The Enable Netmask Ordering option is selected by default. This default setting ensures that, in response to a request to resolve a single computer name matching multiple host (A) resource records, DNS servers in Windows Server 2003 first return to the client any IP address that is in the same subnet as the client.
Note Multihomed computers typically have registered multiple host (A) resource records for the same host name. When a client attempts to resolve the host name of a multihomed computer by contacting a DNS server, the DNS server returns to the client a response list or answer list containing all the resource records matching the client query. Upon receiving the response list from the DNS server, a DNS client attempts to contact the target host with the first IP address in the response list. If this attempt fails, the client then attempts to contact the second IP address, and so on. The Enable Netmask Ordering option and the Enable Round Robin option are both used to change the order of resource records returned in this response list.
Simple Example: Local Network Priority A multihomed computer, server1.lucerne-publishing.com, has three A resource records for each of its three IP addresses in the lucernepublishing.com zone. These three records appear in the following order in the zone, either in the zone file or in Active Directory:
serverl IN A 192.168.1.27 serverl IN A 10.0.0.14 serverl IN A 172.16.20.4
When a DNS client resolver at IP address 10.4.3.2 queries the server for the IP addresses of the host server1.lucernepublishing.com, the DNS Server service notes that the originating IP network address (10.0.0.0) of the client matches the network (class A) ID of the 10.0.0.14 address in the answer list of resource records. The DNS Server service then reorders the addresses in the response list, as follows:
server1 IN A 10.0.0.14 server1 IN A 192.168.1.27 server1 IN A 172.16.20.4
If the IP address of the requesting client has no local network match with any of the resource records in the answer list, the list is not prioritized in this manner.
Complex Example: Local Subnet Priority In a network that uses IP subnetting (nonde-fault subnet masks), a DNS server first returns any IP addresses that match both the client's network ID and subnet ID before returning any IP addresses that match only the client's network ID.
For example, a multihomed computer, server1.lucernepublishing.com, has four A resource records corresponding to each of its four IP addresses in the lucernepublishing .com zone. Two of these IP addresses are for distinct and separate networks. The other two IP addresses share a common IP network address, but because custom netmasks of 255.255.248.0 are used, the IP addresses are located in different subnets. These example resource records appear in the following order in the zone, either in the zone file or in Active Directory:
server1 IN A 192.168.1.27 server1 IN A 172.16.22.4 server1 IN A 10.0.0.14 server1 IN A 172.16.31.5
If the IP address of the requesting client is 172.16.22.8, both of the IP addresses that match the same IP network as the client, the 172.16.0.0 network, are returned at the top of the response list to the client. However, in this example, the 172.16.22.4 address is placed ahead of the 172.16.31.5 address because it matches the client IP address down through the 172.16.20.0 subnet address.
The reordered answer list returned by the DNS service follows:
server1 IN A 172.16.22.4 server1 IN A 172.16.31.5 server1 IN A 192.168.1.27 server1 IN A 10.0.0.14
To disable local subnet prioritization for multihomed names, complete the following steps:
1. Open the DNS console and select the applicable DNS server.
2. From the Action menu, select Properties.
3. In the server properties dialog box, click the Advanced tab.
4. In the Server Options list, clear the Enable Netmask Ordering check box, and then click OK.
Was this article helpful?