Adding Conditional Forwarder through GUI fails

Question

Adding Conditional Forwarder through GUI fails

Marcus Büttemeyer 391

I've migrated some IPv6 reverse lookup zones from my Server 2019 DNS and try to replace them with conditional forwarders, pointing to the new server (Bind9/Debian10 if that matters).
Using DNS Manager I create a new conditional forwarder for the ...ip6.arpa domain and enter the new server's FQDN. DNS Manager does some validating and says for IPv6 "No IPv6 address was found for the DNS name entered" and for the resolved IPv4 address just "Validating...". If I enter the IPv4/6 addresses it says "An unknown error occurred while validating the server".
I checked everything, using nslookup on the 2019 DNS server. DNS seems to work as it should, so I finally resorted to PowerShell and that works.

But I'm still a little bit concerned: DNS is pretty important, so if there are any issues in my system I'd like to fix them. So what exactly is DNS Manager validating?

Marcus Büttemeyer 391 Reputation points

2021-07-29T12:12:38.953+00:00

Update: Further debugging reveals that it seems to be a bug in the GUI and also present in Server 2022 Insider Preview.
DNS Manager doesn't seem to like IPv6 since it sets the query type to "SOA" but the name to "<Root>" instead of the ...IP6.ARPA domain. And the other server replies, understandably, with a "Refused" message. A manual nslookup returns the SOA RR.
So I'm confident, that my system works fine, but Microsoft seems to be on the way of depreciating the GUI :-)
Anonymous

2021-07-30T01:34:26.827+00:00

Thanks for your efforts you have put into this case and I believe partners who may visit this thread in the future will benefit from your sharing.

The following article talking about how to submit feedback to Microsoft, you can have a look:

https://support.microsoft.com/en-us/topic/uservoice-pages-430e1a78-e016-472a-a10f-dc2a3df3450a
Marcus Büttemeyer 391 Reputation points

2021-08-04T19:45:24.07+00:00

@Anonymous Seriously, Tech Community? I tried it just now and it's a Website where "Preview" doesn't work and you get a "Like" with 0 views?

Accepted answer

0 additional answers

Your answer

Marcus Büttemeyer 391 Reputation points

2021-07-29T12:12:38.953+00:00

Update: Further debugging reveals that it seems to be a bug in the GUI and also present in Server 2022 Insider Preview.
DNS Manager doesn't seem to like IPv6 since it sets the query type to "SOA" but the name to "<Root>" instead of the ...IP6.ARPA domain. And the other server replies, understandably, with a "Refused" message. A manual nslookup returns the SOA RR.
So I'm confident, that my system works fine, but Microsoft seems to be on the way of depreciating the GUI :-)
Anonymous

2021-07-30T01:34:26.827+00:00

Thanks for your efforts you have put into this case and I believe partners who may visit this thread in the future will benefit from your sharing.

The following article talking about how to submit feedback to Microsoft, you can have a look:

https://support.microsoft.com/en-us/topic/uservoice-pages-430e1a78-e016-472a-a10f-dc2a3df3450a
Marcus Büttemeyer 391 Reputation points

2021-08-04T19:45:24.07+00:00

@Anonymous Seriously, Tech Community? I tried it just now and it's a Website where "Preview" doesn't work and you get a "Like" with 0 views?

Answer 1

Hi ,

Using DNS Manager I create a new conditional forwarder for the ...ip6.arpa domain If I enter the IPv4/6 addresses it says "An unknown error occurred while validating the server".

If NSlookup works fine, the result of validation should not affect forward function. When DNS server forwards query to the remote DNS server, it refer to the IP address of the remote server.

You can try to trace network traffic when you are adding conditional forwarder through GUI and adding conditional forwarder via PowerShell. Compare the network packets, when you add a forwarder, the server will query for the PTR record, then send SOA query to the remote server. If the remote server receives the packet, it will send back “response-success” packet.

If there is no problem with network packet, I would suggest you ignore the validation error in DNS manager.

In addition, please understand, analysis of network traffic is beyond our forum support level and due to forum security policy, we have no such channel to collect user log information. If you want to find the root cause and get a more satisfying explanation to this issue, I would suggest you open a case with MS Professional tech support service, they will help you open a phone or email case to Microsoft, so that you would get a technical support on a one-to-one basis while ensuring private information.

Here is the link:

https://support.microsoft.com/en-us/gp/customer-service-phone-numbers

Best Regards,
Candy

--------------------------------------------------------------

If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Share via

Adding Conditional Forwarder through GUI fails

0 additional answers

Your answer