Wow, I am angry.

About a week ago, Comcast mail servers started bouncing our email again, with their servers reporting 554: no reverse DNS, and reporting our IP addresses as IPv6.

They’ve done this before, twice. Once for the whole world; once just for their servers. They start exposing us somehow as IPv6, and we have no reverse DNS or even any static IPv6 addresses, so of course there’s no reverse DNS entries. That’s why we have IPv4 addresses; for exactly this. So we can deliver mail.

I’ve been calling and getting callbacks and being tossed around to different departments (all of which say this is not their job) and having the ticket silently closed since June 2nd. This is day six of this.

Comcast Tier 2 just called me back, and told me it’s not their fault, and they didn’t do anything, and it’s our network that’s broken and that our Cisco router is allocating IPv6 addresses. And somehow our mail server, which does not run DHCP and which I personally set up as IPv4, is picking that up, apparently only when talking with Comcast mail servers.

Except WE DO NOT EVEN OWN A FUCKING CISCO ROUTER. They repeatedly insisted that we did. We do not. I know what’s on our network. I know what I’ve bought. We do not have a CISCO router. We have never had a CISCO router. He insisted he could see one nonetheless.

And they will not do anything.

They’re insisting it’s our fault and they’ve never done anything like this before, and they have no records of anything like this happening before, even though they have done this and fixed it twice before, on their end both times. This guy claims to have no record of that, despite the fact that a previous tech claimed to have found a record of it.

They also simultaneously insisted that we were self-generating IPv6 addresses and using them (but apparently only when talking to their servers? Sure, that makes sense) and that our gateway is set up not to pass IPv6 traffic, even though their servers are seeing us as IPv6.

And he refused to do anything, and refused to let me talk to anyone else.

I guess we need to find a new upstream IP provider, because I have no idea what to do next.

Also, I was pretty pissed off that despite the fact that I’ve been the one doing all this calling (since always) that I clearly had somebody who comes in and “does our networking work for [us]” and I needed to talk to them. No, fuck you. I’ve implemented more mail protocols than you’ve used, you shithead.

Jesus fucking christ.

Any suggestions? I’m out of ideas. Well, other than seeing if I can screw with something on their modem to break whatever tunnelling they’re doing, if that’s what they’re doing. That might help.

eta: I’ve confirmed they’re wrong about our gateway not passing IPv6, we can move IPv6 pings, so I can at least try to make that go. Or more accurately, not go.

eta2: Talking with Joi, a friend who does IP work. (Note: SHE IS NOT A COMCAST EMPLOYEE.) Comcast recently made some internal changes to pass IPv6 around better internally. (I was actually talking about this indirectly with a Tier 1 support tech earlier today, which more or less confirms that what she’s heard has truth behind it.) But it still stops at their network boundary. We’re thinking that enabled some selfhost IPv6 functionality.

eta3: Yeah, okay, traceroute/traceroute6 games confirm it, and, incidentally, explains some of the weird geoIP results I’ve been seeing recently.

eta4: Hey, lookie thar, they did! They also may have moved the IPv6 boundary. That part must’ve been about a week ago. Might’ve been nice if ANYONE I TALKED TO HAD THOUGHT OF MENTIONING THAT. We could’ve fixed this in 15 minutes. But no, I had to get handed off a lot and sneered at instead.

eta5: Okay, so, best we can tell, at some point in the recent past, Comcast made internal IPv6 changes that silently enabled IPv6 traffic on the modem (despite this guy saying our modem wasn’t passing IPv6 even as it was, which was obviously bullshit) and caused the Debian kernel to activate the IPv6 side of traffic.

But that didn’t actually have any noticeable effect, because we weren’t delivering mail to anyone that way. Which means at that point in time, IPv6 routing stopped before reaching internal comcast.net mail servers. And sometime about a week ago, they must’ve moved their internal IPv6 routing boundary (which is what said Tier 1 tech was talking about, I think), which caused us to start seeing their mail servers with IPv6 traffic. And since we’re coming at them as a customer, they prefer IPv6, which made us silently start talking in IPv6.

But since that boundary is and was still internal to their internal WAN, nobody else was seeing us as IPv6, but were instead seeing us as IPv4, as they should’ve been.

This, we can do something about on our end. I don’t mind making changes if I know there’s a reason to do so. I don’t hate IPv6. But I do hate being told that they didn’t do anything (untrue), that it’s all our fault (untrue), that we made changes that we didn’t (untrue), that we own equipment we don’t have (untrue), and that I clearly do not know what I’m talking about.

Comcast Business, I am very unhappy. This should’ve been a 20-minute support call, tops. Instead, we have this. Wow, I hate monopolies.

eta6: Moved up from comments: We’re pretty sure the “CISCO router” he insisted we have as our own personal equipment and somehow do not know we have is, in fact, the router built into the linksys modem that is their equipment.

I suggested that to him when he kept insisting “your CISCO router is handing off IPv6 traffic,” but he blew that off and said no, that’s impossible, it had to be equipment of ours. But we’re pretty sure he’s wrong and that’s what he was seeing.

eta7: Just for the record, Comcast’s twitter account support got ahold of us, apologised, and threw us a month of internet uplink credit. That’s good of them, and I appreciate being partially comped for my time and inconvenience. Apparently ComcastCares is the SMERSH of Comcast Technical Support’s world. (They solve problems, via elimination. And store credit. Whichever seems best at the time.) But really, that kind of department – the kind that finds angry people on social media and then steps in – might be better off working to prevent this sort of thing to start.