none
DNS Subnet Prioritization does not work on Windows 10. RRS feed

  • Question

  • Our DNS servers use subnet prioritization and return IPv4 addresses in the order of the best matching subnet. This works fine on our Win7 / Win8.1 clients. Some of our Win 10 clients use the last returned IP, not the first. Is there any change in win 10 on how clients use subnet prioritazion?
    Monday, October 19, 2015 10:11 AM

All replies

  • Hi TerjeD,

    I noticed that you described that some of Windows 10 clients not all had this issue. And I checked you have encountered this issue before in the Preview edition. How did you resolve it last time?

    Please check if you disable the subnet prioritization feature on your clients:

    1. Open the Registry Editor.

    2. Located to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services \DnsCache\Parameters

    Check if there is an entry named PrioritizeRecordData with value 0.

    Meanwhile, make sure these abnormal Windows 10 computers apply the latest group policy and compare their DNS configuration with other Windows 10 computer that works fine.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Tuesday, October 20, 2015 8:25 AM
    Moderator
  • Hi,

    We have encountered this problem on some Windows 10 clients. Sometimes on preview builds, and sometimes on official release. The solution to he problem have been upgrade to new build, or reinstallation.

    We have checked the Registry key and is does not exist on any of the clients. Have also tried to create it and set the value to 1, with no change in behavior.

    An other strange thing, is that the computer use the right IP on the first 5 to 10 seconds after the network are connected. Then it switch to the other IP.

    Friday, October 23, 2015 9:16 AM
  • Hi,

    Did you mean upgrade to new build or reinstall Windows 10 could resolve this issue?

    Have you force apply the latest group policy to these Windows 10 client. What's difference between normal Windows 10 and these problematic Windows 10 DNS configure and that registry?


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Tuesday, October 27, 2015 8:50 AM
    Moderator
  • Hi, we have the exact same issue on Windows 10 clients. We have a couple of multi-homed servers. DNS subnet prioritization works like it should on other clients like Win7/Win8, but Windows 10 always picks the second IP-address in the list..

    I tried the following:

    Local group policy settings:
    - Multi Homed on/off
    - Prefer link local address on/off
    - Clever ordering of protocols on/off

    The following register settings:
    OverrideDefaultAddressSelection  (0/1)
    DisableSmartNameResolution (0/1)
    DisableParallelAandAAAA (0/1)
    PrioritizeRecordData (0/1)

    What's also the same; in our case resolving works like it should briefly after the connection is established. The next ping it "picks" the wrong IP.

    If I add the name+ip-address to the local hosts file, everything works like it should. I can ping the server at the right name / IP address.

    Next thing I could try is to reinstall Windows 10 with an v1511 ISO, maybe that helps.

    Hope someone finds a solution.


    • Edited by EGCSGLWD Tuesday, January 26, 2016 1:28 PM
    Tuesday, January 26, 2016 1:27 PM
  • I reinstalled my system with Windows 10 v1511. It worked for about a week, but unfortunately the problem has returned. For now I have edited my hosts file to be able to reach our DNS servers at their correct IP Address.
    • Edited by EGCSGLWD Wednesday, February 10, 2016 1:34 PM
    Wednesday, February 10, 2016 1:33 PM
  • Hi Karen, tested on 5 problematic computers; none of them had PrioritizeRecordData set up.
    Tuesday, April 12, 2016 3:05 PM
  • Hi, on some of our problematic W10 computers helped the "NETSH winsock reset catalog" command. The other have got HOSTS file changed as we do not have yet any useful solution.. All the W7/8 machines follow what the DNS prioritized answer says..

