AD replication latency & required bandwidth question

-

hi, i've following scenario:

office site: ad server (2nd ad, gc)

data centre site: ad server (1st ad, gc), exchange 2010 server placed in.

number of users:

office: 20 - 30 users

data centre site: n/a

to guarantee success replication, know round-trip latency limit , required bandwidth. thanks.

curious, have such small user base. concerned slow link? have slow link @ 1 or other location? line speed - t1, t3, mpls, cable, fios, dsl, adsl, t3, etc? @ both offices? location lowest bandwidth common denominator.

this broad topic. 100ms acceptable limit. far bandwidth, 512 kbps or lower considered "slow." if below 128 kbps, must use smtp replication, requires separate domains on each side because it's slow replicate domain blob data.

keep in mind, authentication packet size alone between 512kb 1mb in size group policy & other apps requires bandwidth on 512kbps, why if absolute wan speed between locations below speed, such remote vpn users on slow link, the security settings of gpo apply.

the best way think determine bandwidth requirements given, rather current scenario, such yours, run packet captures record traffic bandwidth between 2 sites, or use sort of bandwidth tracking software. choose depend on firewalls - run on routers/firewalls, or run netboy on server/pc plugged hub (not switch) between company main switch , firewall.

bandwidth monitor pro - monitor bandwidth!\
http://www.bandwidthmonitorpro.com/

here's more info ad branch designs:

detailed branch office deployment guide
http://www.microsoft.com/downloads/details.aspx?familyid=9353a4f6-a8a8-40bb-9fa7-3a95c9540112&displaylang=en

[is there an] active directory sizing tool windows 2008 r2 [?]
http://social.technet.microsoft.com/forums/en-us/winserverds/thread/48e9c9ac-468e-45cc-8328-5316788386a6

 

 

it's suggested no use adsl line due pppoe mtu of 1492. it negates/affects ad rpc/ldap commuications. satelite introduces high latency. in cases, cable, too, if there more 15 hops (i've seen cable installations 19-20 hops website).

also, if concerned slow line speed, must factor various items that affect usable bandwidth may affect ad replication, such as:

  • user use concurrency (how many performing network traffic tasks - outlook, calendaring, public folders (real-time),
  • internet use traffic (user , mail traffic)
  • outlook/exchange traffic (cached mode saves bandwidth)
  • if users send large attachments
  • allowing users use watch youtube videos, streaming videos, streaming music, etc (this drastically reduce available bandwidth)

 

you may want take @ design ipd guide ad - download details: ipd guide active directory domain services – version 2.0
http://go.microsoft.com/fwlink/?linkid=160829

 

here of notes on latency (it falls under multiple subjects):

==========
there network latency, ad replication latency, , exchange 2010 dag replication latency.

active directory replication latency
"the local domain controller has not received replication information number of domain controllers within configured latency interval ... can use support tool repadmin.exe display replication latencies of domain controllers in forest.
http://www.nwsmith.net/hintstips/ad-replication-latency.htm

storage virtualization | faqs & discussions - dr , asynchronous replication - tutorial , best practices
link discusses lan storage solutions in regards virtualization, , how bandwidth affects it, , if round trip latency high, want use asynchronous vs synchronous replication. has bandwidth chart, too.
http://www.las-solanas.com/storage_virtualization/asynchronous_replication.php

exchange 2010 - planning high availability , site resilience
applies to: exchange server 2010 sp1 - topic last modified: 2011-02-02
http://technet.microsoft.com/en-us/library/dd638104.aspx

 

ace

ace fekay
mvp, mct, mcitp ea, mcts windows 2008 & exchange 2007 & exchange 2010, exchange 2010 enterprise administrator, mcse & mcsa 2003/2000, mcsa messaging 2003
microsoft certified trainer
microsoft mvp - directory services
complete list of technical blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

this posting provided as-is no warranties or guarantees , confers no rights.

facebook twitter linkedin


Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

server manager error: ADAM.events.xml could not be enumerated.

-
firewall off isnt it. rerun ldap wizard:?  why?  will screw exchange server running on machine?  ldap wizard asks questions don't understand. please dont send generic links to: http://social.technet.microsoft.com/wiki/contents/articles/13444.windows-server-2012-server-manager-troubleshooting-guide-part-ii-troubleshoot-manageability-status-errors-in-server-manager.aspx thanks, john hi john, >> ok. server manager app. these questions refer this. nothing else 2.  do need create app dir or not?  this server manager, shouldnt done? (why did break in first place?) how check if app dir exists server manager or not. 3.  if "lightweight" implementation of anything, sure hate see "heavyweight" version. the waring events can't enumerated. , cause not completing configuration of ad lds. ad lds not related server manager. used provide flexible support directory-enabled applications. if not implementing such applications, remove role. her
Read more

Cannot access Anywhere Access using domain name?

-
after installing anywhere access in windows server 2012 essentials r2, cannot use anywhere access using setup domain name in wizard such remote.mydomain.com? if enter public ip address, example, 72.2.34.5 works. before set anywhere access, created a record pointing public address...pinged , worked...so not sure doing wrong?  is wizard supposed create record etc , make remote.mydomain.com work? if enter public ip address while on lan, takes me router webpage.  shouldn't work on lan if accessed via public ip? thank you, tim. the wizard can configure remote.microsoft_names.com  remote.remotewebaccess.com but cannot configure domains purchased outside wizard.  depends on how domain configured if wildcard.yourdomain.com should work  if try ping remote.your_domain.com afar , not give proper  public ip, need add record mariette said. much have record domain.com www.domain.com , if have website somewhere else www.domain.com , need remote.domain.com go box gr
Read more

WMI Failure: Unable to update Local Resource Group

-
Image
hi i have windows server 2008 r2 enterprise terminal services installed. this has been working fine, unable add new computers local computer groups policy on rd gateway manager i following error wmi failure: unable update local resource group  just confirm on , resource authorization policies then manage local computer groups hi hussain, posting in windows server forum. firstly please let know, did find particular event log issue? please ensure have configured rap settings correctly , set correct value , permissions rap.xml file , rapstore registry key. please check below thread more details. 1. wmi failure- unable create resource access policy (answered clarence) 2. event id 543 — rd gateway server configuration 3. event id 642 — rd gateway server availability hope helps! thanks, dharmesh Windows Server
Read more