Using Both Round-Robin Rotation
and Netmask Ordering
Windows DNS servers let you enable both round-robin rotation and netmask ordering
features. Often a host name such as www.microsoft.com has multiple IP addresses to
improve load balancing and performance. These IP addresses might be multiple paths to
a single server or point to geographically dispersed servers.
To load-balance DNS
requests, a DNS server uses
round-robin rotation to move
through a list of IP addresses,
effectively distributing traffic
evenly among different servers. With netmask ordering,
the DNS server attempts to
return the host IP address
that's physically closest to the
client. The DNS server does
this by looking at the first
few octets of an IP address,
assuming that a server with
an IP address similar to a client will most likely be physically closer to the client. By
default, the DNS server gives
priority to any host address
in the same class C network
as the client.
Although it might seem like round robin and netmask ordering wouldn't work together, as you can see in Figure A, Windows lets you use both
features at once. If you select both methods, Windows checks a host's list of IP addresses
to see whether an IP address on the list closely matches the client's IP address. If Windows
finds a match, it will give that IP address a higher priority for the round robin. The result is
that the DNS server performs a round-robin rotation of IP addresses, but the round robin
is biased toward returning the server that appears to be closest to the client.
Integrating DNS with Active Directory
When you install DNS on a Windows domain controller (DC), you have the option of storing your zone files in the Active Directory (AD) database rather than in simple text files.
You might wonder why you would choose to integrate a zone with AD.
In most cases, integrating DNS zones into AD provides many benefits, the primary one
being improved replication. In AD-integrated zones, AD securely automates replication
of DNS records among servers. AD replication is multimaster replication, meaning that
you can make a change on any DC and the change is automatically propagated across
the domain. For DNS zones that aren't integrated with AD, you must set up primary and
secondary DNS servers. Then when you make changes, you typically make them to the
primary server, which updates all secondary servers.