locked
AD replication latency & required bandwidth question RRS feed

  • Question

  • Hi, I've the following scenario:

    Office site: AD server (2nd AD, GC)

    Data Centre site: AD server (1st AD, GC), where Exchange 2010 server would be placed in.

    Number of users:

    Office: 20 - 30 users

    Data Centre site: N/A

    To guarantee success replication, I would like to know the round-trip latency limit and the required bandwidth. Thanks.

    Thursday, September 8, 2011 2:14 AM

Answers

  • Curious, you have such a small user base. Are you concerned with a slow link? Do you have a slow link at one or the other location? What is your line speed - T1, T3, MPLS, Cable, FIOS, DSL, ADSL, T3, etc? At both offices? The location with the lowest bandwidth will be the common denominator.

    This is somewhat a broad topic. 100ms would be an acceptable limit. As far as bandwidth, 512 Kbps or lower would be considered "slow." If below 128 Kbps, you must use SMTP replication, which requires separate domains on each side because it's too slow to replicate Domain blob data.

    Keep in mind, an authentication packet size alone is between 512Kb to 1Mb in size but group policy & other apps requires bandwidth over 512kbps, which is why if absolute WAN speed between locations below this speed, such as with remote VPN users on a slow link, only the the security settings of a GPO will apply.

    The best way I would think to determine bandwidth requirements for a given, rather current scenario, such as yours, is to run packet captures to record traffic bandwidth between your two sites, or use some sort of bandwidth tracking software. Which to choose would depend on your firewalls - some run on the routers/firewalls, or run something like NetBoy on a server/pc plugged into a hub (not a switch) between the company main switch and the firewall.

    Bandwidth Monitor Pro - Monitor your Bandwidth!\
    http://www.bandwidthmonitorpro.com/

    Here's more info about AD branch designs:

    Detailed branch office deployment guide
    http://www.microsoft.com/downloads/details.aspx?FamilyId=9353A4F6-A8A8-40BB-9FA7-3A95C9540112&displaylang=en

    [Is there an] Active Directory Sizing tool for Windows 2008 R2 [?]
    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/48e9c9ac-468e-45cc-8328-5316788386a6

     

     

    It's also suggested to no use an ADSL line due to PPPoE with an MTU of 1492. It negates/affects AD RPC/LDAP commuications. Satelite introduces high latency. In some cases, Cable, too, if there are more than 15 hops (I've seen some cable installations with 19-20 hops to a website).

    Also, if concerned with a slow line speed, you must factor various items that affect usable bandwidth that may affect AD replication, such as:

    • User use concurrency (how many are performing network traffic tasks - Outlook, Calendaring, Public Folders (real-time),
    • Internet use traffic (user and mail traffic)
    • Outlook/Exchange traffic (Cached Mode saves bandwidth)
    • If users constantly send large attachments
    • Allowing users to use watch YouTube videos, streaming videos, streaming music, etc (This will drastically reduce available bandwidth)

     

    You may want to take a look at the design IPD guide for AD - Download Details: IPD guide for Active Directory Domain Services – version 2.0
    http://go.microsoft.com/fwlink/?LinkId=160829

     

    Here are some of my notes on latency (it falls under multiple subjects):

    ==========
    There is network latency, AD replication latency, and Exchange 2010 DAG replication latency.

    Active Directory Replication Latency
    "The local domain controller has not received replication information from a number of domain controllers within the configured latency interval ... You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest.
    http://www.nwsmith.net/HintsTips/AD-Replication-Latency.htm

    Storage Virtualization | FAQs & Discussions - DR and Asynchronous Replication - Tutorial and Best Practices
    This link discusses LAN storage solutions in regards to virtualization, and how bandwidth affects it, and if round trip latency is high, you would want to use asynchronous vs synchronous replication. It has a bandwidth chart, too.
    http://www.las-solanas.com/storage_virtualization/asynchronous_replication.php

    Exchange 2010 - Planning for High Availability and Site Resilience
    Applies to: Exchange Server 2010 SP1 - Topic Last Modified: 2011-02-02
    http://technet.microsoft.com/en-us/library/dd638104.aspx

     

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn
    • Proposed as answer by Jane_Wang Tuesday, September 13, 2011 1:54 AM
    • Marked as answer by Jane_Wang Tuesday, September 13, 2011 2:00 AM
    Thursday, September 8, 2011 4:28 AM

All replies

  • Hi, I've the following scenario:

    Office site: AD server (2nd AD, GC)

    Data Centre site: AD server (1st AD, GC), where Exchange 2010 server would be placed in.

    Number of users:

    Office: 20 - 30 users

    Data Centre site: N/A

    To guarantee success replication, I would like to know the round-trip latency limit and the required bandwidth. Thanks.

    • Merged by Jane_Wang Thursday, September 8, 2011 4:45 AM duplicate
    Thursday, September 8, 2011 2:12 AM
  • Hi,

    Replication will be taken care automatically by default. Minimum bandwidth required is 512kbps. Still if you want you can schedule replication between sites. Just configure the subnets preoperly in sites and services, everything else will be proper.

