Drafted

Resolved.

Related issue:

When resolve KeenDNS domain (xxxxx.keenetic.pro) via Yandex DNS (77.88.8.8) or Quad9 DNS (9.9.9.9), 1-2 responses out of 10-20 may contain unexpected AAAA records pointing to hosts 2a01:4f8:271:5a5c:: and 2a01:4f9:3b:29a0::, which are not related to my device/provider. This leads to certificate validation errors, which I described in another post. As I wrote there, it started around the beginning of this year. My internet provider does not provide IPv6 addresses. IPv6 is disabled in KeeneticOS. KeenDNS IPv4 operating mode: direct, static external IP. KeenDNS IPv6 via cloud is disabled. Reproducible on 4 different instances, on latest firmware. All intances have *.keenetic.pro domain. When resolving via 1.1.1.1 and 8.8.8.8 I couldn't catch the problem. Probably due to Google/Cloudflare caching. In addition, once incorrect IPv4 records were detected (see second screenshot). Just to clarify, no router settings were changed during testing.

Since the beginning of the year, requests from Yandex Smart Home to the local Home Assistant via KeenDNS (Direct connection) have been experiencing issues. Some POST requests do not reach HA and are terminated at the router. I did not see any errors in the log/debug log in KeeneticOS. From Yandex side, the error is as follows: tls: failed to verify certificate: x509: certificate is valid for *.keenetic.pro, keenetic.pro, not ha.XXXXXX.keenetic.pro Bug occurrence frequency: 1-2 out of 10. Reproduced on 4 different instances, each on a different provider. KeeneticOS: 4.2.6.1 (latest)