Your IP:

Our Forums Have Moved!

Visit our new forums at https://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

    •  
      CommentAuthordkumets
    • CommentTimeMay 25th 2012 edited
     permalink
    Administrator
    Comcast has confirmed that there is a defect with two of their new gateways (Arris TG852 and Arris TG862) that prevents using OpenDNS. Comcast is working hard to fix the defect in an updated firmware.

    In the meantime, Comcast will replace these devices for any OpenDNS user at no cost. You can request a replacement by emailing a priority/escalated queue at we_can_help@cable.comcast.com

    Official statement from Comcast below:

    Comcast has identified a software defect on the Arris TG852 and TG862, which may cause problems for a small number of users attempting to use third party DNS services. Arris and Comcast are working to correct this issue and will deploy updated device firmware to resolve the issue. If a customer does not wish to wait for the updated firmware, the customer may email us at we_can_help@cable.comcast.com and a replacement device will be provided at no cost to the customer.



    Dima
    Product Manager
    OpenDNS
    •  
      CommentAuthordominic.b
    • CommentTimeMay 25th 2012 edited
     permalink
    Administrator
    If you already have a support ticket with OpenDNS regarding the configuration of your Arris TG-852 and Arris TG-862 and you are having trouble contacting Comcast, please let us know in your reply to the support ticket.
    • CommentAuthorweakham
    • CommentTimeJul 4th 2012
     permalink
    E-mailed Comcast (CC). No response! E-mailed again! Regional office called - never heard of problem. I insisted they check with engineering. Another CC regionnal guy called. Said they would swap in an SMC router/MTA. 1st day, CC sent out installer who said no SMC's in the warehouse. Next day, CC sent out installer who said no SMC in WH. Next day, same installer showed up with SMC. Logged on! It had identical software to Arris - no place to plug in 3rd party DNS addr's. Said to forget it - I'll wait on the firmware update for the Arris. Installer left. 2 minutes later, another CC installer showed up to tell me no SMC in the WH. Every night but the last night, got a follow up call from CC regional office. No one in CC understands the problem, and no one in CC talks to anyone else! My OpenDNS seems to create stats; however I also run DNSCrypt, and have to use port 443. What is the 'software problem' with the Arris 852/862, and why does CC think that swapping router/MTA's fixes anthing??
    • CommentAuthormaintenance
    • CommentTimeJul 4th 2012 edited
     permalink
    Th problem is as you describe - no place to enter static DNS addresses. The swap was supposed to replace the device with one that has configurable firmware. Much of the time, the firmware on the vendor's router is fine, it's the firmware as modified by the ISP which takes away functionality.

    edit: OK, two problems then, as the bug for which devices are being replaced is one which redirects all port 53 traffic as described below by dkumets.
    https://forums.opendns.com/comments.php?DiscussionID=14477&page=1#Item_7
    Thankful People: dominic.b, weakham
    • CommentAuthorweakham
    • CommentTimeJul 5th 2012
     permalink
    Based on my experience, folk shouldn't waste time requesting a router change! However, OpenDNS will work using the Arris 852 router (possibly 862 also) if you install DNSCrypt and use the 'Port 443' option (slower, I know, but at least it works)! It would be interesting to know if anyone has obtained a replacement router from Comcast that allows OpenDNS to work!
    •  
      CommentAuthordominic.b
    • CommentTimeJul 5th 2012
     permalink
    Administrator
    @weakham,

    Can you please create a support ticket at http://www.opendns.com/support/contact/ ? We will like to follow up with Comcast regarding your issue; select 'Configuring OpenDNS' as the subject when creating the ticket.
    Thankful People: maintenance
    •  
      CommentAuthordkumets
    • CommentTimeJul 5th 2012
     permalink
    Administrator
    To clarify, the issue with the Arris TG852/TG862 device is that a bug causes it to redirect all DNS (port 53) traffic to the Comcast DNS servers regardless of what the computer's settings are. Arris TG852/TG862 devices are being replaced until firmware that fixes this bug is released.
    Thankful People: maintenance, weakham, ctcurry, noah47
    • CommentAuthorcrepe
    • CommentTimeJul 13th 2012
     permalink
    Anyone know if you have Comcast put the Arris router into bridge mode and use your own router, will it fix this? Or is the problem in the modem side? I was paying for Opendns service for web filtering and no longer can use it because of this. I was thinking of putting it in bridge mode anyway.
  1.  permalink
    Putting it in bridge mode won't alter anything on the upstream device. You don't have to bridge to use your own router, but as above, the device redirects all port 53 traffic.