    More here : http://technet.microsoft.com/en-us/library/cc755994(WS.10).aspx 


    Regards, Mohan R Sr. Administrator - Server Support
    Thursday, September 8, 2011 3:21 AM
  • hi,

    I believe you asked the same qn twice :)


    Regards, Mohan R Sr. Administrator - Server Support
    Thursday, September 8, 2011 3:22 AM
  • Hi,

    You can check the below link which will tell you about the bandwidth requirement

    http://technet.microsoft.com/en-us/library/cc749947.aspx

    http://technet.microsoft.com/en-us/library/bb742457.aspx

    Thursday, September 8, 2011 4:17 AM
  • Curious, you have such a small user base. Are you concerned with a slow link? Do you have a slow link at one or the other location? What is your line speed - T1, T3, MPLS, Cable, FIOS, DSL, ADSL, T3, etc? At both offices? The location with the lowest bandwidth will be the common denominator.

    This is somewhat a broad topic. 100ms would be an acceptable limit. As far as bandwidth, 512 Kbps or lower would be considered "slow." If below 128 Kbps, you must use SMTP replication, which requires separate domains on each side because it's too slow to replicate Domain blob data.

    Keep in mind, an authentication packet size alone is between 512Kb to 1Mb in size but group policy & other apps requires bandwidth over 512kbps, which is why if absolute WAN speed between locations below this speed, such as with remote VPN users on a slow link, only the the security settings of a GPO will apply.

    The best way I would think to determine bandwidth requirements for a given, rather current scenario, such as yours, is to run packet captures to record traffic bandwidth between your two sites, or use some sort of bandwidth tracking software. Which to choose would depend on your firewalls - some run on the routers/firewalls, or run something like NetBoy on a server/pc plugged into a hub (not a switch) between the company main switch and the firewall.

    Bandwidth Monitor Pro - Monitor your Bandwidth!\
    http://www.bandwidthmonitorpro.com/

    Here's more info about AD branch designs:

    Detailed branch office deployment guide
    http://www.microsoft.com/downloads/details.aspx?FamilyId=9353A4F6-A8A8-40BB-9FA7-3A95C9540112&displaylang=en

    [Is there an] Active Directory Sizing tool for Windows 2008 R2 [?]
    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/48e9c9ac-468e-45cc-8328-5316788386a6

     

     

    It's also suggested to no use an ADSL line due to PPPoE with an MTU of 1492. It negates/affects AD RPC/LDAP commuications. Satelite introduces high latency. In some cases, Cable, too, if there are more than 15 hops (I've seen some cable installations with 19-20 hops to a website).

    Also, if concerned with a slow line speed, you must factor various items that affect usable bandwidth that may affect AD replication, such as:

    • User use concurrency (how many are performing network traffic tasks - Outlook, Calendaring, Public Folders (real-time),
    • Internet use traffic (user and mail traffic)
    • Outlook/Exchange traffic (Cached Mode saves bandwidth)
    • If users constantly send large attachments
    • Allowing users to use watch YouTube videos, streaming videos, streaming music, etc (This will drastically reduce available bandwidth)

     

    You may want to take a look at the design IPD guide for AD - Download Details: IPD guide for Active Directory Domain Services – version 2.0
    http://go.microsoft.com/fwlink/?LinkId=160829

     

    Here are some of my notes on latency (it falls under multiple subjects):

    ==========
    There is network latency, AD replication latency, and Exchange 2010 DAG replication latency.

    Active Directory Replication Latency
    "The local domain controller has not received replication information from a number of domain controllers within the configured latency interval ... You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest.
    http://www.nwsmith.net/HintsTips/AD-Replication-Latency.htm

    Storage Virtualization | FAQs & Discussions - DR and Asynchronous Replication - Tutorial and Best Practices
    This link discusses LAN storage solutions in regards to virtualization, and how bandwidth affects it, and if round trip latency is high, you would want to use asynchronous vs synchronous replication. It has a bandwidth chart, too.
    http://www.las-solanas.com/storage_virtualization/asynchronous_replication.php

    Exchange 2010 - Planning for High Availability and Site Resilience
    Applies to: Exchange Server 2010 SP1 - Topic Last Modified: 2011-02-02
    http://technet.microsoft.com/en-us/library/dd638104.aspx

     

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn
    • Proposed as answer by Jane_Wang Tuesday, September 13, 2011 1:54 AM
    • Marked as answer by Jane_Wang Tuesday, September 13, 2011 2:00 AM
    Thursday, September 8, 2011 4:28 AM
  • Problem Man,

    It appears you've duplicated this post. In adddition to Mr X's post, I provided some additonan info in your other thread:
    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/e369fbb9-b584-4b90-98d1-bd830b51e80a

     

    Nina, can we get the two threads merged?

    Thanks! :-)
    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn
    Thursday, September 8, 2011 4:32 AM
  • For 20-30 users keeping a DC is more costly from administration and maintenance perspective until it is RODC. I would try to upgrade the link then adding a DC. There is no document specifying the bandwidth due to no of variables involved like user authentication/frequency of application querying DC/size of roaming profiles/No of GPO's etc.

    Anything less than 500 Kbps is considered to be slow link for applying GPO.

    http://technet.microsoft.com/en-us/library/cc781031%28WS.10%29.aspx

    Branch office Guide for windows 2003 & RODC

    http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=5838

    http://www.microsoft.com/download/en/details.aspx?id=3608

     

    Regards


    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com


    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Thursday, September 8, 2011 8:37 AM