Using my own modem and router with static IPs

Thanks for taking the time to reach out to us through our business forums regarding your modem and static IP. As a business customer with us, you do always have the option to use your own modem. This link will provide you with more information on the modems that can be used with your services. https://comca.st/2WrOu5w. To properly support our static Ip services for you, it is required that the modem be leased so that we can program the static, manage and maintain the IP address. So if you do purchase your own modem your static Ip addresses would not work. Does this help to address your questions and concerns?

This really doesn't address my concerns because as I said earlier, I want to use my own equipment with my static IPs.  There is nothing special or magical about the block of static IPs I've been assigned.  It is a standard 8 address (3 bit) block which has a upstream gateway.  If comcast uses some form of tunnelling like GRE, IPsec, PPPoE, that's fine but be transparent about it so I can choose if I want to get my own equipment or lease.  There is absolutely no technical reason why this should require me to lease a comcast router.  It is, however, an excuse for Comcast to charge extra for a router that I don't want or need.  BTW, I am already being charged for static IPs separately so the fact that I don't have the option of using my own equipment with my static IPs means my static IPs costs a lot more than advertized which is borderline fraudulent.

ralfwolf,

What did you end up doing about this? I own a business and I'm having the same issue. Very frustrating.

Comcast modems work this way:

The modem boots and pulls a bootfile off a comcast server.  It does this using some low-level communication that has nothing to do with TCPIP.  The bootfile configures the modem with it's IP addressing and other configuration.  If you have static IPs those are also configured into the modem via the boot file.

Once the modem finishes booting it begins route advertising it's static IP block back into the Comcast network.

Comcast does not configure customer routes inside of it's core routers for static IPs, all static IP routes in it's core routers are there from the individual gateways out in the field advertising them into it's core routers.

That way if a customer site goes down that has a static IP, the route to that IP disappears in Comcast's core routers.  So, any incoming packets from the rest of the Internet with a destination to that static IP, are rejected by Comcast's core routers with a "route not found" ICMP error message.

This prevents Comcast's core routers from being overrun by packets from idiots on the Internet who are attempting to contact servers and other things that are on customer static IP addresses that have been shut off.

It also prevents tens of thousands of individual routes having to be written into comcast's core routers, which would be rather an administrative nightmare.

It is the technically scalable solution and it is EXACTLY how the designers of TCP/IP routing intended TCP/IP to work on a large network.

The only problem with it is that a malicious person with control over a Comcast end router could duplicate this advertising and advertise a subnet belonging to a victim and redirect victim traffic to themselves.   As you might imagine, spammers and other attackers would love to do this.

I have a static IP block and I've actually had it happen to me once.  Not from an attacker from Comcast idiocy.  What happened was I had an older Netgear comcast modem which I traded in for a newer technicolor gateway.  The comcast tech did not return the Netgear modem to comcast's depot, where in the process of decomissioning it they would have noted the MAC address of the modem and deleted the bootfile out of the comcast network.  Instead the modem sat in his truck for 2 years.  Finally one day a customer needed a replacement Netgear modem and the comcast tech used the one I used to use.   It worked fine for that customer and since the old bootfile was still there, that customer now had the same static IP's I had and was advertising them into the comcast network.

It took 3 mailservers and 2 webservers and 300 of my customers offline for 2 days before they finally figured out what happend.

The moral of this story is unless you know what you are doing, stay out of this market, you probably don't need static IP's at all.  Use dynamic DNS.  I know far more about how Comcast's internal network works than 95% of the "support reps" and even the field techs know.