Skip to main content

User Manual

Internal service traffic

Keenetic routers generate service traffic during their work. The network traffic occurs periodically or constantly in the background, initiated by the router itself. This is traffic from internal system processes, services, and applications that are automatically enabled on the router, not initiated by the user.

With the default settings, the sources of service traffic from the router can be:

  • Authentication and licensing service;

  • Diagnostic module;

  • Automatic update function;

  • Cloud-based remote control and KeenDNS;

  • The 'Keenetic mobile application' module;

  • The mechanism for Internet connection status monitoring (Internet Checker);

  • The adjustable mechanism for network connection status checking (Ping Check). It turns on automatically only when a USB modem is connected;

  • Time synchronization protocol.

All service traffic, except for the Keenetic mobile application module traffic, is directed to the servers allocated in the *.keenetic.net domain. However, the destination IP addresses of the service traffic might resolve to domain names in the *.knt9.xyz domain. The Keenetic mobile application module contacts the servers in the *.keenetic.cloud domain.

Below is a table showing the service traffic used by different Keenetic router services. The figures are for the 24/7 operation of the router on default settings. Below the table, you will find a brief description of the services, from which you may learn what they are used for, how they work, and how to turn some of them off to reduce the amount of service traffic.

Traffic source

Is it enabled by default?

Can it be turned onand off?

Traffic volume per day/month

Authentication and Licensing Service

Yes

No

Up to 10 KB / up to 300 KB

Diagnostic module

No

Yes

Up to 3 KB / up to 100 KB

Automatic update function

No

Yes

Firmware size depends on the model and component set (6 to 12 MB on average)

Cloud-based remote control and KeenDNS

Yes

Yes

794 KB / 24 MB

The 'Keenetic mobile application' module

No

Yes

about 40 MB (if the mobile device is added to the cloud)

The mechanism for Internet connection status monitoring (Internet Checker)

Yes

Yes

3.3 MB / 100 MB

The adjustable mechanism for network connection status checking (Ping Check)

No;

automatically activated only when a USB modem is connected to the router

Yes

5.5 MB / 170 MB (in 'Automatic' mode with TCP verification);

1.62 MB / 50.22 MB (with ICMP verification)

Time synchronization protocol

Yes

Yes

400 bytes / 1.6 KB

  1. Authentication and licensing service (always on, cannot be turned off).

    When Keenetic connects to the Internet, the unique service code of the device, KeeneticOS version, selected update channel and the IP address are transmitted. The information is sent to the server via the secure HTTPS protocol within a minute after turning on the router, when the WAN IP address is changed, and once per day when there is no IP address change. One request is up to 10 KB.

    This information is used to:

    • authenticate your device to receive updates and access Keenetic services;

    • determine the warranty period by the date of the first connection to the Internet;

    • automatically obtain an SSL certificate, validated by Let's Encrypt Authority, from the keenetic.io domain for secure access to the web interface of your device. The amount of traffic when receiving a certificate is approximately 180 KB. The certificate automatically renews every three months;

    • regularly transmit the device IP address for KeenDNS service operation;

    • regularly transmit the KeeneticOS version and update channel for automatic update service operation and user notification in the device web interface.

  2. Diagnostic module (disabled by default, can be enabled).

    The diagnostics module generates reports on errors and critical system failures and sends them to the server via HTTPS secure protocol as they accumulate. Each report is no larger than 10 KB. The report can include information about system resource usage, protocols and Internet connection types, and USB device identifiers.

    These reports allow our technical support team to diagnose problems more accurately when users contact our technical support and allow developers to continuously analyze and improve the stability of Keenetic devices and services.

    If you want to share this info, you can enable the report sending function in the web interface, on the 'General system settings' page, under 'Product improvement program'.

    internal-service-traffic-01-en.png
  3. Automatic update function (is disabled by default, can be enabled).

    The function sends a request to the server via a secure HTTPS protocol to build the operating system in the required configuration for the device, then receives the resulting file and updates it in the device memory with the subsequent reboot. The frequency of official releases is about 6-10 times a year. The amount of traffic depends on the number of operating system components. On average, when using the recommended set, the download size ranges from 6 MB (for entry-level models) to 19 MB (for advanced models).

    You can disable the automatic update function in the web interface, on the 'General system settings' page, under 'Updates and component options'. In this case, the device will not perform the update without your participation.

    internal-service-traffic-02-en.png
  4. Cloud-based remote control and KeenDNS (enabled by default, can be disabled).

    The agent is needed to remotely access the Keenetic router via the KeenDNS domain name service and when using the Keenetic RMM cloud service.

    The agent uses the UDP keep-alive mechanism to check and maintain a constant connection between the router and the server. The polling occurs every 17 seconds. UDP/9 requests of 160 bytes each are used — that's 794 KB per day or 24 MB per month. Once the router is turned on, a request to check servers on port UDP/4044 is used.

    If you are not using the KeenDNS domain name on your router, disable the service to reduce service traffic. Remove the agent component from the device's operating system. You can do this on the 'General system settings' page, under 'Updates and component options' by clicking 'Component options'.

    internal-service-traffic-03-en.png

    Please note that the 'Keenetic mobile application', 'SSTP VPN Server', and 'WebDAV Server' components depend on 'Cloud-based remote control and KeenDNS'. To uninstall the agent, you will also have to uninstall these dependent components too.

