Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,126 questions
PTR creation via delegated zone to alternative DNS server
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 71%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
Wes
0
Reputation points
I have a mixed Windows DNS environment, where all systems related to this question are on-site (NOT Azure hosted). OS versions involved range between Windows Server 2012R2 - Server 2019.
AD Integrated DNS servers (the DC's themselves) are a mix of 2012R2 and 2016
Non-AD Integrated DNS is on 2012R2 and 2019, which the 2019 servers also host an internal Root zone. The Internal Root Primary is one of the 2019 servers, the others (2012R2 & 2019) are secondaries of the primary 2019 server with the 2012R2 only hosting a small secondary set of all zones that exist on 2019, although the 2012R2 are "front end gate keepers" for all non-AD integrated DNS queries (they can delegate to AD or to other environments not involved to this question)
I should also note:
- that Root Hints have been deleted off all DNS servers
- The AD DNS has default forwarding (recursive enabled) to the Non-AD DNS 2012R2 servers.
- The Non-AD DNS 2012R2 servers forward all queries they cannot resolve (and where Conditional forwarder or other Delegations do not exist) to the internal Root 2019 servers with recursive enabled
- The Non-AD DNS 2019 internal Root Secondaries have forwarding to the Primary if the secondaries cannot resolve (also with recursive enabled)
- The Non-AD integrated DNS Servers ARE member of the same AD domain.
The question itself is in relation to PTR creation, as each environment (AD DNS, Root DNS, and others) currently have their own versions of reverse lookup zones, which I am looking to correct by restructuring everything, and by preference hosting most reverse lookup zones on the Root, with only delegated reverse zones from the root to other DNS environments as required (depending on VLAN/IP range allocations, etc)
Ive noted that if I attempt to create an A record in AD DNS with the PTR to be auto-created, eg PTR IP of 10.1.1.1 (which in AD DNS there is a hosted 10.in-addr.arpa zone with a sub-delegated zone of 1.1.10.in-addr.arpa to the Root Master directly and a respective primary hosted zone on the Root master), the A record is created successfully, but the PTR fails to be created.
Im suspecting that this is a known "by design" matter in Windows DNS where you cannot host the A record on one environment, and redirect the creation of the auto-created PTR to an alternative Windows DNS environment. Would this be correct?
Windows Server
Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
648 questions
{count} votes
-
KapilAnanth-MSFT 35,001 Reputation points Microsoft Employee2023-06-05T04:15:23.57+00:00 Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
From your statement, I can see you have AD DNS servers and Non AD DNS servers.
- By any chance, are you using Azure Private DNS Zones?
- Or just zones and records created inside servers hosted in Azure?
Cheers,
Kapil
-
Wes 0 Reputation points
2023-06-05T06:28:48.36+00:00 From your statement, I can see you have AD DNS servers and Non AD DNS servers. By any chance, are you using Azure Private DNS Zones? Or just zones and records created inside servers hosted in Azure?Kapil, in the context of the original post I am not currently looking at Azure DNS at all, although there are some Azure environments I will be reviewing in due course as part of the environment redesign. All systems in the original post are physical onsite servers, and that is where my current focus is.
Note - I only tagged in Azure DNS because it was the only available "DNS" tag I could locate at the time when searching for "DNS" tags.
-
KapilAnanth-MSFT 35,001 Reputation points Microsoft Employee
2023-06-05T06:36:58.01+00:00 Thanks for the update.
I have added the "Windows Network" tag, so the community experts on windows networking can add their comments.
Cheers,
Kapil
Sign in to comment