I recently upgraded my home connection to Comcast Business class (22Mbps down / 5Mbps down) with a static IP. Since moving from residential to business, my web connection is much, much faster for most pages. However, when loading HTTPS pages, about 75% of the time the request times out or is very, very slow (several seconds). I had Comcast out a couple of days ago, they replaced the Comcast gateway so it's pretty unlikely it's a flaky modem. They left me with an SMC 8014, and the home router I have connected to it is a Netgear WNDR3700, and all my home machines are plugged into the Netgear. (It doesn't matter which machine I plug into which router, I can pretty reliably reproduce the problem as described.) I installed Wireshark and after reproducing the problem while capturing the session I see that when this happens my machine is sending multiple retransmissions (TCP RTO) followed by a reset (TCP RST). Everything I can find online about RST tracing deals with the situation where the server is sending the reset packets, but in this case it's my machine. Unfortunately, I need a little bit of handholding because I'm totally new to Wireshark. I'm a software developer by trade but have never really done anything in this kind of hardcore network admin area. Hopefully someone can help me figure out what's up so I can fix this annoying issue. Thanks to anyone that can help! asked 17 Jan '11, 16:40  severoon |
6 Answers:
I am fairly certain your client will send the RST when it has plain given up after sending so many unacknowledged retransmission. (It probably should have sent a FIN first though). If you can make a packet capture available (possible showing a working HTTP and a non-working HTTPS session ) it will be more useful). answered 17 Jan '11, 16:57  martyvis |
Looking at the capture I see:
There are RST's associated with each of these. Based upon the retransmissions I could make a guess that from time to time the uptream path for a connection permanently fails. I don't know why. Firewall issue ? Perhaps others can provide some thoughts. Perhaps doing "download & upload tests" (using one of the various test sites available) may provide consistent repeatable failures which you can use to discuss with Comcast. Also: have you tried ping tests? answered 19 Jan '11, 08:49  Bill Meier ♦♦ edited 19 Jan '11, 09:15 Ok, that's about what I was able to conclude...communication just fails for no apparent reason. I will try the download and upload tests and see if I can find anything, but it only seems to happen for certain sites at certain times. With online bandwidth speed tests I've never had a problem. Ping is another thing that always works. I can't see as how it could be a firewall issue because I've been using my home router as configured with my residential connection for years with no problem. When Comcast upgraded me to business class a few weeks ago, I now have two routers, theirs and mine... (19 Jan '11, 18:48) severoon ...and I've shut everything off on theirs. The only thing I can figure is there's some kind of signal problem on their side, or there's some kind of interaction between the two routers. I'll try plugging my machine directly into the Comcast router and using it that way for awhile, see if I have the same problems... (19 Jan '11, 18:50) severoon |
I've seen similar issues when the upstream firewall drops out of order TCP. Cisco could not deal with out of order tcp in CBAC (using inspects) until something like 12.4(11)T. answered 19 Jan '11, 09:45  Paul Stewart |
This is a little off the subject. I have Comcast business in my home and want to switch back to residential. They are holding me hostage. They say I signed a 2 year contract 3 years ago and since I didn't call and cancel on the day the contract was up, I was automatically locked into another two years. Did you sign a contract? They say I have to provide a death certificate or papers from a lawyer saying my business went out of business. My business is too tiny to do this. I have to admit I didn't have many problems with the internet lately. I did at first, but you pay for tech support. I would call and they would come out that day. Now they just won't let me cancel their service. Any advise? Did anyone else sign a contract? answered 15 Jun '11, 09:52  curiousknowi... |
@curiousknowitall - I just checked my service contract. I signed a 1 year contract, and after it expires I will continue receiving the service without being under contract. If I want to take advantage of any promotional deals they have after that point I would have the option of signing another 1yr contract in order to do that, but I don't have to and I would continue receiving the service. Something sounds very strange about your deal. If your initial contract expired and you had to sign that one, then they would have to have you re-sign another contract covering a subsequent term. It would be quite an extraordinary contract indeed that you could sign that would commit you to indefinite re-ups. Have them send you a copy of your contract and pull up your own copy, read them thru and see if you can find anything that commits you to automatic re-ups. If you do see something in there that does, it might be worth seeing if you can get a free consult with a lawyer (this is worth doing, there might be a class action suit here...mobile carriers aren't allowed to do what you're describing, I don't see why cable companies would). If I don't see any language committing me to automatic re-ups, tho, what I would do is send them a letter informing them that you would like to discontinue service as of X day, then sign up for residential service as normal, and if they keep trying to charge business class services to your credit card call up the credit card company and dispute the charge. Provide them the contract and your letter and let their lawyers fight it out with Comcast. answered 15 Jun '11, 11:09 severoon |
@curiousknowitall - I just checked my service contract. I signed a 1 year contract, and after it expires I will continue receiving the service without being under contract. If I want to take advantage of any promotional deals they have after that point I would have the option of signing another 1yr contract in order to do that, but I don't have to and I would continue receiving the service. Something sounds very strange about your deal. If your initial contract expired and you had to sign that one, then they would have to have you re-sign another contract covering a subsequent term. It would be quite an extraordinary contract indeed that you could sign that would commit you to indefinite re-ups. I would call back and continue escalating to see if you can get a resolution that way. If not, have them send you a copy of your contract and pull your own copy, read them thru and see if you can find anything that commits you to automatic re-ups. If you do see something in there that does, it might be worth seeing if you can get a free consult with a lawyer (this is worth doing, there might be a class action suit here...mobile carriers aren't allowed to do what you're describing, I don't see why cable companies would). If I don't see any language committing me to automatic re-ups, tho, what I would do is send them a letter informing them that I am discontinuing service as of X day, then sign up for residential service as normal, and if they keep trying to charge business class services to your credit card call up the credit card company and dispute the charge. Provide the credit card company the contract and your letter and let their lawyers fight it out with Comcast. (It would be a good idea to have that letter sent return receipt requested.) answered 15 Jun '11, 11:11 severoon |
Ok, it seems that it's not just HTTPS traffic after all. For whatever reason, I was only noticing it on those sites before, but when I went to create this capture session normal pages timed out.
I loaded two sites several times, google.com and luxdomo.com. Sometimes they loaded, mostly they timed out. I captured all traffic in the hopes that someone can help me figure out what the heck is going on. (The Comcast people I've spoken with so far aren't worth much...)
~Thank~ you for any info you can provide!