[BALUG-Admin] (forw) Re: Comcast Business apparently blocking 5353 UDP Re: linuxmafia.com "retry limit exceeded"

Al awbalug@sunnyside.com
Wed Jun 5 00:43:16 UTC 2024 

I think "c-73-189-65-18.hsd1.ca.comcast.net" is their naming system for 
end modems, not internal infrastructure, but don't quote me.
When I look up the names of routers in the traceroute I don't think I 
see that type of name, but it may be that's an irresponsible poorly 
verified comment on my part.


For example from traceroute to Michael:
186.78.151.162.in-addr.arpa domain name pointer 
po-1-rur101.pinole.ca.sfba.comcast.net.

ooooooooooooooh, omigosh - I just perfected a traceroute to Michael, 
entirely within the CC network:

traceroute to 96.86.170.229 (96.86.170.229), 30 hops max, 60 byte packets
  1  50.242.105.62  2.080 ms  2.743 ms  3.439 ms
  2  10.61.209.66  14.028 ms 10.61.209.67  13.729 ms 10.61.209.66 14.373 ms
  3  96.216.9.141  12.757 ms 96.216.9.137  13.045 ms 96.216.9.141 13.401 ms
  4  68.85.154.113  21.023 ms 68.85.154.117  21.093 ms 68.85.154.113 
20.944 ms
  5  96.108.99.249  26.011 ms  25.722 ms  26.272 ms
  6  68.86.143.89  23.688 ms 68.86.143.93  21.156 ms  20.778 ms
  7  162.151.86.58  22.077 ms  20.330 ms 162.151.87.226  20.215 ms
  8  162.151.79.134  21.787 ms 162.151.78.186  17.686 ms 162.151.79.134  
21.466 ms
  9  68.85.103.154  19.388 ms 68.85.191.206  12.456 ms 68.85.103.154 
14.255 ms
10  73.189.65.18  21.185 ms  36.832 ms  31.356 ms
11  96.86.170.229  36.366 ms  34.933 ms  34.918 ms
root@routr0:/z/r/srv#

It appears that 73.thing is in fact Michael's upstream router.

Ok, did everyone else already know that?  Am I late to the party?


On 6/4/2024 17:14, Rick Moen wrote:
> ----- Forwarded message from Al <awbalug@sunnyside.com> -----
>
> Date: Tue, 4 Jun 2024 16:29:04 -0700
> From: Al <awbalug@sunnyside.com>
> To: Rick Moen <rick@linuxmafia.com>
> Subject: Re: [BALUG-Admin] Comcast Business apparently blocking 5353 UDP Re:
> 	linuxmafia.com "retry limit exceeded"
>
> Rick, you're at the right place - that gear icon and right side panel
> on business.comcast.com is just the right thing.
> And I think the situation as you're outlining it is right to me.  So
> the answer to your question, broadly, is yes I think you have it
> right.
> If you end up at securityedge.comcast.com, IMHO you've gone too far.
> My sense is that all that stuff is disabled back at the right side
> panel...
> Once SE (security edge) is disabled I think everything is.  That
> said, you're being smart about it - if symptoms persist, drill down
> and look into individual
> settings for various elements of SE and just make sure they're all off
> - in case Comcast can't quite sort out how to actually disable stuff.
> AFAIK however your nets (yours and Michaels) are unrestricted.
> My tests from here are that access to both 96.86.170.229 and
> 96.95.217.99 on port 53 is not blocked (and not just those /32s but
> the entire subnet in each case).
> I am looking back over email from the last few days trying to sort out
> where 73.189.65.18 crept into the conversation.
> As I mentioned I have been unable to focus sufficiently on this the
> last few days, and missed where that came from.
> I also haven't looked closely enough at the discussion to see if what
> I am trying to reproduce isn't exactly where you're having trouble.
> I'll go back over the notes and see if I can pay more attention to the
> details and whether I can actually add any insight to the discussion.
> Al
>
> ----- End forwarded message -----
>
>
> To clarify, I noticed "73.189.65.18" as the source of NOTIFYs for
> Michael's domains, which can legitimately come _only_ from Michael's
> authoritative nameserver, IP 96.86.170.229.
>
> And 73.189.65.18 is Comcast's _own_ IP, not Michael's.
>
> :r! dig -x 73.189.65.18 +short
> c-73-189-65-18.hsd1.ca.comcast.net.
>
> So, something is rotten, there.  I'm immediately inclined to suspect
> that Comcast is playing man-in-the-middle games with DNS traffic.
> Which, if true, suggest Comcast acting like a rogue state security
> agency or one operating on behalf of a totalitarian state.  Not a good
> look.
>
>
>
> _______________________________________________
> BALUG-Admin mailing list
> BALUG-Admin@lists.balug.org
> https://lists.balug.org/cgi-bin/mailman/listinfo/balug-admin

More information about the BALUG-Admin mailing list