    You can use DNSCrypt, however. (Not using port 53.)
    • CommentAuthorsubwaygop
    • CommentTimeJul 25th 2012 edited
     permalink
    I have the Arris TG862G from Comcast. I told Comcast that I wanted my TG862G put into bridge mode. Once that was done I configured my Linksys router to use OpenDNS. I'm running DD-WRT firmware on my Linksys and again OpenDNS works on Comcast system with TG862 in bridge mode.

    Note: You DO NOT have to be using DD-WRT firmware on the Linksys for this to work.
    Thankful People: skip12
    • CommentAuthorcrepe
    • CommentTimeAug 17th 2012
     permalink
    Thanks subwaygop, that confirms my suspicion that it's the router side of the TG862G which is interfering with the DNS rather than the modem side. I have an Apple Airport I have bridged into the TG862G due to it's better Wi-Fi strength, I may just make the plunge and use it as the primary router. The other benefit will be not having two Wi-Fi access points in the same vicinity, it's really annoying that you can't disable Wi-Fi on the TG862G short of bridge mode.
    • CommentAuthorjason_m
    • CommentTimeAug 20th 2012 edited
     permalink
    How about a software Dns proxy, like Acrylic? Input 127.0.0.1:53, and output it via port 5353.

    edit:

    @rotblitz If you read...
    " edit: OK, two problems then, as the bug for which devices are being replaced is one which redirects all port 53 traffic as described below by dkumets. "

    So - The proxy would output dns requests via port 5353, which should bypass the port 53 capturing/redirecting of the Arris.

    This is just (another) short term solution until the modem is replaced.
    • CommentAuthorrotblitz
    • CommentTimeAug 20th 2012
     permalink
    How is this related to the Arris TG852/TG862 routers?
  2.  permalink
    Any update on this firmware from Comcast? Just got this modem installed last week and didn't realize it completely disabled opendns. Ugh.
  3.  permalink
    Why not then contact comcast as directed for a replacement?
  4.  permalink
    Submitted request using the email address above. No response. I guess il try to contact my local office for a replacement. Anyone know why its taking so long for a firmware update to occur?
  5.  permalink
    Okay, this is getting very frustrating. I'm having no luck getting the modem replaced or put into Bridge Mode (and getting it replaced will cost me a service charge). No one seems to know how to put it into Bridge Mode at Comcast so I just keep getting passed around. I've called at least 7 times over the past 2 weeks with no results. I've called into 404-Comcast, 800-comcast, 800-Xfinity, the Signature service and now another 800# (800-363-2416) that is supposed to be for "gateway support"... sitting on hold for over an hour now - I think they may be gone for the day, but the looping messages says "all technicians are helping other customers, please stay on the line for the next available technician".

    I've emailed the address above with no response. I've opened a support ticket with OpenDNS as reqeusted above and got an auto-reply saying my message was received and someone will be in touch with me within 72 hours (I still have 24 hours left, but not really sure what OpenDNS can do except maybe get me another number at Comcast to call).

    Anyone have anymore suggestions? I guess my last resort is to take the modem back to a local Comcast office and try to exchange it... never done this before. Anyone had experience doing this?
    Thankful People: losse
  6.  permalink
    Sorry you are having such an experience. It used to be Comcast reps would drop by the forum when there was any amount of Comcast talk, and they would tend to get things done. I know they hang out on Twitter, which is another venue to which they seem to pay attention. @comcastcares or @comcast Good luck.
    • CommentAuthorlosse
    • CommentTimeSep 26th 2012 edited
     permalink
    This is disapointing since I just had a TG862GCT installed today. I guess I will install watchdog on the kids PCs and see what I can do apps? for other devices :(

    I cant see any place to enter the DNS numbers.
  7.  permalink
    losse: If it isn't a gateway with the defectr, you can still use OpenDNS, you just need to configure the DNS IPs on devices or a router behind the gateway. Test:

    nslookup -type=txt which.opendns.com. 208.67.220.220
    or
    dig -t txt which.opendns.com 208.67.220.220
    • CommentAuthorweakham
    • CommentTimeSep 28th 2012 edited
     permalink
    I was in regular communication with Mr. Kenneth EY, Regional Executive Customer Care at Comcast Regional Executive Office (I think Philadelphia) about this matter (see my communications above). Originally, he was very desirous to help, and called every day to see if my replacement modem had been installed. I last heard from him on July 10, when he stated in an E-Mail to me "I have contacted Engineering to see when a software update will be done on the modem we are providing to our customers. At this time I am still waitingfor an update from our Engineering department with an update." I have E-mailed Mr. Ey monthly seeking status on the update, but have received no reply. I called his office number yesterday and left a message, but have not received a call back! Should anyone else wish to pursue this avenue of contact, his E-Mail is Kenneth Ey@cable.comcast.com, and his phone number is (410)513-3281. The Customer care Helpline number is (410)513-8600.
    • CommentAuthorlosse
    • CommentTimeSep 29th 2012
     permalink
    Is there a way to test to see if I have a defective modem?

