Failed network connectivity test

Issue

The network connectivity test fails the initial DNS check when the DNS provider does not respond to 'ANY' requests.

Environment

Datto ALTO
Datto SIRIS

Cause

The network connectivity test fails the initial DNS check when the DNS provider does not respond to 'ANY' requests." Failing the initial DNS check also causes cascading failures as many other checks won't run since they depend on DNS and thus fail by default.

IETF RFC-8482 allows DNS servers to choose whether or not to respond to requests of the type 'ANY'. The ANY request is non-performant so it is likely that more DNS providers will drop support for it in the future.

The lack of respone to an "ANY" request can cause all of the following network checks to fail:

DNS connectivity - Attempts to resolve device.dattobackup.com via hostname via the configured DNS server(s). If this test fails, all other tests after it will automatically fail.
Pinging Datto servers - Attempts to ping device.dattobackup.com to ensure a response is received.
Device hostname resolution - Attempts to resolve the local device’s own hostname via the configured DNS server(s).
Port 22 for $ipAddress - Uses nmap to check if TCP port 22 is open to the device’s configured off-site server.
SSH connectivity for $ipAddress - Uses speedsync to attempt a basic connection using the SSH protocol to the device’s configured off-site server.
Connectivity with port 22 - Uses nmap to check if TCP port 22 is open to test22.dattobackup.com
Connectivity with port 80 - Uses nmap to check if TCP port 80 is open to test80.dattobackup.com
Port 443 on test server - Uses nmap to check if TCP port 443 is open to test443.dattobackup.com
Port 443 on device server - Uses nmap to check if TCP port 443 is open to device.dattobackup.com
Port 443 on BMC server - Uses nmap to check if TCP port 443 is open to bmc.datto.com
Port 21 on speed test - Uses nmap to check if TCP port 21 is open to speedtest.dattobackup.com
Datto heartbeat 80 port - Uses nmap to check if TCP port 80 is open to heartbeat.dattobackup.com
Datto packages 443 port - Uses nmap to check if TCP port 443 is open to packages.dattobackup.com
DLOG 5044 port - Uses nmap to check if TCP port 5044 is open to dlog.dattobackup.com. This service is no longer used, so this check should always fail.
DLT 443 Port - Uses nmap to check if TCP port 443 is open to dlt-ubmirror.datto.com
NTP - Uses nmap to check if UDP port 123 is open to ntp.dattobackup.com

Resolution

Ensure the DNS provider the device is using still responds to 'ANY' requests.

Additional Resources

Providing Minimal-Sized Responses to DNS Queries That Have QTYPE=ANY (external link)

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the ideas forum!
	Provide feedback for the Documentation team.