Comcast / Xfinity ordeal

On 09/08/2024, @03:38, my Comcast internet service failed. In the end, things mostly worked out.

Skip to the summary, if you are not interested in the details.

After spending hours trying to reach a customer service representative, and staying on the phone with them for 2 or 3 hours, we determined that my outage was with my cable-modem (even though it still had power and lights).

They told me that they would have to schedule a technician to visit me, and that the earliest appointment would be 09/11/2024 (three days later (or nearly 4 days, since the outage started at 03:38 in the morning)).

So I disconnected the cable-modem, and drove to a local Xfinity store (soon after they opened), and they handed me a replacement cable-modem.

It was a bulky/tall, white device, with no buttons or lights (or so I thought). I asked for a different cable-modem, and he told me that this is the one they are currently using (a lie by omission – more below).

I took it home, powered it on, hooked everything up, and it did not work.

Back on the phone, they told me that I had to install the Xfinity app to activate the new cable-modem. I told them that I am not installing their app, and they should activate it remotely (after all, there are people that do not have smart phones, and therefore have no access to the app). In my case, I do not trust their app.

I discovered that that cable-modem did have a single, tiny, thin light, that you could see, only if you stood up and looked in a crevice on the top of the device. So it was nearly useless as a diagnostic tool. Comcast does not want the customer to have useful information at their disposal. Also, that cable-modem could heat your room.

They activated the cable-modem, and all was well, until I discovered that the device would not allow me to configure port forwarding. I was logged into the cable-modem via my web browser. The message in the port forwarding screen was that you had to use the Xfinity app.

So it was back onto the phone, and I was directed to use Device Info - Xfinity to choose from a list of compatible cable-modems.

The information about each of the listed cable-modems was wrong (in some cases), and most of them did not have WiFi, and nearly all of them had no RJ11 ports for land-line telephone service.

The photos were small and useless. But a web search, to see the front and back, revealed Xfinity’s information to be wrong with several of the models.

The Xfinity representative on the phone with me did some digging, and found a model that was not listed on the site, that had both WiFi and RJ11 ports. He checked my local Xfinity store’s inventory, and they had 13 units in stock.

So back to the Xfinity store.

Since I knew that they had 13 units in stock, and I had a ticket number, they were not able to push a different cable-modem on me.

I hooked up this new cable-modem (which has all the right diagnostic lights), and called to have them activate it.

I spoke to 5 different people, over the course of 2 days. At one point, they got it to work. They sent a re-boot signal, and upon restarting, it stopped working. And they could not get it to work. So, back to waiting for a visit from their technician.

Today, I noticed that I could ping any site, including anything I typed in.

ping lakfjlskjflksdjf

…would return successful results.

It turned out that the pings never got passed the cable-modem. The cable-modem was capturing and responding to any and all ping requests.

I called them, again, hoping that this information might give them a clue to get it fixed. It took nearly 2 hours, but they got it working (and canceled the visit for the technician).

So, now on to the port forwarding. Again, denied.
This time, the message is that I have to login to xfinty to configure port forwarding settings, making it “easier than ever”.

So you are in the screen to set the port forwarding configuration, and Comcast tells you that now you have to go elsewhere to perform that operation, and that extra, unnecessary step is easier than making the change where you are already in the correct place. Disallowing you, and sending you elsewhere, is easier, according to Comcast.

This stinks to high heaven.
Comcast is monitoring its customer’s port-forwarding setting. Either via the app, or via you logging in to your xfinity account.

And through all of the above, while trying to activate my new cable-modem, my Chia full node box was synced and working normally. So even when I could not ping anything, my Chia box 1) auto-configured the new cable-modem’s port-forwarding, and 2) had internet access, even though I could not ping anything, or do DNS lookups, etc.

Or did Comcast know my old cable-modem’s configuration, and they automatically applied it to my new cable-modem? The latter means that Comcast has every detail about the cable-modem’s private settings.

The new cable-modem even had the same internal IP address that I was using on the old, failed cable-modem. I was using a ten-dot address, and the new cable-modem just happened to have that same, exact IP address already set.

So Comcast knows your internal (LAN) IP address.
Of course they would know, and set, the WAN IP address. But on your private LAN side, they have control of that, too.

Also troubling is that when I hooked up the new cable-modem, my web browser opened up on my connected computers – including my Chia box. It tried to bring me to a configuration page.

Also troubling is that one of the Xfinity representatives was able to see my motherboard brand, for each connected PC. They also saw my printer. He told me the brand names of what I had in my home.

One other time-wasting session is that each phone representative insisted that I set up a WiFi password, before they would activate the new cable-modem. I told them that I have no WiFi devices; that I use physical LAN cables. Still, they insisted. So they did it from their end.

Ergo, they can get into your account, put in their own WiFi password, and hand that information to anyone that they want that could login to your local network if they get within range.

