I am managing a global windows domain which consists of two primary datacenters and several branches. The datacenters and branches all have domain controllers and DNS servers (mostly for local caching) in a fairly simple heirarchy. We are leveraging DNS netmask ordering so that resolution of our domain (let's call it contoso.com) returns a domain controller in the requesting device's same subnet. This works extremely well. However, for "reasons", we have 2 VPN subnets that fall in different /16 subnets without a DNS server in them. This means we can't leverage subnet mask prioritization there, and contoso.com is resolving to any domain controller at random. This is visible in pings, reaching netlogon, etc. despite us having the symptomatic /16's mapped to the datacenters in ADSS.
Is there any other method of weighting resolution (something like SRV priority?) so that subnets without a local DNS server know to prioritize the datacenter DCs?
Any insight is greatly appreciated!