Using Both Round-Robin Rotation
and Netmask Ordering
Windows DNS servers let you enable both round-robin rotation and netmask ordering features. Often a host name such as www.microsoft.com has multiple IP addresses to improve load balancing and performance. These IP addresses might be multiple paths to a single server or point to geographically dispersed servers.
To load-balance DNS requests, a DNS server uses round-robin rotation to move through a list of IP addresses, effectively distributing traffic evenly among different servers. With netmask ordering, the DNS server attempts to return the host IP address that's physically closest to the client. The DNS server does this by looking at the first few octets of an IP address, assuming that a server with an IP address similar to a client will most likely be physically closer to the client. By default, the DNS server gives priority to any host address in the same class C network as the client.
Although it might seem like round robin and netmask ordering wouldn't work together, as you can see in Figure A, Windows lets you use both features at once. If you select both methods, Windows checks a host's list of IP addresses to see whether an IP address on the list closely matches the client's IP address. If Windows finds a match, it will give that IP address a higher priority for the round robin. The result is that the DNS server performs a round-robin rotation of IP addresses, but the round robin is biased toward returning the server that appears to be closest to the client.
Integrating DNS with Active Directory
When you install DNS on a Windows domain controller (DC), you have the option of storing your zone files in the Active Directory (AD) database rather than in simple text files. You might wonder why you would choose to integrate a zone with AD.
In most cases, integrating DNS zones into AD provides many benefits, the primary one being improved replication. In AD-integrated zones, AD securely automates replication of DNS records among servers. AD replication is multimaster replication, meaning that you can make a change on any DC and the change is automatically propagated across the domain. For DNS zones that aren't integrated with AD, you must set up primary and secondary DNS servers. Then when you make changes, you typically make them to the primary server, which updates all secondary servers.