I may not have a real problem, but need some validation.
In a test environment, I'm trying to set up a forest to forest trust between a 2008 R2 forest and a 2003 SP2 forest. The 2008R2 forest is abc.local, and the 2003 forest is def.local. Both sites are connected via a VPN with the Windows firewall disabled on both ends. From both sides, I can ping the respective DNS servers by IP address.
On the 2003 DNS server/ DC, I can cleanly create a conditonal forwarder to the 2008R2 forest. Specifically, in the Forwarders tab of the 2003 DC, I typed abc.local and gave it an address of 192.168.33.22. From the 2003 box, I can now ping the domain and all of the server names inside abc.local.
On the 2008 box, under the Conditional Forwarders folder, I can add the IP address of the def.local server, but only its NETBIOS name (i.e., 2003SERVER1). Unlike 2003, I can't add the FQDN or the domain name.
When I click GO, it creates the object under conditonal forwarders and assigns the correct domain name. I can now ping def.local and the server names in def.local from the abc.local domain.
So two questions:
1. Is this the proper configuration for the 2008 server?
2. How did Windows figure out that the 2003SERVER1 was authoritative for the def.local domain?