When resolve KeenDNS domain (xxxxx.keenetic.pro) via Yandex DNS (77.88.8.8) or Quad9 DNS (9.9.9.9), 1-2 responses out of 10-20 may contain unexpected AAAA records pointing to hosts 2a01:4f8:271:5a5c:: and 2a01:4f9:3b:29a0::, which are not related to my device/provider. This leads to certificate validation errors, which I described in another post. As I wrote there, it started around the beginning of this year.
My internet provider does not provide IPv6 addresses.
IPv6 is disabled in KeeneticOS.
KeenDNS IPv4 operating mode: direct, static external IP.
KeenDNS IPv6 via cloud is disabled.
Reproducible on 4 different instances, on latest firmware. All intances have *.keenetic.pro domain.
When resolving via 1.1.1.1 and 8.8.8.8 I couldn't catch the problem. Probably due to Google/Cloudflare caching.
In addition, once incorrect IPv4 records were detected (see second screenshot). Just to clarify, no router settings were changed during testing.