[PLUG-TALK] Comcast business class service...

Ronald Chmara ronabop at gmail.com
Sat Feb 21 01:51:13 UTC 2009


On Feb 20, 2009, at 4:58 PM, Michael Robinson wrote:
> What can people tell me about the cost of Comcast business service,
> the availability of subnets, the level of service, etcetera?

Funny you should ask, I have an anecdote from *today*.

So, today, after previously being given a .240 of IP's in the same  
range as our (previous) single static IP, and putting together a  
large rollout plan (it's a preferred-zero-downtime shop), we did a  
test roll, and we noticed that all the services that were supposed to  
be available at the new IP addresses... weren't.

Everything at the one IP we had before worked, but some of  the other  
IP's didn't work right... we could see web(80) on a box, but not  
jabber(5222), or 443 wasn't set up to be sent to another private IP  
(when it was working before), very odd results, not a lot of patterns.

We checked our firewall rules, our per machine ACL's, etc. Repeatedly.

Did I mention that a web-chat application involved in this test roll  
was occasionally taking the (non-test) parent company's website page  
loads into >10 second stalls between test runs? Painful, Openfire/ 
Fastpath just hangs when it can't make any sort of connection.

Eventually we called Comcast. After level 1 and eternal hold, they  
kicked us into a level 2 who *recommended* we pay for a per-minute  
outside IT phone consulting service, rather than talk to Comcast.  
(Uhm, no)

A couple more hours of research and experimentation went by, and we  
started noticing some general oddities about our "new IP's". They  
traceroute'd funny (portland to boston? wha?) , had odd reverse DNS  
(who the heck is *that* company, and why do the have their name on  
our PTR records?)

We called Comcast *again* to ask why. Back through level 1, up to  
level 2....

Oops, after some investigation, it turns out that they had told us to  
renumber our network with IP addresses...

....already actively *in use* by other Comcast customers.

We were hitting other customers of theirs with our "test traffic",  
trying to figure out why it wasn't showing up on our Firewall devices.

So, roughly 12+ man-hours into the drain, because Comcast couldn't  
even manage to provision a tiny subnet block of IP addresses in an  
orderly fashion.

So, they did offer a solution, where we can *renumber* (again), re- 
ACL (again), and re-test (again), but here's the kicker: It's a one- 
way roll, if they screw it up again, we may not be able to fail back  
to the single static IP we had with them before. (They apparently  
don't know how to keep both. Really. Yes. /facepalm)

My recommendation would be simple: No.

It took three "bad apples" (out of four) and hours of our own time on  
testing and research, just to get *more suggestions* to provision a  
working .240 block.

Of course, if you *like* that kind of thing (hey, it's a linux  
group), maybe it'll be fun. Just make sure you don't have any real- 
world money or time hanging on it.

-Bop



More information about the PLUG-talk mailing list