I've been down this road many times before. You need to find your local account manager/sales rep and ask them to remove the coding from the account. This may result in losing the bundle price, so pair it with a different service like Comcast Connection Pro or something like that. Should keep it from coming back vs calling support over and over. If you don't have a local account manager ping me off list and I can try getting you in touch with someone I know. Good luck.
- Patch On Sun, Sep 24, 2023, 9:37 AM Aaron de Bruyn via NANOG <nanog@nanog.org> wrote: > We get around the brain-damage by having our router grab all DNS requests > and convert them to DoT or DoH using dnsdist. That probably won't work if > you're hosting a DNS server on your cable connection though. > > Call the normal support number and have them disable the "Security Edge" > service. The "best" they can apparently offer is that it'll stay disabled > until your modem gets a firmware upgrade or is factory reset. Then you'll > have to call back in and disable it again. > > Just be prepared that they're going to tell you it'll cost more for > providing less service. Security Edge is horrible? Disabling it costs more. > Don't need a phone number so Comcast can pad their numbers to the FCC? > It'll cost you more. Same with not needing cable TV for your business. It > costs you more because Comcast can't use you as a bargaining chip when > negotiating with other media companies. > > -A > > On Sun Sep 24, 2023, 05:05 AM GMT, Al Whaley <awna...@sunnyside.com> > wrote: > > I am looking for a senior contact at Comcast. > > I have been trying to assist someone with a business connection that runs > a server farm. Recently the business cable modem started to short-stop > port 53 for UDP and TCP. Apparently, a transparent DNS proxy somehow got > activated and all outbound traffic to any IPv4 or IPv6 address is > intercepted and handled by the modem – or not handled. Sadly, the proxy is > stupid and a) ignores the intended destination address, and b) drops things > it doesn’t know about, including any AXFR / IXFR and other more esoteric > traffic, normal for DNS server installations, but not used by the public. > The DNS servers are not able to do work, e.g. act as secondaries. > > I know others in the same configuration with servers that have been lucky > and not had this ‘feature’ activated, but I have found several references > on forums where people have been caught by this and unsuccessful in > reaching anyone in management, so it is a known problem. > > Comcast doesn’t allow customer supplied DOCSIS modems with multiple fixed > IPs. Other avenues exhausted as well. > > I’m hoping someone at Comcast can disable this. Attempts to go through > customer service… well we all know where that ends up. Escalations just > don’t go to anyone technical or interested. > > regards > Al Whaley > Sunnyside Computing, Inc. > >
