for about an hour starting at 1am, then a directed "reboot", then when it all came back up (of course) I went to sleep (as it was pretty late.. heh)

So Friday evening I noticed a lot of activity on the LAN segment. All "activity" lights on the LAN switch blinking in sequence. I did a quick check with Wireshark, and yes.. same thing... tons and tons of arp broadcasts coming from the WAN side, which as previously indicated should NOT be happening.

I called the biz class customer support line, and after hearing the 1st rep not know what an "arp broadcast" was, asked for a supervisor. At that point since the speed was (still is) reasonable, the supervisor said there was nothing that can be done.

I've left a message in the CC Direct forum here (and another.. ), but I have yet to hear anything back.

Whfsdude has it nailed more than likely.. in the new "config" they must have proxyarp enabled. I agree to a point that it's an annoyance - broadcasts still cause unneeded waste of bandwidth, even if not at storm levels.

Now.. who's going to take bets on how long it takes for (a) the issue to "reach the right person", (b) the CR/RFC to make it through all the red tape, then (c) get it fixed?

Bah.. til then.. dragged a soho router out of the closet and put it between the SMC and my LAN. All those blinky lights that have since stopped blinking so much...

It's so maddening that the supervisor's reaction was to say that it isn't a big enough malfunction to deal with. I also find it ridiculous, that to block those packets, we need to supply our own router, in addition to the forced (and charged a $7 monthly rental fee for) router.

I have not yet heard back from my inquiry at ComcastCares.

reply to broadcaster_t
I have to say one thing. "broadcaster" no matter how "upset" you are at a company because you were routed incorrectly and ended up at a closed department does not give you the right to belittle people "(barely over minimum wage I'm sure)". This remark was not needed, just because you think you make more money then the person on the other side of the phone does, does not make you a better person. I would love to try to educate you a little bit here, Business class is paid higher then minimum wage.

Hey joejoe20 -- you're right: the minimum wage comment wasn't fair or accurate.

I believe that the point that was being made, is that the person who initially answers calls for Comcast technical support tends not to be very helpful. In my experience, those who initially answer the phone are only helpful when they are confirming an outage in my area, suggesting that I reboot equipment to see if the problem goes away, or dispatching or escalating the call to someone else. For example, earlier in this thread, jbeckva reported that the person initially answering the call didn't know what an ARP packet was.

I come to DSLReports, so that I can figure out the best way to ask Comcast for help, to avoid simply being turned away by "gatekeepers".

That is true when dealing with a huge company that does do a fair amount of outsourcing the great tech support agents are overlooked and all you hear about it are the agents that did not pay attention in training or do not wish to give the a little extra for their clients that call in. I' am sorry for taking the this thread off topic and this will be my last reply since i can not help you guys. I just couldn't leave with out saying something about that.

The point of my comment was that I'm sure Comcast doesn't pay anywhere NEAR what these people deserve for their support function, NOT to belittle them. In other words, it wouldn't be any great savings in wages by cutting that staff. I certainly don't think I "make more money then the person on the other side of the phone does". Likely less, as I don't make what I deserve for what I do either, but many of us are suffering in this economy. Seriously, as a "Mom & Pop" operation, there have been months where I actually made less than half minimum wage for the hours I worked. Having worked tech support in my past, I really feel for these folks. I sincerely apologize to anyone who was offended - it absolutely was not meant that way. It was Comcast policy (at least the impression of their policy as their phone system conveyed it that night) that I was attempting - however poorly - to 'belittle'.

I am seeing the same behavior on my network as well. On the phone with Comcast Biz support right now and they are basically blaming me for the traffic. The rep tried to tell me that 96.98.112.1 was not a Comcast IP and that I was generating the traffic. Unbelievable.

So I guess I finally rang enough bells with Comcast that they referred me to the Abuse department to investigate their own network and why the modems are getting/generating ARP traffic now. I will be sending them a Wireshark capture tonight of the traffic. My network is actually seeing a slow down from the traffic. My Juniper firewall is none to happy with the traffic and keeps alerting that it is under attack.

reply to NetFixer

Guess I'll power cycle my SMC and see if I see any changes (tonight)