AD site and IP subnet boundaries suffer from the same major shortcoming: They do not
work correctly with the Classless Inter-Domain Routing (CIDR) method commonly used
in networking today. CIDR uses variable length subnet masks (VLSM) to provide more
flexible addressing than the older class A, B, and C IP subnets. Both AD site and IP subnet
boundaries assume the use of a specific subnet mask based on the legacy “class” assign-
ment of the specified subnet. Here is an example of the problems you can run into using
these types of boundaries.
An AD site used as a boundary contains the IP subnet of 192.168.14.0–192.168.15.255
or 192.168.14/23. ConfigMgr calculates the subnet ID as 192.168.14.0. If you now have
a client with an IP address of 192.168.15.27 with a subnet mask of 255.255.255.0, or
192.168.15.27/24, the calculated subnet ID is 192.168.15.0. Although the client’s IP
address is clearly within the range specified in AD, the subnet ID comparison does not
match and the client is not assigned during discovery.
In addition, clients unable to retrieve site information from your AD, such as workgroup
clients or clients in domains that do not have a trust relationship with your site server’s
domain, cannot use AD sites as boundaries. For these reasons, IP ranges or IPv6 prefixes
are usually the best choice for defining boundaries.