dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
7124
share rss forum feed


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to DarkLogix

Re: [Business] ARP Packets from Comcast are Flooding My LOCAL Ne

said by DarkLogix:

personally I'm not overly worried as I think my NM-1GE won't be impacted enough to cause issue.

Yeah, the ARP traffic is more of a cosmetic problem than a performance (or even a security) problem. The ARP traffic was always there anyway on the WAN side of the SMCD3G. As to it being a security risk, I can now see some IP addresses that are allocated on the Comcast network, but anyone with a standard cable modem attached to a Comcast connection can see the same thing anyway.

For me the ARP problem is just an inconvenience. Before this, if I were sitting at my desk, I could get at a glance from the LAN status LEDs on my SamKnows box a good indication of how busy my servers were. Now the LEDs indicate constant activity, so I have to actually open a netstat session for each server to get a real traffic indication.

The problem of not being able to use the SPI firewall for True Static IP connected devices however, is a real problem that needs to be addressed soon. With this current firmware the only options are block everything, or block nothing. Specific port/IP address rules can no longer be implemented.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

Just an FYI for those experiencing problems with this current firmware release.

I just got an email from a tier 2 CSR in response to my open trouble ticket:

said by Comcast Support :

Yes our engineering team is aware of firmware issues at this time and working to resolve them.

OTOH, I would not advise that anyone hold their breath while waiting for a resolution.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

jtcasas

join:2012-05-10

said by NetFixer:

Just an FYI for those experiencing problems with this current firmware release.

I just got an email from a tier 2 CSR in response to my open trouble ticket:
Yes our engineering team is aware of firmware issues at this time and working to resolve them.

Thank you for the update! I never heard back on my written requests to Comcast support. As for Comcast "working to resolve" the issues, I expect that they will only fix the issues in their next firmware rollout, which is at least several months away.

sragle

join:2005-08-08
San Jose, CA

Has anyone notice random sync lost through out the day with this new firmware?


btalbott

join:2003-12-25
Elkton, MD
reply to NetFixer

Unreal. They need to roll back the firmware update because its causing other issues in my opinion.


btalbott

join:2003-12-25
Elkton, MD
reply to sragle

yes, I have noticed horrible connectivity issues. I have a VOIP line and a Microcell (ATT) for my cell phone. At numerous times during the day I lose sync on the VOIP line and in succession the Microcell. Internet hangs as well during this time.

Its getting highly frustrating....


jtcasas

join:2012-05-10

Well, after a reboot today, my modem downloaded a new configuration file, and the ARP packet flood is fixed!!

The bad news is that my username/password to administer the SMC D3G is no longer working, nor is the default cusadmin/highspeed combination.



NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

said by jtcasas:

Well, after a reboot today, my modem downloaded a new configuration file, and the ARP packet flood is fixed!!

The bad news is that my username/password to administer the SMC D3G is no longer working, nor is the default cusadmin/highspeed combination.

The cusadmin credential problem hit me yesterday after a tier 2 tech accessed my SMCD3G remotely to try to work around the firewall issue. His fix did not work (in fact he managed to take my servers off-line), and I was not able to access my SMCD3G using either my own password, or the default password. I was however able to call support and get the cusadmin password reset to the default value, and that restored my ability to login and fix the firewall problems that were inserted by the tier 2 tech. I was also able to put my own cusadmin password back.

I still see the ARP packets, so maybe later this evening I might try a reboot to see if that goes away after a reboot.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

jtcasas

join:2012-05-10

Thank you, NetFixer! I will call Comcast tonight, and have them reset my login credentials.


sragle

join:2005-08-08
San Jose, CA
reply to NetFixer

I just had the same problem with the cusadmin password not working, i had to call tech support and have them rebuild my profile and push it to the modem and now it works. I also see that my modem is now running 1.4.0.49.7-CCR so they must of rolled back the firmware.


Zizoo

join:2010-05-12
PA

This may be fixed by a firmware rollback. You may try resetting your SMC to see if it is fixed and if your firmware gets rolled back.



NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to jtcasas

said by jtcasas:

Thank you, NetFixer! I will call Comcast tonight, and have them reset my login credentials.

I got back to my office sooner than I previously expected, and I rebooted my SMCD3G to see what would happen. The ARP traffic was gone, but I was once again not able to access my SMCD3G. This time the tier 1 CSR was not able to just simply reset the cusadmin password; she had to rebuild my profile and force a factory reset to get the cusadmin password to reset.

Now I can see (as was reported by sragle See Profile) that the firmware has been rolled back to 1.4.0.49.7-CCR. After reentering all of my firewall rules, the True Static IP firewall rules are also working properly again (at least until the next firmware upgrade).
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

The Grif

join:2001-01-13
Geneva, IL

Ok...I reset my SMCD3G...my device downloaded the firmware rollback...the ARP storm is now gone...but I no longer have web interface modem access....just as reported.

Does everyone have to call to regain modem access or will they stage yet another firmware update to fix that?
--
"This place makes Cambodia look like Kansas..."



NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to NetFixer

Well, I now have found something that no longer works after the 1.4.0.49.7-CCR firmware was restored; my SMCD3G can no longer work as a DNS forwarder.

Previously when using the 1.4.0.49.7-CCR firmware, it forwarded all DNS requests to 68.87.68.162 and 68.87.74.162, and it worked properly as a DNS forwarder.

After the recent "upgrade" to the 3.1.4.51.1 firmware, it used 68.87.72.130 and 68.87.77.130, and it still worked properly as a DNS forwarder.

Now after the profile rebuild and reload of the 1.4.0.49.7-CCR firmware, it is setup to use the 75.75.75.75 and 75.75.76.76 servers, but it is not actually able to do DNS resolution. This is probably what Nalez See Profile was referring to in this post: »Re: [Business] ARP Packets from Comcast are Flooding My LOCAL Ne wherein it was reported that firmware release 3.1.4.51.1 had fixed a problem with the SMCD3G not working properly as a DNS forwarder with Comcast's DNSSEC servers.

I doubt that I will bother to call in to try to get this corrected, because I don't want to have to deal with any more down time if somebody screws it up any worse. I will just make a few local config changes so that nothing is using the SMCD3G as a DNS forwarder.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.



NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to The Grif

said by The Grif:

Ok...I reset my SMCD3G...my device downloaded the firmware rollback...the ARP storm is now gone...but I no longer have web interface modem access....just as reported.

Does everyone have to call to regain modem access or will they stage yet another firmware update to fix that?

You will have to call support at 800-391-3000. The CSR may be able to just reset the cusadmin password to the default "highspeed", but most likely they will need to rebuild your profile and do a factory reset on the SMCD3G.

I think the problem is that some of the settings in the 3.1.4.51.1 firmware were in different memory locations than in the 1.4.0.49.7-CCR firmware, so a factory reset is required after the 1.4.0.49.7-CCR firmware has been reloaded. I have seen this behavior in many SOHO router devices when an older firmware is loaded over a newer firmware.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

btalbott

join:2003-12-25
Elkton, MD

Ok that was fun. Missed the factory reset, so all of my port forwarding got wiped out. Had to walk my wife how to set up a rule so I could configure everything remotely (I'm away this week).
She's happy, I'm happy!

I'm amazed that it took this long to rectify...

Ran another wireshark trace and all of the non local ARP/DHCP traffic is where it should be....on the WAN side.


The Grif

join:2001-01-13
Geneva, IL
reply to NetFixer

Netfixer...

Ok...I called tech support...and the CSR rep had to:

1) Enable the cusadmin logon access
2) Reset the cusadmin password

Thanks for your assistance...no more LAN-side ARP floods...and the intermittent connectivity issues that also had been reported with the new firmware release are also gone.

Thanks Again!
--
"This place makes Cambodia look like Kansas..."



jerkwaterbro

@comcast.net
reply to broadcaster_t

You've just experienced talking to the "interference runners"
...i.e. is the router plugged in ?
a router should never pass broadcast unless proxy arp...
Some forms of DHCP forwarding can be source as well... but thats
on industrial strength routers. good luck with Mumbai