During the time I was not able browse the internet, this is what my browser displayed:

The above is a lie, because nothing (other than Chia) was working, and yet they demanded that WiFi be set-up. I never mentioned Chia, because that would have confused them, and it had nothing to do with the issue. But their message (above) when opening the web browser is a lie.

In summary:

The Chia app auto-configures your modem’s port forwarding. Or, Comcast has a database of their customer’s private configurations, and applies it to your new cable-modem – including your private, internal IP gateway address.

Most of the Xfinity phone representatives did not know how to activate a cable-modem (unbelievable). And Xfinity (Comcast) is able to get onto your local network (their cable-modem is just another computer on your local network, and they have full control over it).

Before I concluded my call with the representative that got things working, I asked him if he could find a lower cost monthly package. He said that I would have to agree to allow Comcast to share my data. There was no opting out.

If I ever had any doubt that Comcast spies on its customers, I now have no doubt.

And since Comcast gets away with it, the other ISPs must be doing the same thing.

I guess it is time to put my local network behind my own router, in order to at least keep Comcast off of my local network.

Oh how I wish that I had an alternative to Comcast.

This is exactly what I do with Virgin Media (Liberty Global), we have to use their router, but at least we can put it in modem mode and then use our own router, pfsense in my case. This really confuses telephone support, as they think I only have one device connected, and they are also obsessed with WiFi.

What you have to remember is most of the customers haven’t got a clue, and they are grateful for remote set-up and all the hand holding.

The router was just capturing the DNS requests and redirecting to the setup page, hence why Chia worked fine. You really should either setup WiFi or turn it off.

We have loads of choice in the UK, well most do, but there are complications, only way I can get decent speeds is to use Virgin, hence why I put up with them and their high prices, I don’t have any other high speed options.

I did that.

Since the support personnel, who I needed to activate the new cable-modem, insisted on setting up a WiFi account, I was forced to allow them to do so.

I tried to get them to understand that enabling WiFi has zero to do with activating the cable-modem. So either they do not understand the basics, or they are under orders to follow step-by-step instructions.

Another possibility is that Comcast might actually have firmware on the cable-modem that will not allow it to be activated without first setting up a WiFi account. If that is the case, that is troubling, because it would have to be due to a nefarious purpose that benefits Comcast or 3-letter agencies.

I do actually use WiFi, for my smart-phone. But that was a post-activation item I would have attended to, where I would not be involving Comcast’s support personnel.

Once I was set-up, I changed my WiFi credentials. But Comcast apparently can access my WiFi password. At a minimum, they can go in and change it, at will.

If not for Chia, I would insert a router between my cable-modem and my local devices. But I am not sure how to configure the additional router to work seamlessly with Chia. It is probably simple, once you know how to configure it.

I use the ten-dot network.
So will I have to change my cable-modem’s internal IP address to, perhaps, the 192.168 network? I do not believe that both my cable modem and my personal router can both be on the same non-public IP class.

Networking is not my forte.

Comcast (at least in California) is monthly charging for “leasing” their modems. I have never had theirs, though. Currently, I have this modem Amazon.com (thanks to my friend) and it works like a charm (before that, I had an earlier version that worked for about 10-15 years straight; at that time, it was made by Motorola). It can be used with any cable ISP, as it is a standard DOCSIS modem (all are). The modem will pay off for itself in about a year. Comcast needs to initialize it once, that’s it. Behind it any router can go. No cable company will have access to those devices.

As far as DNS, recently DoH / DoT are gaining traction. Although, in the majority of cases the DNS snooping part is just shifting from the ISP to Google (as one of the main DoH/DoT DNS server providers).

The $10 per month rental ensures that when I have an outage, Comcast does not have an excuse to deny service; to point fingers at my self-purchased cable-modem. Reading Amazon reviews, lots of people were reporting that problem.

I have been reading Amazon reviews of all kinds of Xfinity compatible cable-modems. They all have 10% (or so) complaints from people that went through what I went through – even with the model that I finally got working.

I guess it is worth a try. If I can get it to work, then I can return the rented one (and cross my fingers that I never need Comcast’s support).

I have to find one that includes RJ11 ports. That cuts out the majority of cable-modems. And so far, the reviews are not too good. The reviews are all over the place, with lots of low ratings, and not enough high ratings.

There is not really much about “Xfinity compatible”. The DOCSIS spec is out for a long, long time and is constantly being updated. Therefore any cable ISP needs to support that spec, as no one will manufacture “ISP specific” modem.

However, with that being said, most likely all modem manufacturers are not letting end users download / upgrade F/W anymore, rather they ship it to ISPs and they deploy it. So, even though you get a modem from Amazon (or anywhere), Comcast will have its hands on it. Although, this is where their access stops, as that reach doesn’t extend to the router what is the key point.

