Welcome to Comcast DNS

This site provides you with the Comcast DNS server status, IP addresses, and troubleshooting tools. As part of our ongoing efforts to protect our customers and provide great security features, DNSSEC validation is now included as part of Comcast Constant Guard™ from Xfinity.

Subscribe to feed Latest Entries

Some Netgear Routers Causing Flood of DNS Queries

Posted by Comcast
Comcast
Comcast Corporation (Nasdaq: CMCSA, CMCSK) (www.comcast.com) is one of the world’s leading media, entertainmen...
User is currently offline
on May 20, 2013
in DNS News

We have noticed that certain Netgear routers with older firmware are performing DNS queries for the names of Netgear NTP servers at a rapid rate, which we initially thought was a DDOS attack on our DNS recursive resolvers.  This seems to occur when a cable modem is reset. The router firmware bug can cause a single router to query at rates of thousands per second (millions per day) and impact that customer’s experience by flooding their connection until the router is reset. The DNS records being queried are: time-a.netgear.com, time-b.netgear.com, time-c.netgear.com

Netgear has confirmed the firmware bug and recommends the end users update their device’s firmware to the latest build for the impacted devices. The following links provide specific instructions on upgrading:

WNDR4500: http://support.netgear.com/product/wndr4500
WNR3500Lv2: http://support.netgear.com/product/wnr3500lv2

If anyone needs help upgrading or has additional questions, they can contact Netgear directly at (888)NETGEAR. They are aware of the issue and ready to assist customers.

Tags: DNS News

www.bncr.fi.cr Failing DNSSEC Validation

Posted by Super User
Super User
Super User has not set their biography yet
User is currently offline
on April 30, 2013
in DNSSEC News

The domain bncr.fi.cr is currently failing DNSSEC validation. This is because several RRSIG records in the domain are invalid, including www.bncr.fi.cr. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/www.bncr.fi.cr/UX_OqQ/dnssec/.

Tags: DNSSEC

vsp.virginia.gov Failing DNSSEC Validation

Posted by Comcast
Comcast
Comcast Corporation (Nasdaq: CMCSA, CMCSK) (www.comcast.com) is one of the world’s leading media, entertainmen...
User is currently offline
on April 11, 2013
in DNSSEC News

The domain vsp.virginia.gov is currently failing DNSSEC validation. This is because DNSKEYs are expired. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/vsp.virginia.gov/UWb1Yg/dnssec/.

Tags: DNSSEC

energystar.gov Failing DNSSEC Validation

Posted by Super User
Super User
Super User has not set their biography yet
User is currently offline
on April 11, 2013
in DNSSEC News

The domain energystar.gov is currently failing DNSSEC validation. This is because the domain has a published DS record that does not match any DNSKEY record. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/energystar.gov/UWbUKg/dnssec/.

Tags: DNSSEC

bncr.fi.cr Failing DNSSEC Validation

Posted by Comcast
Comcast
Comcast Corporation (Nasdaq: CMCSA, CMCSK) (www.comcast.com) is one of the world’s leading media, entertainmen...
User is currently offline
on April 11, 2013
in DNSSEC News

The domain bncr.fi.cr is currently failing DNSSEC validation. This is because the RRSIG and DNSKEY do not validate records in the domain. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/bncr.fi.cr/UWbGQA/dnssec/.

Tags: DNSSEC

Video Interview on Negative Trust Anchors

Posted by Comcast
Comcast
Comcast Corporation (Nasdaq: CMCSA, CMCSK) (www.comcast.com) is one of the world’s leading media, entertainmen...
User is currently offline
on April 01, 2013
in DNSSEC News

Check out this video interview on Negative Trust Anchors "NTAs" for domains failing DNSSEC validation: http://www.youtube.com/watch?v=AattVxfFmNo

Tags: DNSSEC

sangitacpatelmd.com Failing DNSSEC Validation

Posted by Comcast
Comcast
Comcast Corporation (Nasdaq: CMCSA, CMCSK) (www.comcast.com) is one of the world’s leading media, entertainmen...
User is currently offline
on March 21, 2013
in DNSSEC News

The domain sangitacpatelmd.com is currently failing DNSSEC validation. This is because the domain has published DS records, but no DNSKEY or RRSIG records. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/sangitacpatelmd.com/UUrU2Q/dnssec/.

Tags: DNSSEC

teamtony.org Failing DNSSEC Validation

Posted by Super User
Super User
Super User has not set their biography yet
User is currently offline
on March 20, 2013
in DNSSEC News

The domain teamtony.org is currently failing DNSSEC validation. This is because the domain has published DS records, but no DNSKEY or RRSIG records. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/teamtony.org/UUoL3A/dnssec/.

Tags: DNSSEC

eeoc.gov Failing DNSSEC Validation (Fixed)

Posted by Super User
Super User
Super User has not set their biography yet
User is currently offline
on March 19, 2013
in DNSSEC News

The domain eeoc.gov has been failing DNSSEC validation. This was because the RRSIGs covering the domain records had expired. The domain owners corrected the issue and informed us. We have flushed our cache for these records to speed resolution. The DNSViz report at the time of this failure can be found at http://dnsviz.net/d/eeoc.gov/UUidFg/dnssec/.

Tags: DNSSEC

coffeecupmonument.com Failing DNSSEC Validation

Posted by Super User
Super User
Super User has not set their biography yet
User is currently offline
on March 11, 2013
in DNSSEC News

The domain coffeecupmonument.com is currently failing DNSSEC validation. This is because there are published DS records, but no corresponding DNSKEY records. The domain owners have been contacted and made aware of the issue. The DNSViz report of this failure can be found at http://dnsviz.net/d/coffeecupmonument.com/UT3dOQ/dnssec/.

Tags: DNSSEC
This 
server cluster is functioning properly.This server cluster is functioning 
properly.
RSS Feed
Share this page on the social networks