Use DNS scopes for granular record results based on client location

Q. What is a DNS zone scope?

A. Windows Server 2016 introduces the concept of a zone scope. A zone scope can contain its own set of resource records that are presented to the corresponding set of DNS clients based on IP subnet.

For example first create a set of client subnets:

Add-DnsServerClientSubnet -Name "DallasSubnet" -IPv4Subnet "10.7.173.0/24"
Add-DnsServerClientSubnet -Name "HoustonSubnet" -IPv4Subnet "10.7.174.0/24"

Next create zone scopes that correspond:

Add-DnsServerZoneScope -ZoneName "savilltech.net" -Name "DallasZoneScope"
Add-DnsServerZoneScope -ZoneName "savilltech.net" -Name "HoustonZoneScope"

Resource records can be added to each zone for the same record enabling it to resolve differently. For example:

Add-DnsServerResourceRecord -ZoneName "savilltech.net" -A -Name "www" -IPv4Address
"10.7.173.50" -ZoneScope "DallasZoneScope"
Add-DnsServerResourceRecord -ZoneName "savilltech.net" -A -Name "www" -IPv4Address
"10.7.174.50" -ZoneScope "HoustonZoneScope"

Finally create a policy that maps the client subnet to the corresponding zone scope:

Add-DnsServerQueryResolutionPolicy -Name "DallasPolicy" -Action ALLOW -ClientSubnet
"eq,DallasSubnet" -ZoneScope "DallasZoneScope,1" -ZoneName "savilltech.net"
Add-DnsServerQueryResolutionPolicy -Name "HoustonPolicy" -Action ALLOW -ClientSubnet
"eq,HoustonSubnet" -ZoneScope "HoustonZoneScope,1" -ZoneName "savilltech.net"

It's like a DNS split brain without having to create separate DNS servers. It simply enables different records to be returned for the same query based on the client IP address. If a user in 10.7.173.0 queries www.savilltech.net they will get 10.7.173.50 returned where as a user in 10.7.174.0 will get 10.7.174.50 returned.