  5. The 'Keenetic mobile application' module (disabled by default, can be enabled).

    The module provides remote access to the device from the Keenetic mobile application. Every 30 seconds, it reports to the cloud controller on the Keenetic Cloud servers. The module only starts sending data when there's a device added to your account. Data sent consists of system events (Internet connection change, router restart, etc.) and telemetry on traffic, CPU and memory load. The data is transmitted in encrypted form using the AES and Curve25519 technologies and is stored in compliance with the legislation on protecting personal data. Daily traffic is about 40 MB when added to the cloud service.

    If you are not using remote access to the router via the mobile app, disable the Keenetic Cloud service to reduce service traffic. You can do this in the web interface, on the 'General system settings' page, under 'Keenetic Cloud service for mobile applications'.

    internal-service-traffic-04-en.png

    To completely disable the Keenetic Cloud service, remove the 'Keenetic mobile application' component from your device's operating system. You can do this on the 'General system settings' page, under 'Updates and component options', by clicking 'Component options'.

    internal-service-traffic-05-en.png
  6. Internet connection status monitoring (Internet Checker) (enabled by default, can be disabled).

    The 'Internet Checker' module provides the system mechanism for checking the availability of the Internet. Its uses include the control of the globus.png LED indication on the device body (lit — Internet connection established, off — no connection to the Internet).

    No data is transferred, with requests made every 15 seconds via the DNS/53 + TCP/80 connection. One request is 580 bytes, about 3.3 MB per day or 100 MB monthly.

    The module also requests the server every 40 seconds using TCP/80 and once every 10 minutes using DNS/53, with no data transfer. One request is 500 bytes, which is approximately 735 Kbytes per day or 22 Mbytes per month.

    You can disable Internet Checker via the command-line interface (CLI) of your Keenetic.

    To disable it, run the following commands:

    no service internet-checker
    system configuration save

    After disconnecting, the Internet connection will be checked by ARP polling the default gateway (local traffic will be used).

  7. Network connection status checking (Ping Check) (disabled by default, turns on automatically only when a USB modem is connected; otherwise, it is turned on by the user).

    Ping Check can be used to help ensure connection redundancy and features automatic power control of USB modems. Module operation is entirely configurable via its parameters: the checking type (ICMP requests or TCP port check), the interval between checks, and the number of failed checks.

    When using the default Automatic check mode, the module polls the server with the 'Check interval' (time in seconds between checks) of 10 seconds. The default value of the 'Trigger threshold' (number of unsuccessful checks) is 5. The module establishes DNS/53 + TCP/443 connection without transferring data. One request is 650 bytes, which is 5.5 MB per day or 170 MB monthly.

    You can disable Ping Check via the web interface on the connection type page ('4G/3G modem', 'Wired', 'Wireless ISP', 'DSL connection') on which it is enabled. Under 'Check the availability of the Internet (Ping Check)', set the 'Mode' field to 'Disabled'.

    internal-service-traffic-06-en.png

    If you want to leave Ping Check enabled, you can use ICMP Internet Availability Check to reduce service traffic. ICMP requests will be less in traffic volume: one request will be 200 bytes, which is 1.62 MB per day or 50.22 MB per month.

    internal-service-traffic-07-en.png

    For more information, see the Ping Check fine-tuning manual.

  8. NTP time synchronization (enabled by default, you can disable or change the preset interval).

    The service automatically sets the time in the router. The 'Set time automatically' option is enabled by default. By default, the device attempts to synchronize with the Keenetic server immediately after powering on and sends a request every 10 seconds until it successfully synchronizes. The request takes place over the NTP protocol. DNS/53 + NTP (UDP/123) are used. The amount of traffic used for time synchronization is 400 bytes.

    After the clock is synchronized, the time is counted by the internal counter, and the next synchronization will be done in 7 days. The time synchronization service uses only 1.56 KB per month.

    We do not recommend that you disable this service. If necessary, you can increase the synchronization interval to 28 days. To do this, in the Keenetic command-line interface (CLI), run the following commands:

    ntp sync-period 40320
    system configuration save
  9. Summary

    The Keenetic router uses service traffic for its internal system services. It automatically transmits information about your device over the Internet only for technical support and warranty service and accesses the servers of our online services. We do not collect information about websites you visit, search engine queries or any other personal information in full compliance with the Personal Information Protection Act.

    The router itself cannot block access to Keenetic cloud servers and core system services unless you disable them as described above. These connections are necessary for stable, secure operation of the router and reliable assessment of its performance by the cloud services. The operation of these services does not architecturally imply any permanently open ports and backdoors that intruders can use. Connections are established in short secure sessions, and no outside scanners will see open ports or vulnerabilities.

    The bulk of service traffic is used by Internet availability and network connectivity checking mechanisms (Internet Checker and Ping Check) and cloud service agents. We remind you that Ping Check is automatically activated only when a USB modem is connected. Keep it in mind if you use the Internet tariff with a small amount of provided traffic, which has to be saved.

    If you notice excessive Internet traffic consumption, the first thing to look at is user traffic. Today's operating systems and applications actively use various online services and can generate a significant amount of traffic from devices connected to your Keenetic router in the background. You can get detailed information about the traffic consumption of your connected devices over the past 24 hours from the device's Host traffic monitor.