Fail On Load If Bad
Zone Data
By default, the Fail
On Load If Bad Zone Data option is disabled. As a result, a DNS server
running on Windows Server 2003 loads a zone even when it determines that
errors exist in the zone’s database file. Errors are logged, but the
zone load still proceeds. After the zone loads, the DNS server can
attempt to answer queries for the zone in question.
When you enable this
option, however, the DNS server does not load a zone when the server
determines that errors exist in the zone’s database file.
Enable Netmask
Ordering
The Enable
Netmask Ordering option is selected by default. This default setting
ensures that, in response to a request to resolve a single computer name
matching multiple host (A) resource records, DNS servers in Windows
Server 2003 first return to the client any IP address that is in the
same subnet as the client.
Note
Multihomed
computers typically have registered multiple host (A) resource records
for the same host name. When a client attempts to resolve the host name
of a multihomed computer by contacting a DNS server, the DNS server
returns to the client a response list
or answer list
containing all the resource records matching the client query. Upon
receiving the response list from the DNS server, a DNS client attempts
to contact the target host with the first IP address in the response
list. If this attempt fails, the client then attempts to contact the
second IP address, and so on. The Enable Netmask Ordering option and the
Enable Round Robin option are both used to change the order of resource
records returned in this response list. |
Simple Example:
Local Network Priority
A multihomed
computer, server1.lucernepublishing.com, has three A resource records
for each of its three IP addresses in the lucernepublishing.com zone.
These three records appear in the following order in the zone, either in
the zone file or in Active Directory:
server1 IN A 192.168.1.27
server1 IN A 10.0.0.14
server1 IN A 172.16.20.4
When a DNS
client resolver at IP address 10.4.3.2 queries the server for the IP
addresses of the host server1.lucernepublishing.com, the DNS Server
service notes that the originating IP network address (10.0.0.0) of the
client matches the network (class A) ID of the 10.0.0.14 address in the
answer list of resource records. The DNS Server service then reorders
the addresses in the response list, as follows:
server1 IN A 10.0.0.14
server1 IN A 192.168.1.27
server1 IN A 172.16.20.4
If the IP address of
the requesting client has no local network match with any of the
resource records in the answer list, the list is not prioritized in this
manner.
Complex Example:
Local Subnet Priority
In a network that uses
IP subnetting (nondefault subnet masks), a DNS server first returns any
IP addresses that match both the client’s network ID and subnet ID
before returning any IP addresses that match only the client’s network
ID.
For example, a multihomed
computer, server1.lucernepublishing.com, has four A resource records
corresponding to each of its four IP addresses in the
lucernepublishing.com zone. Two of these IP addresses are for distinct
and separate networks. The other two IP addresses share a common IP
network address, but because custom netmasks of 255.255.248.0 are used,
the IP addresses are located in different subnets. These example
resource records appear in the following order in the zone, either in
the zone file or in Active Directory:
server1 IN A 192.168.1.27
server1 IN A 172.16.22.4
server1 IN A 10.0.0.14
server1 IN A 172.16.31.5
If the IP address of the
requesting client is 172.16.22.8, both of the IP addresses that match
the same IP network as the client, the 172.16.0.0 network, are returned
at the top of the response list to the client. However, in this example,
the 172.16.22.4 address is placed ahead of the 172.16.31.5 address
because it matches the client IP address down through the 172.16.20.0
subnet address.
The reordered answer list
returned by the DNS service follows:
server1 IN A 172.16.22.4
server1 IN A 172.16.31.5
server1 IN A 192.168.1.27
server1 IN A 10.0.0.14
To disable
local subnet prioritization for multihomed names, complete the
following steps:
1. | Open the DNS console and select the applicable DNS
server.
|
2. | From the
Action menu, select Properties.
|
3. | In the
server properties dialog box, click the Advanced tab.
|
4. | In the
Server Options list, clear the Enable Netmask Ordering check box, and
then click OK.
|
Exam Tip
Netmask
ordering is often referred to as the LocalNetPriority setting on MCSE
exams. This name originates from the corresponding LocalNetPriority
option used with the Dnscmd command-line utility. |
Enable Round
Robin
The Enable Round Robin
option is selected by default. This setting ensures that, in response
to a request to resolve the name of a multihomed computer, DNS servers
in Windows Server 2003 rotate the order of matching A resource records
in the response list returned to subsequent clients. This feature
provides a simple way to balance the network load for frequently queried
multihomed computers among all the computer’s network adapters. This
feature is also commonly used to balance requests among multiple servers
that offer identical network services, such as an array of Web servers
providing content for a single Web site.
Note
Local subnet
priority supersedes the use of round robin rotation for multihomed
computers. When enabled, however, round robin is used as a secondary
method to sort multiple records returned in a response list. |
