Netmask Ordering in plain terms

Question

Hi,

Can somebody explain Netmask Ordering in plain terms? I'd need an example of this. There are some articles on this topic, but they are muddy:

https://support.microsoft.com/en-us/help/842197/description-of-the-netmask-ordering-feature-and-the-round-robin-featur#:~:text=The%20netmask%20ordering%20feature%20is,local%20resources%20to%20the%20client.&text=You%20have%20eight%20type%20A,records%20has%20a%20separate%20address.

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/how-netmask-ordering-feature-in-dns-affects-the-resultant/ba-p/256038

Answer 1

Hi,

In regards to your issue, here're my suggestions:

Netmask Ordering refers to Subnet Prioritization in DNS. It means giving preference to IP addresses on the same network when a client query resolves to a host name that is mapped to more than one IP address.

A multihomed computer, multihomed.example.microsoft.com, has three A RRs for its three separate host IP addresses in the example.microsoft.com zone. A separate A RR is used for each of the host’s addresses, which appear in this order in the zone:
multihomed IN A 192.168.1.27
multihomed IN A 10.0.0.14
multihomed IN A 172.16.20.4

If a DNS client resolver at IP address 10.4.3.2 queries the server for the IP addresses of host multihomed.example.microsoft.com, the DNS Server service notes that the originating IP network address (10.0.0.0) of the client matches the network (class A) portion of the 10.0.0.4 address in the answer list of RRs. The DNS Server service then reorders the addresses in the response as follows:
multihomed IN A 10.0.0.14
multihomed IN A 192.168.1.27
multihomed IN A 172.16.20.4

-------If my answer is helpful to you, please remember to mark them as answer. Thank you!------

Regards
Gloria

Answer 2

@Gloria Gu Thank you. What if all are in 10.0.0.0 subnet? 10.0.0.15, 20, 99, 3?

Answer 3

Hi,

Complex example: Local subnet prioritizing

For example, a multihomed computer, multihomed.example.microsoft.com, has four A RRs for four separate host IP addresses in the example.microsoft.com zone.

Two of these IP addresses are for nonlocal networks. The other two IP addresses share a common IP network address but, because IP subnetting is used, represent different physical subnetted network connections based on their custom (nondefault) subnet mask value of 255.255.248.0. These example RRs appear in the following order in the zone:
multihomed IN A 192.168.1.27
multihomed IN A 172.16.22.4
multihomed IN A 10.0.0.14
multihomed IN A 172.16.31.5

If the IP address of the requesting client is 172.16.22.8, both of the IP addresses that match the same IP network as the client, the 172.16.0.0 network, are returned at the top of the answer list to the client. However, in this example, the 172.16.22.4 address is placed ahead of the 172.16.31.5 address because it matches the client IP address down through the 172.16.20.0 subnet address.
The reordered answer list returned by the DNS Server service would be:
multihomed IN A 172.16.22.4
multihomed IN A 172.16.31.5
multihomed IN A 192.168.1.27
multihomed IN A 10.0.0.14

-------If my answer is helpful to you, please remember to mark them as answer. Thank you!------

Regards
Gloria