[JRM]

I posted this back in Dec.

"My company will be undergoing a major architecture change in the next 6 months. We are migrating from a NT 4.0 client/server environment to a WIN 2003 centralized Citirx environment. We will have 2 identical datacenters and currently have approx 50 branch offices. Each datacenter will have 2 DC’s and each branch office will have 1 DC. I could use some advice on site config for replication, since this is brand new to me. I’ve done a ton of reading and feeling a bit overwhelmed. At this point, my plan to have each Datacenter DC as a bridgehead server, and evenly distribute site links to each branch office for replication. This gives approx 12 branch offices for each bridgehead DC. All sites have minimum 128K MPLS connections. Most are at least 256K on up to full T1’s."
Anyone have any experience in the area. How does this sound?

Any help would be greatly appreciated.

Thanks
Reply from WKASDO

I've done this a couple of times... you are certainly on the right track. Some pointers.

1. Do NOT assign preferred bridgehead servers. AD will do that for you. If you appoint preferred b.h. servers AD will NOT failover to other servers in the same site. The only reason that these preferred b.h. exist is to draw all replication traffic in a very large AD. Most AD's don't need it.
2. use sitelinks to assign preferred replication paths between sites. You probably want to assign site link costs according to available bandwidth.
3. Don't create explicit connection objects; let AD do the work. If you have manually created c.o.'s, AD will NOT failover by creating new ones by itself.
4. Be careful to assing subnets to all sites. These subnets are the way that clients locate the correct DC, and that is the whole point of the exercise!
5. you probably want high consistency between the datacenters. You can set the replication to 15 minutes using the GUI, but there are tricks to bring this back to seconds. Let me know if you are interested.
Aside of these technical aspects, give some thought to the policies you will use to administer the AD. Beware of actions that generate a lot of replication traffic, such as creating and editing Group Policy Objects; who is allowed to

*****************************************
My question is regarding site links. My original plan was to create site links between each branch office and the hub (Datacenter ) site. I‘ve been reading some more and wondering if I should create site links between some or all of the branch sites so that those DC’s can replicate with each other. If I just have site links between the Hub and branch sites, then they can only replicate between each other, right?
Also, I have a related non-technical question. Does this migration plan sound like too much for 1 person to handle. I won’t be doing all the migrations but I’m doing the design and documentation. AD is totally new to me and I always feel like it would be nice to have another brain on the case.

Thanks for reading-

[wkasdo]

Quote:

if I should create site links between some or all of the branch sites so that those DC’s can replicate with each other. If I just have site links between the Hub and branch sites, then they can only replicate between each other, right?

No, the default is to allow these connections. This is the switch on the IP transport that says 'automatic site link bridging'. So, no need to create links between branches. You do need to assign proper costs to all sitelinks, so that branches fail over to links with the highest bandwidth.

Quote:

Also, I have a related non-technical question. Does this migration plan sound like too much for 1 person to handle. I won’t be doing all the migrations but I’m doing the design and documentation. AD is totally new to me and I always feel like it would be nice to have another brain on the case.

If you are new, it is certainly good to have an experienced person looking over your shoulder. As a consultant, I have done that a couple of times. A company would migrate, and I'd drop by once a week to review migration procedures and discuss the way ahead. Not a bad way to do it; you learn a lot while you are protected from the bad mistakes.

[JRM]

Thanks. Just want to confirm then. I manually create site links between the Hub and branch sites only. AD will create the branch to branch site links thru have "bridge all site lnks" checked.
I then assign costs to all site likes (branch to branch and hub to branch). It then makes sense to assign higher costs (lower priority) for branch to branch and lower costs (higher priority) to hub to branch.

As far as this project and my experience. My manager is far more technical then me but has never done this either. I guess cause this is new, I constantly wanting to verify steps procedures. It'll be a lot of work but I'll learn a ton.

Thanks again-

[wkasdo]

Quote:

Originally Posted by JRM

Thanks. Just want to confirm then. I manually create site links between the Hub and branch sites only.

correct.

Quote:

AD will create the branch to branch site links thru have "bridge all site lnks" checked.

Not quite. You create sitelinks, and then AD will create connection objects. I'm sure that this is what you meant, but I wanted to be clear.

Under normal circumstances, AD will only create connection objects between sites in the same sitelink. Different branch offices should not be in the same sitelink, as noted. But if the hub site is unavailable for an extended time (2 replication attempts, if memory serves), AD will create new Connection Objects between branch offices, based on lowest cost.

Quote:

I then assign costs to all site likes (branch to branch and hub to branch). It then makes sense to assign higher costs (lower priority) for branch to branch and lower costs (higher priority) to hub to branch.

As you said yourself above, sitelinks between branches are not needed. Am I sensing some confusion here?

[JRM]

I guess I am getting a bit confused. I have read about KCC and connection objects, guess I mxed that up with site links. Let me back up then and ask a general question or 2.

My hub site is up, all good. When I bring up a branch site I manually create site links (bridged) between the branch and hub. That's it. As discussed earlier, I don't want to create site links from branch to branch. Am I correct?

A little more info that might be helpful. When we begin this migration all branch sites will be on a MPLS WAN. That is all branch sites will have a physical connection and/or be able to talk to each other.

Thanks again-

[wkasdo]

Quote:

My hub site is up, all good. When I bring up a branch site I manually create site links (bridged) between the branch and hub. That's it. As discussed earlier, I don't want to create site links from branch to branch. Am I correct?

Correct!

Quote:

A little more info that might be helpful. When we begin this migration all branch sites will be on a MPLS WAN. That is all branch sites will have a physical connection and/or be able to talk to each other.

That's good. A network that is not fully routable is a pain in combination with AD.

Stuff to read. This is the technical low-down on how it works. Really good, but not easy to read. http://www.microsoft.com/technet/pro...cdc27400e.mspx

More general literature on designing for branch offices, also highly recommended: http://www.microsoft.com/downloads/d...displaylang=en
This is the whitepaper I learned replication from when I started out.