• Deleting NAT Rules for EdgeGateway job fails with error:
  
  Cannot delete system NAT rule <UUID> on edge gateway <gatewayName>
  
  
• the DNS Forwarder service is enabled on tenant Edge Gateway in VMware Cloud Director

VMware Cloud Director 10.6

When configuring a Forwarder Zone on a tenant Edge through the VCD UI, two System NAT rules are automatically created.

System NAT rules cannot be deleted through the UI or API — this is expected behavior.
Once the Forwarder Zone is deleted, the corresponding System NAT rules will automatically be removed.

Configure a DNS Forwarder Service on an NSX Edge Gateway in the VMware Cloud Director Service Provider Admin Portal

Add an NSX DNS Forwarder Service