    There are also other links related to this issue, at least:

    https://social.technet.microsoft.com/Forums/exchange/en-US/f8d353ea-5a56-4512-ab2e-837442c389b7/windows-10-subnet-prioritization-netmask-ordering-not-working?forum=winserver8gen

    http://serverfault.com/questions/752248/windows-10-name-resolution-skipping-ignoring-subnet

    Tuesday, April 12, 2016 3:23 PM
  • We have got machines on ver. 10586.164 where only the HOSTS file "solution" helps... On 10586.218 it looks like been solved by "NETSH winsock reset catalog"
    Friday, April 15, 2016 12:21 PM
  • working fine here on 10.0.10586

    C:\Windows\system32>nslookup hyperv1.domain.local
    Server:  dc1.domain.local
    Address:  10.0.0.11

    Name:    hyperv1.domain.local
    Addresses:  10.0.1.11
              10.0.0.1

    C:\Windows\system32>ping hyperv1.domain.local

    Pinging hyperv1.domain.local [10.0.1.11] with 32 bytes of data:
    Reply from 10.0.1.11: bytes=32 time<1ms TTL=128
    Reply from 10.0.1.11: bytes=32 time<1ms TTL=128
    Reply from 10.0.1.11: bytes=32 time<1ms TTL=128
    Reply from 10.0.1.11: bytes=32 time<1ms TTL=128

    the only changes i had to make were

    on the clients

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]

    "OverrideDefaultAddressSelection"=dword:00000000

    And on the DCs

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters]
    "RoundRobin"=dword:00000000
    "LocalNetPriority"=dword:00000001

    Monday, April 25, 2016 7:35 PM
  • This should fix it right up for you.

    netsh int ipv6 set locality state=disabled

    Its not reboot persistent, so if someone finds a way to do that without having to run in a startup batch, that'd be cool. :)

    Thanks,

    Dale.

    PS Thanks to Chris for tag-teaming this one with me. ;)


    • Edited by Doomdalek Thursday, June 16, 2016 12:47 AM
    Thursday, June 16, 2016 12:43 AM
  • netsh int ipv6 set locality state=disabled

    Helped me immediately! Version 10.0.10240 Build 10240

    Is it possible to make it permanent?


    • Edited by igortyu Friday, August 5, 2016 10:55 AM
    Friday, August 5, 2016 10:55 AM
  • This should fix it right up for you.

    netsh int ipv6 set locality state=disabled

    Its not reboot persistent, so if someone finds a way to do that without having to run in a startup batch, that'd be cool. :)

    Thanks,

    Dale.

    PS Thanks to Chris for tag-teaming this one with me. ;)


    It works for me, thank you.

    What this command is doing?

    Can you please provide more information about this "locality"?

    Friday, August 5, 2016 11:18 AM
  • According to this article: http://hinchley.net/2016/06/09/client-side-dns-prioritisation-in-windows-10/

    Microsoft confirmed bug and should release patch in a few weeks:

    "Unfortunately, there is a catch; as of today, the implementation of the RFC in Windows 10, or at least the implementation of rule 9, is fundamentally broken. As indicated, rule 9 compares the client IP address with each address retrieved from a DNS query, identifying the value with the longest matching prefix. This comparison is based on the IPv6 translation of an IPv4 address (even if IPv6 is not enabled), but unfortunately, instead of basing the comparison on the length of an IPv6 address, the comparison incorrectly uses the length of an IPv4 address (i.e. only a part of the translated IPv6 address is actually used in the comparison). The product team at Microsoft have confirmed the bug, and have developed a private hotfix, which should be publicly available in the next few weeks."

    Friday, August 5, 2016 12:17 PM
  • Interesting. The length bug might suggest that SOME of the comparisons might succeed and thus giving a false indication that DNS Subnet Prioritization works as some people have posted here.

    Best regards, George



    Saturday, August 6, 2016 2:15 PM
  • Great! Looks like that MS has released this hotfix at Aug 9th, see http://windowsreport.com/kb3176492-windows-10/or http://www.zdnet.com/article/microsoft-rolls-out-several-new-windows-10-cumulative-updates/ , part "The list of fixes for those still on the original Windows 10 release"  - "Addressed issue in DNS Subnet Prioritization that was impacting network connectivity.". We are going to test it.

    Tuesday, September 6, 2016 12:51 PM
  • Did you have a time to test this hotfix?

    I already installed this hotfix but we are still having problems with it!!

    Tuesday, December 20, 2016 3:45 PM