Skip to content
Skip to main content
GaelMartinez's profile
GaelMartinez

Contributor

 • 

23 Messages

Tuesday, December 24th, 2019 10:00 PM

transparent dns proxying started after a modem swap ...

Today my gateway was replaced with a 

 
Model:CGA4131COM
Vendor:Technicolor
Hardware Revision:2.1
 
running the following firmware...
 
eMTA & DOCSIS Software Version:CM DOCSIS Application - Prod_17.20_d31 & MTA Application - Prod_17.2
Software Image Name:CGA4131COM_3.1p24s1_PROD_sey
Advanced Services:CGA4131COM
Packet Cable:2.0
 
I have static ips and run a dns server slave and mail server, the dns zones stopped downloading right after the swap... looking at the errors, the SOA of my zones were incorrect...
When trying the following tests, I was surprised to see that any random ip could be used as a dns server and was responding to dns queries implying that some kind of transparent dns proxy was occuring... 
 
root@infra:/etc/bind# nslookup www.comcast.com 1.2.3.4
Server:         1.2.3.4
Address:        1.2.3.4#53

Non-authoritative answer:
www.comcast.com canonical name = www.comcast.com.edgekey.net.
www.comcast.com.edgekey.net     canonical name = e523.dscb.akamaiedge.net.
Name:   e523.dscb.akamaiedge.net
Address: 23.45.1.143

root@infra:/etc/bind# nslookup www.comcast.com 4.5.6.7
Server:         4.5.6.7
Address:        4.5.6.7#53

Non-authoritative answer:
www.comcast.com canonical name = www.comcast.com.edgekey.net.
www.comcast.com.edgekey.net     canonical name = e523.dscb.akamaiedge.net.
Name:   e523.dscb.akamaiedge.net
Address: 23.45.1.143

root@infra:/etc/bind# nslookup www.comcast.com 9.8.7.6
Server:         9.8.7.6
Address:        9.8.7.6#53

Non-authoritative answer:
www.comcast.com canonical name = www.comcast.com.edgekey.net.
www.comcast.com.edgekey.net     canonical name = e523.dscb.akamaiedge.net.
Name:   e523.dscb.akamaiedge.net
Address: 23.45.1.143
As it was not happening before, I'm assuming that it is a weird behavior from the gateway... it is configured in pass thru, firewall is disabled, wan dhcp is disabled, all rules are off... Is that a bug ? Am I missing some obvious button to disable that dreadful transparent proxying ?
 
 
 
 

Question

 • 

Updated 

3 years ago

6.6K

32

0

0

tfirma808

New problem solver

 • 

4 Messages

3 years ago

Hello, the very same thing happened to me--I got a service upgrade a few days ago, and with a modem swap, my manual DNS settings no longer work.

 

Is there a way to resolve this?

0

0

Comcast_Michelle

Official Employee

 • 

526 Messages

3 years ago

Thanks so much for taking the time to reach out to us regarding your DNS issues. I very much appreciate your patience and greatly apologize for the delay in our response. I know how important the services are to your business and we want to do all that we can to assist. I can only imagine how impactful this DNS Proxy issue is to your business and I would love to get to the bottom of this with you. Can you please reach out through private message with your first and last name, business service address and account number or phone number? 

0

0