We have timeouts on challenges for new or certificate renewals since a week.
After more investigation, it seems that we have a lot of packet loss over our cogent ipv6 adresses (for example with a mtr to 2600:3000:2710:200::1d)
We have no packet loss with this cogent network to another ipv6 network.
Once we remove the AAAA entry in the DNS, we don’t have timeouts anymore. But that’s not a solution, as we need ipv6 for other things.
Are you aware about a possible peering problem between letsencrypt’s ipv6 network and cogent’s ipv6 ? We also opened a ticket about this problem at Cogent.
Thanks for your help