none
Active Directory Inter-site Replication RRS feed

  • Question

  •  I have a question regarding Microsoft Active Directory and Inter-site Replication. In the case of 4 different sites with Domain Controllers deployed at each. Let's say your network IS NOT fully routed.. Sites 1, 2, and 3 can communicate in a fully routed manner, but site 4 can ONLY communicate with site 1 due to network limitations.. Site 1 is the primary corp office and many of the changes in AD will occur there. Single domain environment.

    In my lab I have built the following site link topology.
    Step 1: Disable Inter-Site IP Property "Bridge all site links".

    Step 2: Create the following site links and add sites respectively. No bandwidth concerns, all costs set to 100.
    site1-to-site2 (Cost 100, interval 15)
    site1-to-site3 (Cost 100, interval 15)
    site1-to-site4 (Cost 100, interval 15)

    Step 3: Create site link bridge "site2-site3-bridge" and add the following site links to the bridge.
    site1-to-site2
    site1-to-site3

    With the above configuration I am seeing the KCC create replication "connections" automatically from Site Domain Controllers 2, 3, and 4 to site 1 as I expected. However I am a bit confused as to the behavior of the site link bridge in this deployment example. I assumed by disabling "Bridge all site links" and creating a bridge that contained links site1-to-site2 and site1-to-site3 would allow "connections to be made between site 2 and site 3 automatically without the need of creating an additional site link.

    Could someone better explain the purpose of a site link bridge and how best to utilize it?

    Regards,
    Adam Tyler

    Wednesday, August 9, 2017 1:49 AM

All replies

  • Hi Adam,
    Referring the following article: https://technet.microsoft.com/en-us/library/cc753638(v=ws.10).aspx, you could see more details about site link bridge:
    “A site link bridge connects two or more site links and enables transitivity between site links. Each site link in a bridge must have a site in common with another site link in the bridge. The Knowledge Consistency Checker (KCC) uses the information on each site link to compute the cost of replication between sites in one site link and sites in the other site links of the bridge. Without the presence of a common site between site links, the KCC also cannot establish direct connections between domain controllers in the sites that are connected by the same site link bridge.
    By default, all site links are transitive. We recommend that you keep transitivity enabled by not changing the default value of Bridge all site links(enabled by default). However, you will need to disable Bridge all site links and complete a site link bridge design if:
    Your IP network is not fully routed. When you disable Bridge all site links, all site links are considered nontransitive, and you can create and configure site link bridge objects to model the actual routing behavior of your network. 
    You need to control the replication flow of the changes made in Active Directory Domain Services (AD DS). By disabling Bridge all site links for the site link IP transport and configuring a site link bridge, the site link bridge becomes the equivalent of a disjointed network. All site links within the site link bridge can route transitively, but they do not route outside of the site link bridge.”
    Best regards, 
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    Thursday, August 10, 2017 2:47 AM
    Moderator
  • Hi Adam,

    Was your issue resolved? If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions. If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, August 14, 2017 9:53 AM
    Moderator
  • Hi Wendy, I did read that article you referenced before posting my question.  What I am looking for is an explanation from someone who is versed in AD site replication design to comment on my specific question as to why Site 2 and 3 don't automatically create a connection using the KCC in this configuration.  So far the Site link bridge appears to be nothing more than a logical grouping of fully "routed" sites..  I am having difficulty seeing any other benefit based on my testing and implementation.

    Regards,

    Adam Tyler

    Monday, August 14, 2017 5:09 PM
  • Hi Adam,
    In Active Directory, a site link object identifies a set of sites that can be scheduled to communicate at uniform cost through some transport between sites. When you have more than one site in your replication system, you must manually create links by the administrator to connect the sites for replication.  KCC uses site links to create connection objects for implementing replication automatically.
    Therefore, if you want to replicate from site2 to site3, you need to create a site link.
    Best regards, 
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 15, 2017 2:48 AM
    Moderator
  • Hi,

    Since the thread is quite for days, can we think that it is fixed? If that is the case, please "mark it as answer" to help other community members find the helpful reply quickly. And we’d love to hear your feedback about the solution if you solve it by own method.

    Thanks for your understanding and efforts.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, August 18, 2017 9:01 AM
    Moderator
  • Wendy,

    Apologies for the delayed reply.  I haven't been a very good steward of these old questions.  I just read your reply here and I think the key statement you made was "if you want to replicate from site2 to site3, you need to create a site link".

    What you are saying makes sense, but going back to my original post I am still confused as to why Site Link Bridges exist..  If the purpose of a site link bridge is to indicate a grouping of sites are "fully routed" or some folks use the networking term converged, why then do you have to go back and create an additional link between site 2 and 3?

    Whats the difference then if you just used site links and never used a Site Link Bridge?

    Regards,

    Adam Tyler

    Friday, February 2, 2018 5:10 PM