Explain this bizarre ISP behavior

Factual Questions
1

The ISP is Xfinity. I don’t own the account, my landlord does.

About 7 a.m., trying to access a large number of internet sites returns an error that the internet is down. But not all. The straightdope does not, thankfully. Google is also up as are several others. But the majority of sites on my bookmark list are out.

This is the second time this has happened. The first was a couple days ago at about the same time. The last time, I called my landlord and got him to reset the cable modem, which he can do online. He even sent me instructions on how to do this. Unfortunately they don’t work for me. I can log into his Xfinity account, but I get an error when I try to do the reset. The only thing I can think of is that he logged in with his cell phone, which does not use Xfinity and I had to log in through the modem in question. So it may have some kind of restriction because of that. (I don’t have a smart phone, so I can’t do it through another channel.)

I can’t get to the modem physically. It’s in another tennant’s place.

Anyway, any explanation of why or how this happens? I’m more interested in why many sites are inaccessible, but why the reset doesn’t work is also of interest.

2

DNS servers down mebbe? Google maintains public DNS servers and sometimes if I’m getting problems like that if I point my computer to the Google servers it clears things up.

3

I’m not sure what you mean by “point my computer to the Google servers”.

Anyway, the problem just cleared up right now. I don’t know if my landlord did a reset (I was going to call him, but haven’t yet) or maybe Xfinity did something.

4

It’s dependent on your operating system but since it’s cleared up it’s a moot point. On the plus side, DNS issues are seldom long lasting, just annoying.

5

The operating system is Ubuntu. It’s happened twice already, so I don’t think it’s moot. It’ll probably happen again. So any help would be appreciated.

6

Cursory Google search turned up this article on setting DNS servers in Ubuntu, might be a good jumping off point–my Linux knowhow is small and Mint specific but the command line instructions are probably about the same.

7

Find the settings for your network adapter. In the settings you’ll see two DNS entries, likely blank. Change one to 8.8.8.8 and the other to 8.8.4.4.

8

OK, I found the Network on the settings menu. It has two DNS fields, which as you say, are blank. One is under IPv4 and the other IPv6. Do I set the IPv4 one to 8,8,8,8 and IPv6 to 8,8,4,4 ?

I assume I’ll also have to set the methods for these to manual. They’re currently on automatic.

9

The ipv4 ones should be 8.8.8.8 and 8.8.4.4. There is probably a way to put in multiple entries, but if not, just pick one of them. The ipv6 ones should be 2001:4860:4860::8888 and 2001:4860:4860::8844.

However, it might not work, because Comcast. On some residential connections, but not all, and I don’t know what the policy is, Comcast intercepts DNS requests, and sends them to their own server. So When Comcast sees a DNS request being sent to 8.8.8.8 they intercept it and route it to their own server at 75.75.75.75. Comcast does do some useful things with this, such as block known sites that deliver malware. It is also possible they do other things with the information. And people wonder why DNS over TLS (DoT) and DNS over https (DoH) are things.

It also might not work if you are using Chrome, and Chrome has decided to use DoH to Google’s servers, instead of the OS settings for DNS. In that case, it might be Google’s DoH server that is giving you trouble.

So, it might be a temporary DNS outage, and the IP addresses of sites you recently visited are cached locally or by the browser and are working even when the DNS server is broken. It also could be a routing issue at Comcast or someplace else upstream. For example, they can reach Google and the Discourse cloud (for here), but perhaps can’t reach other places that take a different path to get to.

Here are some useful commands you can try in a terminal window next time there is a problem. To see if DNS is working you can look up some addresses. Try the place you’re trying to go, and maybe some other domains:
host amazon.com
host cnn.com
host mit.edu
(nothing special about those sites, just short to type)
If any of those come back as “not found” then the DNS is responding that it does not know them. If it takes a long time, and then comes back with “connection timed out” then it is having a problem connecting to the server.

Another useful thing to try is “mtr”, which will show the path to get to someplace.
mtr google.com
mtr amazon.com
The path might stop at the firewall to the site you’re connecting. What you’re looking for is that multiple sites stop at the same or similar places. For example, if nothing seems to get past be-36041-cs04.1601milehigh.co.ibone.comcast.net for me, then I can assume that Comcast is having some sort of problem.

10

Is this wifi or ethernet? Every now and then some of my wifi devices will stop but others and the hardwire devices are working fine.

11

The next time this happens, try on some other internet-enabled device like a phone, tablet, other laptop, etc. This will help determine if it’s one device or all the devices having the problem. If it’s all the devices, then it’s something to do with the router or internet. But if it’s just one device, then it’s something specific to that device.

Can you describe the error you get specifically? Is it an Xfinity error message in your browser that says “Xfinity can’t get to the site” or something? Or is it a generic browser message that says the site is not available?

12

It’s wifi. The error is the generic one you get when it can’t reach the site. Except it’s immediate. No wait for a timeout. I’m pretty sure the DNS issue suggested above is the problem.

I don’t have any other devices that I can use. I’d have to ask one of my roommates. Unfortunately, it’s not always easy to get to those guys. I sometimes go days without seeing either.

13

The behavior sounds like a DNS problem but it’s strange that resetting the router fixes it.

One workaround I’ve used on cheapo routers in the past is to use an outlet timer to automatically power them down for 15 minutes early each morning. Works like a charm and the timers are only around $10-20 on Amazon.

You might offer to buy such a timer and ask your landlord to install it for you.

14

Well, it’s not certain that the reset did it. It’s possible that was just a coincidence. The second time it fixed itself without a reset, so it was only the one time.

Anyway, I put 8.8.8.8 in the DNS field, so we’ll see if it reoccurs. It didn’t happen today at the usual time, so that’s encouraging.

15

Yeah, my guess would be that the router reset is a post hoc ergo propter hoc situation. With my modem, the reset cycle (power off to connection fully reestablished runs around 5 minutes. The DNS probably got fixed during that window.

16

Depends on the ISP. With my old ISP, every now and again I got a new IP address, plus different DNS settings set in the router (supplied by the ISP), I am assuming using DHCP. For some reason there were times that the new DNS servers seemed to be short of some sites. A router reboot would get new settings and things were OK.
Long term fix was that I hard coded the settings to some major public DNS server such as Google

17

Resetting the router might fix the DNS problem, if the DNS problem is local to the router itself. Usually the way this all works is the router gets an IP address and DNS settings from the ISP. The router then sets up an internal network. The router tells devices on the internal network to use the router’s internal IP address (192.168.0.1 or similar) as the DNS server. The router’s builtin DNS proxy receives DNS requests, and passes them to the ISP’s upstream (real) DNS servers.

If the router’s DNS proxy crashes, then the router will stop responding to DNS queries, even though nothing is wrong with the ISP’s network. Rebooting the router will reset the DNS proxy, and it will work until it crashes again.

Manually setting your DNS to use Google may solve the problem, even if Comcast is intercepting the DNS request, as it is bypassing the broken DNS proxy on the router.

It is also possible that the problem has nothing to do with DNS and is in the modem or someplace in Comcast’s plant (all of the pieces of their network that aren’t in your house). Resetting the router/modem unit will force the connection to be renegotiated, which may bring it back into a working state. I’ve had issues with Comcast where intermittent connection problems were due to issues in their plant. Eventually the problem got bad enough that they were able to identify and repair the broken piece.