Microsoft continues to improve on the functionality of the DNS Server capabilities in Windows Server 2016. One new capability is called DNS Policies. DNS Policies allow the control of how the DNS server handles and responds to queries based on parameters configured within the policy such as the time of day, client IP, or subnet.
I see a unique use of this feature in cases where you have multiple WAN sites and an application that can have localized servers. Configuring DNS policies would allow you to configure a policy based on subnet to respond and direct the client to the local server instead of having to traverse a WAN connection.
Another example of how this feature could benefit you is when using DNS Policies based on the time of day. This can be of benefit to give responses across time zones and even provide Geo-Location Awareness. A full detailed article on this example can be found here.
I came across a helpful article from Technet that had a list of some additional notes and details shown below.
Some clarifying details/notes:
- As mentioned, this information applies to Technical Preview #2 – and is subject to change
- Currently, DNS Policies can only be configured via PowerShell
- DNS Policies will work only on Windows Server vNext/2016 DNS servers
- Also, all DNS servers hosting a policy-controlled zone must be WS 2016 to take advantage of this functionality.
- Clients can be any version
- At present, DNS Policies are configured and stored locally on each DNS server, but they can be easily deployed across DNS servers using PowerShell
- Zones and their scopes (note: not referring to DHCP scopes here) must be in file-backed zones. We’re working on AD-integrated zone support
- You cannot add scopes on Conditional forwarders
This feature will not be used in every deployment of DNS but sure provides some great capabilities to address some unique situations that arise for some IT departments.