Automatic DNS Record Priority via Inter-Site Transport Cost
Non-Windows Kerberos clients authenticating against AD typically find an AS by querying DNS, e.g. for a SRV record at "kerberos.tcp.myrealm." Unfortunately, the default query reply does not do a good job of prioritizing the results. In a default configuration, the DNS priority for the results will all be the same. Although there are some workarounds (netmask ordering), these may not be appropriate for all scenarios -- as when the client subnets are in a random order.
I propose that Windows DNS have an option to return results with a calculated priority based on the inter-site transport cost between the client and the results of the query. This should result in much better resource selection of network resources by default.