    I tried connecting my asus router (its a good one) to the modem. I had to bridge it, atleast i think i had to, in oder to get it to work with the modem. I created a bridge on the asus with the routers mac address. Is that what I am supposed to do?

    Then i made sure it was setup for open dns to block sites, and it wont block any. Its like the modem is overriding it?
  8.  permalink
    I own a small I.T. Company and I noticed on one of my clients Comcast Router they didn't have an option to put in other DNS Servers such as OpenDNS.
    • CommentAuthorweakham
    • CommentTimeOct 5th 2012
     permalink
    Received a call-back from Kenneth Ey (see above) today! Says he is pursuing this matter with Comcast's engineering department! Will post any updates I receive here.
    • CommentAuthorjacobdenys
    • CommentTimeOct 17th 2012 edited
     permalink
    I'm having the same problems with the Arris TG862. Called Comcast and was bounced around to 5 supposed T/S reps who knew NOTHING about a firmware update. Seems like a bunch of hot air to not do anything about this device not allowing us to modify the DNS setting. Even their touted 'signature support' had no idea how to resolve this. One guy said go in to a local Comcast store and replace your gateway with a modem...an EMTA modem that support a phone line. He said make sure you get a "dosis 3" model...whatever that means. He said this one allows for the higher bandwidth throughput. Fine...but no one at Comcast is working on an updated firmware. WTH!!!
    • CommentAuthorweakham
    • CommentTimeOct 18th 2012 edited
     permalink
    I just called Comcast and was told that there is no problem with jacobdenys' solution; however, most Comcast stores don't carry the EMTA modems. My Comcast service center in Richmond does carry them, so I will be exchanging for one, at no charge. If you decide to do this, obviously check if your local CC store has it; else, CC will ship one to you at a 'small' shipping charge! You still have to pay the $7.00 monthly rental! I live in an apartment, and have a cable jack in each room! I already connected an old Motorola SB5120 DOCSIS 2 modem, and am running an old TrendNet TEW652BRP wireless router off it. When I use the Comcast Arris TG852 router with my notebook, I only get 54mbs wirelessly. With my Motorola/TrendNet setup I get a consistent 300mbs. I have put OPENDNS server addresses in the TrendNet router and it all runs great! OpenDNS Updater and DNSCrypt are 'fat, dumb, and happy'! Well, maybe not dumb!! I will update when I get the new config running. Incidentally, I have not heard back from Kenneth Ey (see above)!
    • CommentAuthorrotblitz
    • CommentTimeOct 18th 2012
     permalink
    "I have put OPENDNS server addresses in the TrendNet router and it all runs great! OpenDNS Updater and DNSCrypt are 'fat, dumb, and happy'!"

    If you run DNSCrypt, why did you configure the OpenDNS addresses on the router? This doesn't make sense with DNSCrypt unless you run devices not having DNSCrypt too...
    • CommentAuthorweakham
    • CommentTimeOct 18th 2012 edited
     permalink
    Deleted by weakham
    • CommentAuthorzelus
    • CommentTimeOct 18th 2012 edited
     permalink
    Hi weakham,

    As a small clarification, all OpenDNS employees have an orange 'O' next to their names - all other forum posters are customers; rotblitz is not an OpenDNS employee, but rather another customer who uses OpenDNS.

    While using DNSCrypt on your computer, your computer's DNS settings will be changed in such a way to ignore DNS settings configured in your router and will use our default DNS resolvers, so while using DNSCrypt there is no reason to configure your router with our normal DNS resolvers or the FamilyShield DNS resolvers unless you expect other users on your network to connect to your router and you want them to also use OpenDNS or OpenDNS FamilyShield.

