Recent Network Management News:
- Published on Tuesday, 21 October 2014 16:10
In response to malicious network activity, we have implemented a block of TCP port 0 traffic. The Internet Assigned Numbers Authority (IANA) lists TCP port 0 as a reserved port, which means it should not be used by applications. Based on testing, we believe this block prevents network abuse and should not impact legitimate traffic. A full list of blocked ports can be found here.
- Published on Thursday, 03 July 2014 08:48
At Comcast, we periodically review and revise our website to ensure that customers have the latest information about our services. We have revised our Internet service performance webpage to give customers the latest information to help them make informed choices. You can read more about the performance of our Internet service here.
- Published on Wednesday, 02 July 2014 12:47
The Internet Society (ISOC) published a so-called Routing Resilience Manifesto. Comcast joins ISOC and other network operators in calling for community action on this subject, and joining us to support this Manifesto.
Primarily, adoption of the Routing Resilience Manifesto requires that Internet Service Providers (ISPs) filter routing announcements received from their customer networks explicitly at the “prefix” level. Comcast has been employing this method for at least the past several years and expects neighboring networks to do the same.
Additionally, the Routing Resilience Manifesto calls for networks to take steps to prevent network spoofing, which is central to curtailing many amplification and/or distributed denial of service (DDoS) attacks. These attacks take advantage of the fact that some networks have not taken steps to prevent network address spoofing. Comcast takes several steps to prevent network spoofing, and a list of FAQs on subject can be found here.
Finally, the Manifesto asks that ISPs maintain usable contact information and coordination capability for real-time troubleshooting between network operators, to which Comcast is also committed. We hope that other ISPs will adopt the guidance in the Routing Resilience Manifesto in order that we may improve the stability and reliability of the Internet upon which we all depend.
- Published on Friday, 30 May 2014 16:45
NetForecast's independent assessment of Comcast's data usage meter confirms it to be accurate within +/-1% with an APDEX score of .98, which is described as excellent. The report provides an overview of how our usage management platform works, NetForecast's validation methodology, and the overall performance rating. We recently contracted with them to conduct the comprehensive study, and the results have been published on their web site.
- Published on Tuesday, 08 April 2014 08:49
On May 20, 2011, we first posted about these rules. Those rules have now been updated to reflect that IPv6 is now required, that DOCSIS 1.1 and 2.0 modems are now or soon will be in end-of-life status, and that we are preparing for DOCSIS 3.1 modems.
These rules pertain to the attachment of devices to our High-Speed Internet network by customers. You can find information concerning the devices approved for use on the network, and the tiers of our service that they are appropriate for at http://mydeviceinfo.comcast.net. In order for a cable modem device to be approved for use on the network, it must pass CableLabs certification, UL certification, FCC certification, and Comcast DOCSIS certification testing. Comcast's current DOCSIS device testing requirements and the test scheduling process are described here.
Please also note that customers may purchase their own cable modem for use on the Comcast network. However, Comcast does not support all possible modems on its network because there may be compatibility issues with some devices. The Comcast Agreement for Residential Services (Sections 6(b)(1)–(3)) makes clear that a device must meet Comcast’s minimum technical specifications in order to successfully install, access, operate or use a particular service. In addition to our full list of approved devices, a list of recommended retail devices can be found at http://mynewmodem.comcast.net.
- Published on Thursday, 13 March 2014 13:48
Recently, the Internet community has taken notice of NTP amplification attacks, as well as other attacks leveraging DNS, SNMP, and other protocols. These attacks take advantage of the fact that some networks have not taken steps to prevent network address spoofing. Since we have been asked what steps Comcast takes to prevent network spoofing, we have put together an FAQ on the subject.
In short, we use one of two techniques: Unicast Reverse Path Forwarding (uRPF) verification and DOCSIS Source Address Verification (SAV). Using these techniques our customers are prevented from sending traffic with spoofed IP addresses through their cable modems.
Read more about this topic here in these FAQs on preventing network spoofing.
- Published on Wednesday, 01 August 2012 00:00
We've announced some changes our policies on Simple Network Management Protocol (SNMP) and Simple Mail Transport Protocol (SMTP), which will affect a very small portion of our customers. You can find more information in two blog posts. One is a general post about both issues, and the other is specific to SMTP. While the policy change was announced today, implementation will occur gradually.
- Published on Thursday, 17 May 2012 10:57