How to Disable Subnet Prioritization

Monday, January 26, 2009
Windows uses a scheme called "subnet prioritization" to attempt to reduce network traffic by re-ordering DNS round-robin records so that the records that are "closest" to the host are the only records used.

For example, suppose there are three A records for the same name in DNS, One with IP, one with, and one with

If a Windows client with the IPv4 address of performs a DNS query for, subnet prioritization will re-order the IP addresses so that it will always use the address.

Subnet prioritization is enabled by default in both the Windows DNS server and the DNS client.

DNS server subnet prioritization (AKA, netmask ordering) can be demonstrated using the Windows NSLOOKUP command. Repeated lookups of from the client always give the same results:



Here, the DNS server is reordering the IP addresses, based on the requestor's IP address. If true DNS round-robin is working, the records would rotate in a (A, B, C), (B, C, A), (C, A, B) fashion. Subnet prioritization obviously throws a wrench in round-robin DNS if you're using that as your load balancing or fault tolerance solution.

To disable subnet prioritization on DNS servers:
  • Open the DNS Management console

  • Navigate to the DNS server and open its properties

  • Click the Advanced tab

  • Uncheck Enable netmask ordering and check Enable round robin

  • Click OK

But this only solves half the problem because the Windows client will reorder the DNS results, too. Repeated nslookups will now show that the IP address for is rotating correctly, but pinging from the client will still always resolve to You must still disable subnet prioritization on the client.

To disable subnet prioritization on Windows DNS clients:

  • Run Regedit

  • Navigate to HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters

  • Click Edit > New > DWORD Value

  • Name the new value PrioritizeRecordData (its value data will be 0)

  • Close Regedit

Note: Both of these changes go into effect immediately. There is no need to restart services or the computers.