    If you encounter any issues with DNSCrypt of our DNS resolver while they are configured on your network then please open a support ticket so we can help diagnose the issue: https://dashboard.opendns.com/support/
    Thankful People: maintenance, noah47
    • CommentAuthorweakham
    • CommentTimeOct 18th 2012 edited
     permalink
    Went to Comacast and swapped my Arris TG852 router/EMTA for an Arris TM722 modem/EMTA (DOCSIS 3.0). The only port (besides 2 telephone ports) was a 10/100/1000 ethernet port. When I first plugged in my router, the TG722 died (taking away my phone service), and kept resetting itself! However, it would work (including phone) as long as I didn't plug in the router, and I could also use my notebook, if I hard wired it to the ethernet port! Called Comcast support, and no one could figure out the problem. After a couple hours, they sent me to a specialist group, and the lady listened to my story, and said that I should do a hard reset on the modem, and it should work! Right! So, I did, and it started working correctly!!

    Reminds me of a story I heard from a network guru early in my computer training. After reporting to the phone company a line problem we were having, he said to me that the phone company 'never has a problem', and that in about 20 minutes they would call back and say that they couldn't find a problem, but to try it again. And he said, 'the line will start working'! And that is exactly what happened, to the minute!
    • CommentAuthormathdad
    • CommentTimeNov 5th 2012 edited
     permalink
    Help please!

    I am going to use OpenDNS at home, as a first step, I tried this command:

    nslookup -type=txt which.opendns.com 208.67.222.222


    The following is what I got, I do not know how to interpret it. Can you tell me if I can connect to OpenDNS?

    I have Comcast and TG862 at home. From the forum, I may contact Comcast and get TM722 as a replacement.

    Thans a lot for your help!


    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation. All rights reserved.

    C:\Users\test>nslookup -type=txt which.opendns.com 208.67.222.222
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    which.opendns.com.gen-probe.com text =

    "v=spf1 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ip4:74.125.148.0/22 ip4:70.164.126.0/24 ~all"
  9.  permalink
    You forgot the trailing dot in the command.
    Thankful People: monstergurl0.0, mathdad
  10.  permalink
    So where in the Xfinity Router setup do I make the changes?
    • CommentAuthormathdad
    • CommentTimeNov 6th 2012
     permalink
    Hello, maintenance:

    I fixed the typo, thank you. Here is what I got:

    nslookup -type=txt which.opendns.com. 208.67.222.222
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    which.opendns.com text =

    "I am not an OpenDNS resolver."



    What does it mean?
  11.  permalink
    It means you cannot use OpenDNS. Until you are given a properly working router.
    Thankful People: mathdad
  12.  permalink
    "So where in the Xfinity Router setup do I make the changes?"

    You wouldn't, not on that device.
    • CommentAuthormathdad
    • CommentTimeNov 6th 2012
     permalink
    maintenance:
    "It means you cannot use OpenDNS. Until you are given a properly working router."

    Thanks again, I am going to ask CC to replace my Arris TG862 router/EMTA for an Arris TM722 modem/EMTA (DOCSIS 3.0). Can you tell me what I should expect to see once the router is working?
  13.  permalink
    An answer that is not "I am not an OpenDNS resolver."
    Thankful People: mathdad
    • CommentAuthorweakham
    • CommentTimeNov 6th 2012
     permalink
    Please understand that the TM722 modem/EMTA has no imbedded Comcast provided router. It only has a 10/100/1000 ethernet connection into which you can plug your own router. You (most likely) must reset your TM722 after you plug in your router to get it to work with the TM722, because Comcast loads a modem configuration, if necessary, when the TM722 is reset. This will save you several hours of telephone calls to support to find someone who can figure out how to make your router work with the TM722!! Once your router is working, you can configure it with the OpenDNS addresses.
    Thankful People: mathdad
    • CommentAuthormathdad
    • CommentTimeNov 8th 2012
     permalink
    Hi, maintenance, weakham, I made it, OpenDNS is working at my home now! Thanks a lot for your help along the way!

    I have a TG862 at home, and I only have internet and phone service with Comcast as I believe TV should be free so I use antena to watch TV at home.


    When I called Comcast to exchange for TM722, I was told that, since I have phone service, they cannot take TG862 away. However, I was offered with a second cable modem without extra rental charge. I will still pay the same $7 rental fee to keep two CC devices at home. There is no information and no promise on what kind of cable modem that I would get. So I went to a local Comcast center to pick the modem. The guy seemed to know this business well and quickly issued me a cheap modem under my account. (Cisco DPC2100R2, Jan. 2009). He also updated the MAC address in the system. By the time I came home, internet at my home was down already since my TG862 had retired.

    I got a little trouble during the setup so I called Comcast. But I realized later that if I had followed Weakham's advice to reset the modem once, I would not have to wait in line for 10 minutes to get a Comcast tech support to tell me to do that.