As mentioned, I first bought my Motorola Surfboard about 15-20 years ago and have never had any issues with it at all. I had to call Comcast just once to get the modem initialized. I got this one Arris Surfboard 8200 (Arris bought those modems or maybe was manufacturing them for Motorola) I think last year, and I hope that it will run for another 10 years or so. In case Comcast wants to see a box behind that modem (they should not) a laptop can be connected directly to the modem, but this is exposing that laptop to the Internet, so it is not that safe (just connect while speaking with them, and immediately disconnect - again, they should not ask for it).

Most issues are not really with the modem, but rather with the router / WiFi side. Although, most of solutions to those problems can be found on Internet.

By the way, Comcast provides hot-spots, so in case modem / router are not working a laptop can be connected to such hot-spot provided by your neighbor to look how to troubleshoot it and/or order new device coming overnight (faster than a 3-day Comcast window). Again, such laptop needs to be firewalled and up to latest with security patches (or a phone acting as a local hotspot).

As far as Comcast refusing to support a 3rd party modem, the router should show the WAN status. If the WAN status is bad and Comcast reports problems with the modem, ordering a new one is most likely the best / fastest option.

Until Comcast activated my rented cable-modem, I could not login to it.

Without Comcast’s non-crippled, full activation, I could not check the WAN status, or anything else.

How much do they charge to supply an Internet connection?

We don’t have to rent modems/routers they are usually free (but often crap although they have greatly improved in recent years) , which really means the cost is built into the monthly charge.

I do not have a bill handy.

I have their basic triple-play package, with no added channels, and a rented DVR (would be great to replace that, too), and rented cable-modem, + taxes, for $180 / month.

I found my rented cable-modem on Amazon and Best Buy.

I have a Best Buy nearby. Amazon’s price is $14 less. Best Buy price matches, as far as I remember.

It is DOCSIS 3.0 (so not the latest). But it has the RJ11 ports for VOIP, and is more than fast enough for my needs.

And coincidentally, Best Buy recently sent me a $10 coupon. So I guess I will be paying Best Buy a visit.

Ouch! That is extremely expensive, I’m paying £40 a month which I consider expensive for 1100 down and 110 Mbps up , no TV, no phone, unlimited data. My brother pays £25 for 1Gbps symmetrical service.

I’ve never paid for a TV package although many do, I use an HD Homerun tuner and Mediaportal on my server to record/watch free over the air TV.

Phone is mobile only, £6 a month, haven’t had a landline for years.

I do pay for Netflix though.

I would not be buying DOCSIS 3.0 modem anymore. You are looking to have it potentially for the next 10+ years, and 3.0 is already quite old. 3.1 supports somewhere around 1Mbps (Surfboard 8200, but maybe it can go higher). I don’t recall upload speeds, though. This modem (SB 8200) doesn’t have RJ11 port.

Not sure if most, but if I recall my 8200 initially was responding on 192.168.0.1 port (without being connected to the cable). As modem is not providing DHCP, it means that any box trying to connect to it needs to have a fixed IP on 192.168.0/24 range. If such IP is not set, the box goes on autoconfiguration IP address range - 169.254/16 and may not know how to connect to the modem (no default route). Most likely that was your problem.

EDIT:
Looks like 3.0 maxes at 1 Gbps / 216 Mbps (up / down), where 3.1 at 10 Gbps / 1 Gbps. So, that 8200 is at the bottom of the 3.1 spec. Of course, DOCSIS 3.0 modems are most likely at around $50 range right now. Still, a waste of money in my opinion.

There are few DOCSIS 3.1 choices (and I have seen zero 4.0 choices) that include RJ11 ports.

As long as the spec will not be retired, DOCSIS 3.0 speed is faster (by multiples) than what I need.

And I like to see, at a glance, whether or not my service is working. The unit I am considering has several lights that are either steady, or blink, or dark, depending on the status. I can see it from the doorway. And it does not get hot (warm, but not hot).

I could find only two units that were DOCSIS 3.1, and had RJ11 ports:

It has loads bad reviews, and complaints about the RJ11 feature not working. But they were all for Optimum’s service. I searched for any comments containing Comcast or Xfinity. There were none.

They have 1 new one remaining, and lots of used ones for 1/3 the price.

A similar model, but refurbised:

Lots of complaints, including with Xfinity.

Phone doesn’t need to be connected directly to the modem. Some routers have phone jack(s) (although, may not work with Comcast service). Also, Comcast is most likely renting MTAs / ATAs to connect a phone for much less than their modem / router. I would also check with Comcast if you could buy your own phone adapter (ATA / MTA), something like Grandstream provides. Those go for about $30-50 or so.

I think that routers understand VoIP traffic and can prioritize it, so where the phone jack is is most likely irrelevant (does not need to be on the modem, from VoIP protocol point of view).