4

At work, we've had a persistent issue with slow response times from Google based URLs via our Comcast internet service.

Any time we try to load Google.com, YouTube.com, Drive.Google.com, ajax.googleapis.com, etc. there is a 5-20 second delay before a response is received. All other sites load fine (assuming they aren't using Google APIs), and speed tests show we're getting the right bandwidth from Comcast overall.

After a connection has been established, Google pages on that IP/domain run smoothly for a few minutes, but then the same 5-20 second delay will return.

Our network setup is pretty minimal: Comcast modem/router to a D-Link Wireless Router to a D-Link Gigabit switch. We're all running Macs and the issue happens on all of the Macs on our network. Issue happens over wireless or wired connections.

What I've tried so far:

  • I've tried switching to Google's DNS server (8.8.8.8) and other DNS servers both on the router and on individual Macs, but that doesn't help.
  • I spent an hour on support with Comcast; they were unhelpful and claim the issue isn't with the modem, which I never suspected was the issue. They would not escalate the issue past the basic tech support since the modem is in working order.
  • I've asked about this issue on /r/Networking and several comments suggested an issue with IPv6 settings; however nothing IPv6 related is enabled on the modem or router. Individual Mac's network settings are set to "Configure IPv6: Automatically" though disabling or manually setting that doesn't matter.

Equipment used:

What else can I try to isolate this issue? Is it more likely that it's something on our network, or is the issue with Comcast?

Any help is greatly appreciated!

shshaw
  • 99
  • 5
  • A [Netgear CG3000DCR](http://mydeviceinfo.comcast.net/device.php?devid=347), which is not IPv6 compatible according to [Comcast](http://mydeviceinfo.comcast.net/?s=i&so=1&d2=0&d3=0&tier=-1&sc=570), though IPv6 is available in our area. – shshaw Jun 09 '14 at 15:38
  • Funny, because [Netgear says it does IPv6](http://www.netgear.com/service-providers/products/cable/gateways/cg3000dcr.aspx). Has the firmware been updated? – Michael Hampton Jun 09 '14 at 15:41
  • Odd. The [Netgear CG3000Dv2 N450](http://mydeviceinfo.comcast.net/device.php?devid=395) is listed as IPv6 compatibile on [Comcast's list](http://mydeviceinfo.comcast.net/?s=i&so=1&d2=0&d3=0&tier=-1&sc=570), but not the CG3000DCR. Our firmware version is listed as V1.33.03. I cannot find if that's the latest firmware or not. – shshaw Jun 09 '14 at 15:44
  • Outside of the IPv6 avenue, any chance of a packet dump showcasing this delay. Figuring out what between what parts of communication the delay occurs can shed light on the problem, or at least the culprit. – Christopher Karel Jun 09 '14 at 15:54
  • @ChristopherKarel Any way to capture a very specific packet dump for a request like that? I managed to get one for the delay, but there's a lot of other network traffic during that 15+ second delay. I have Wireshark installed, but don't know what I need to filter to provide accurate and specific data. – shshaw Jun 09 '14 at 16:12
  • You can filter an existing capture, then just save the viewed packets. The filter can be as easy as `ip.addr==a.b.c.d`. Then export via File->Export Specified Packets->Check the displayed column. – Christopher Karel Jun 09 '14 at 17:14
  • Could be MTU discovery problems. – Neil H Watson Jun 12 '14 at 15:53
  • @NeilHWatson Any way to test for that? – shshaw Jun 13 '14 at 14:26
  • @shshaw I think you'll need tcpdump, wirewhare, or similar to look for MTU discovery packet (hint, don't block icmp). If you're firewall is Linux you can look into MSS clamping. – Neil H Watson Jun 13 '14 at 15:45
  • I suspect DNS problem, the few minutes that the site is working could be associated to the TTL value of google.com. Did you try to put the names / IPs in the hosts file? – lacasitos Jun 16 '14 at 20:36

1 Answers1

0

First of all, disable any IPv6 on your servers/workstations if you're not using IPv6. It can cause a whole host of problems. Also disable IPv6 on your router.

You want to capture all port 53 traffic: http://wiki.wireshark.org/CaptureFilters

If your router supports configuring multiple subnets, configure a new one that doesn't broadcast DHCP, such as 192.168.99.0. Cable a laptop directly to the router, and set a static IP on that subnet and set the router as the gateway. Then, try to resolve a Google site. As long as you don't have any funny routing rules or other configuration on your router, this should help isolate the problem to either your LAN, or Comcast's.

Michael Gugino
  • 136
  • 4