    Once the modem was working, I attached my old D-link wireless router WBR-1310 to the modem, and configured the router to use OpenDNS service. Then OpenDNS started to work in my home!
    Thankful People: rotblitz, zelus
  14.  permalink
    Sweet!
    Thankful People: mathdad
    • CommentAuthorweakham
    • CommentTimeNov 8th 2012 edited
     permalink
    Mathdad - My Arris TM722G/CT modem from CC has the EMTA built in with two telephone ports! I had to go to a CC center (as opposed to just a store) to pick it up; else, pay a 'nominal' shipping charge (usually $10 in the past)! I also had sales call the center to verify availability before I went! Seems to me that either, CC didn't have the proper modem, or, the person didn't know what he/she was talking about! There are several models of the TM722. I pass this on for the sake of others who may read this discussion!
    Thankful People: mathdad
    • CommentAuthordpetrie
    • CommentTimeDec 18th 2012
     permalink
    I am a Comcast subscriber not by choice but by no other option. :P The other week they said they needed to upgrade my Arris TM602 in order to leverage their upgrade bandwidth. They shipped me a modem but it never came so my wife went by the Comcast store and they said, "They had shipped the wrong one" and gave her an Arris TG862. The TG862 is a router whereas the TM602 was just a bridge. After putting the TG862G in place my OpenDNS stopped working. The TG862G did not allow me to override the Comcast DNS settings that were propagated via DHCP. When I overrode the DNS settings on my computer to use OpenDNS servers it still did not work. It seems the TG862 hijacks or redirects the DNS calls to use Comcast servers or proxies regardless of your computer settings.

    The original modem finally arrived and was an Arris TG822 (bridge). I swapped out the TG862 with the TG822 and everything worked perfectly!

    So the moral of the story is that if Comcast sends you a TG862G you should call back and request a TG822 instead.

    nslookup from my computer with the TG862G = BAD :(

    nslookup -type=txt which.opendns.com. 208.67.220.220

    Server: 208.67.222.222
    Address: 208.67.222.222#53

    Non-authoritative answer:
    which.opendns.com text = "I am not an OpenDNS resolver."

    nslookup from my computer with the TG862G using port 443 = GOOD :)

    nslookup -port=443 -type=txt which.opendns.com. 208.67.220.220

    Server: 208.67.220.220
    Address: 208.67.220.220#443

    Non-authoritative answer:
    which.opendns.com text = "1.ash"
    • CommentAuthorbezantsoft
    • CommentTimeDec 28th 2012
     permalink
    I am *Not* a Comcast user, nor an Arris user of the aforementioned model.

    I am, however a TimeWarner Cable user with a fairly new Arris TM502G cable modem. I run a TomatoUSB variant firmware on my Linksys E3000 router. I am an OpenDNS paid member and OpenDNS has been first the DDNS entry in my setup for years.
    That all said, No Problems for me with OpenDNS on the Arris. If anyone has a problem with the TM502G, I'd be interested in swapping stories.

    /s/ Bezantsoft :wink:
    • CommentAuthortex
    • CommentTimeJan 17th 2013
     permalink
    I have an Arris TG852 with TW and just installed OpenDNS. It took me close the an hour to get to a real tech who entered the DNS' in just a few minutes. It works!!!

    In fact, it may work too good...now I can not access my web mail (webmail.tx.rr.com). Now I am waiting on OpenDNS for help.
  15.  permalink
    Don't block webmail then?
    http://domain.opendns.com/webmail.tx.rr.com
    Or add the domain to your white list.
    Thankful People: dominic.b
    • CommentAuthorafig23
    • CommentTimeMar 16th 2013
     permalink
    "Comcast is working hard to fix the defect in an updated firmware" Really? Because it has been almost a year.
    Thankful People: simbaha2
    • CommentAuthorpacketman
    • CommentTimeApr 3rd 2013
     permalink
    You need to be very clear with the scheduler (who sets up your appointment) and the installer that you will not accept the gateway. Insist on an eMTA (e.g. Arris TM722G/TM822G). Comcast will try to talk you out of it. I had them put a note in my file that the installer won't be allowed on the premises if s/he isn't bringing an eMTA. That's what it came to.
    Thankful People: simbaha2
    • CommentAuthordsa2591
    • CommentTimeMay 1st 2013
     permalink
    I really don't understand any of this. We just got a new router because we have a VOIP line now. I don't know if this will work with OpenDNS or not. I got a new computer and need to know what to do. Can someone walk me through this? dsa2591 g mail.