when debugging the DNS side of windows 2016.
It is seen that the zs32 asks for a specific DNS called: "dns-server-ping.test"
This zone does not exist in the Windows 2016 DNS.
You can see this in the attached txt file.
The solution is simple:
create a zone with the name "dns-server-ping.test" on each DNS server; Automatic update is not necessary.
Message logging key (for packets - other items use a subset of these fields):
Field # Information Values
------- ----------- ------
1 Date
2 Time
3 Thread ID
4 Context
5 Internal packet identifier
6 UDP/TCP indicator
7 Send/Receive indicator
8 Remote IP
9 Xid (hex)
10 Query/Response R = Response
blank = Query
11 Opcode Q = Standard Query
N = Notify
U = Update
? = Unknown
12 [ Flags (hex)
13 Flags (char codes) A = Authoritative Answer
T = Truncated Response
D = Recursion Desired
R = Recursion Available
14 ResponseCode ]
15 Question Type
16 Question Name
Query, before to create DNS ZONE "dns-server-ping.test"
1/28/2020 3:41:56 PM 20A0 PACKET 000001C689948560 UDP Rcv 10.35.116.13 8be5 Q [0000 NOERROR] SOA (15)dns-server-ping(4)test(0)
UDP question info at 000001C689948560
Socket = 748
Remote addr 10.35.116.13, port 36832
Time Query=345119, Queued=0, Expire=0
Buf length = 0x0fa0 (4000)
Msg length = 0x0026 (38)
Message:
XID 0x8be5
Flags 0x0000
QR 0 (QUESTION)
OPCODE 0 (QUERY)
AA 0
TC 0
RD 0
RA 0
Z 0
CD 0
AD 0
RCODE 0 (NOERROR)
QCOUNT 1
ACOUNT 0
NSCOUNT 0
ARCOUNT 0
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(15)dns-server-ping(4)test(0)"
QTYPE SOA (6)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
empty
1/28/2020 3:41:56 PM 20A0 PACKET 000001C689948560 UDP Snd 10.35.116.13 8be5 R Q [8280 R SERVFAIL] SOA (15)dns-server-ping(4)test(0)
UDP response info at 000001C689948560
Socket = 748
Remote addr 10.35.116.13, port 36832
Time Query=345119, Queued=0, Expire=0
Buf length = 0x0fa0 (4000)
Msg length = 0x0026 (38)
Message:
XID 0x8be5
Flags 0x8082
QR 1 (RESPONSE)
OPCODE 0 (QUERY)
AA 0
TC 0
RD 0
RA 1
Z 0
CD 0
AD 0
RCODE 2 (SERVFAIL)
QCOUNT 1
ACOUNT 0
NSCOUNT 0
ARCOUNT 0
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(15)dns-server-ping(4)test(0)"
QTYPE SOA (6)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
Empty
Query, after to create DNS ZONE "dns-server-ping.test"
1/28/2020 3:51:38 PM 1970 PACKET 000001C6A5E304B0 UDP Rcv 10.35.116.13 4614 Q [0000 NOERROR] SOA (15)dns-server-ping(4)test(0)
UDP question info at 000001C6A5E304B0
Socket = 748
Remote addr 10.35.116.13, port 33461
Time Query=345701, Queued=0, Expire=0
Buf length = 0x0fa0 (4000)
Msg length = 0x0026 (38)
Message:
XID 0x4614
Flags 0x0000
QR 0 (QUESTION)
OPCODE 0 (QUERY)
AA 0
TC 0
RD 0
RA 0
Z 0
CD 0
AD 0
RCODE 0 (NOERROR)
QCOUNT 1
ACOUNT 0
NSCOUNT 0
ARCOUNT 0
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(15)dns-server-ping(4)test(0)"
QTYPE SOA (6)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
empty
1/28/2020 3:51:38 PM 1970 PACKET 000001C6A5E304B0 UDP Snd 10.35.116.13 4614 R Q [8084 A R NOERROR] SOA (15)dns-server-ping(4)test(0)
UDP response info at 000001C6A5E304B0
Socket = 748
Remote addr 10.35.116.13, port 33461
Time Query=345701, Queued=0, Expire=0
Buf length = 0x0200 (512)
Msg length = 0x0078 (120)
Message:
XID 0x4614
Flags 0x8480
QR 1 (RESPONSE)
OPCODE 0 (QUERY)
AA 1
TC 0
RD 0
RA 1
Z 0
CD 0
AD 0
RCODE 0 (NOERROR)
QCOUNT 1
ACOUNT 1
NSCOUNT 0
ARCOUNT 1
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(15)dns-server-ping(4)test(0)"
QTYPE SOA (6)
QCLASS 1
ANSWER SECTION:
Offset = 0x0026, RR count = 0
Name "[C00C](15)dns-server-ping(4)test(0)"
TYPE SOA (6)
CLASS 1
TTL 3600
DLEN 54
DATA
PrimaryServer: (8)anhaltad(3)anh(3)gov(2)co(0)
Administrator: (10)hostmaster[C03B](3)anh(3)gov(2)co(0)
SerialNo = 3
Refresh = 900
Retry = 600
Expire = 86400
MinimumTTL = 3600
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
Offset = 0x0068, RR count = 0
Name "[C032](8)anhaltad(3)anh(3)gov(2)co(0)"
TYPE A (1)
CLASS 1
TTL 1200
DLEN 4
DATA 10.35.116.199