none
Site link topology question RRS feed

  • Question

  • I’m trying to decide on the best configuration of our AD site topology after some changes to our physical network.  Some of the posts on here have been very helpful but I still need some clarification on the best way to do this in our scenario.  

    We have 10 sites A-J, all part of one domain.  Each site has one domain controller, nine running Server 2003 and one running 2008.  Three of them are global catalogs.  Before the change to our network, all of the sites were physically connected with each other.  There was one default site link that had all of the sites in it.

    Now only three sites have physical connectivity to all of the other sites, the remaining sites cannot talk to each other:
    Site A, B and C can all communicate directly with all ten sites (A-J).
    Sites D-J can only communicate directly with sites A, B and C.

    Of course now some of the DC’s are throwing 1311 and 1722 errors because they are not able to directly talk with all of the other sites.  We want to clean this up.

    What is the best way to implement site links in this scenario?  I know we have to turn off Bridge all site links because they do not all have connectivity with each other.  We have considered the following scenarios but don’t know which one is best:

    1.) Create a site link from each site to site A (hub), then create a second site link from each site to site B or C with a higher cost (in case site A goes down).
    2.) Create a site link from each site to site A (hub), then create a site link bridge from each site to site B or C with a higher cost in case (in case site A goes down).  
    3.) Use two hubs, site A and B, with ½ of the sites each linked to one hub and the remaining sites each linked to the other hub, with a separate site link connecting the two hubs together.

    What is the best way to do this?
    Any help is appreciated, we are a small rural library and a support call to MS is a luxury we can’t afford at the moment.
    Thanks!

    Wednesday, May 15, 2013 4:37 PM

Answers

All replies

  • I'd look at doing something like this....(bearing in mind i've not seen your exact setup)

    assuming all links are of the same speed and connectivity and don't have additional cost implications...

    1. create a site link with an equal cost from A, B and C to each of the other sites. 

    2. create a site link between between A B C


    Regards,

    Denis Cooper

    MCITP EA - MCT

    Help keep the forums tidy, if this has helped please mark it as an answer

    My Blog

    LinkedIn:

    • Marked as answer by Monika H Thursday, May 30, 2013 2:56 PM
    Wednesday, May 15, 2013 5:00 PM
  • Thanks Denis for your quick reply!  I think I was overthinking this a bit, having the three hubs replicate with each other then the spokes to the other sites makes sense.  Yes all connectivity is basically the same with one exception, but we are a small shop & don't generate a ton of replication traffic anyway.  Will implement this & turn off link bridging and see how it goes.
    Thursday, May 16, 2013 3:52 PM
  • no problem - let me know how you get on....

    if this has helped, please do mark it as answered,

    thanks

    Denis


    Regards,

    Denis Cooper

    MCITP EA - MCT

    Help keep the forums tidy, if this has helped please mark it as an answer

    My Blog

    LinkedIn:

    Monday, May 20, 2013 2:40 PM
  • Thanks Denis, we made the following changes:

    Removed all sites except A B and C from the DEFAULTSITELINK and set this with a cost of 80.

    Added a site link for each site back to A B and C, but distributed the costs among them so that 1/3 of them prefer Site A, 1/3 site B and 1/3 site C, with the other two hubs as backups with higher costs.

    Turned off site link bridging.

    I made a change in AD and saw it replicate everywhere; information for all of the site links has replicated as well.  What I can't figure out is why some sites are still getting KCC errors in the event logs.  It's like they still think they are supposed to replicate directly with the other sites like they did before our network infrastructure was changed.  Is there something else we need to adjust to get the KCC to forget the old site link?  Do you have any suggestions, or does anyone else?

    Many thanks!

    Wednesday, May 22, 2013 7:03 PM
  • how long ago did you make the changes...it could be that it hasn't finished updating itself...

    you could run repadmin /kcc on all your DC's then leave it an hour and see if the errors continue....

    if they do ,can you post the errors you are getting...

    also it might be worth creating a new link instead of using the defaultsitelink


    Regards,

    Denis Cooper

    MCITP EA - MCT

    Help keep the forums tidy, if this has helped please mark it as an answer

    My Blog

    LinkedIn:

    Wednesday, May 22, 2013 7:06 PM
  • We made the last of the changes on Monday.

    Should I run repadmin /kcc on all DC's or just the problem sites?  Is there a particular order in which to go?

    Thanks.

    Wednesday, May 22, 2013 7:41 PM
  • no harm in running it on all DC's - it will just force it to regenerate itself

    let me know how you get on


    Regards,

    Denis Cooper

    MCITP EA - MCT

    Help keep the forums tidy, if this has helped please mark it as an answer

    My Blog

    LinkedIn:

    Wednesday, May 22, 2013 8:22 PM
  • I ran repadmin /kcc on one of the problem servers, still happening.  It reported nothing other than "Consistency check on localhost successful."  It generated the same events in the event log that it does every 15 minutes when the KCC runs automatically.

    Interestingly, when I look at AD Sites & Services at that server's NTDS settings, I see automatically generated connection objects for servers that it can't communicate directly with anymore.  Is this because we didn't turn off site link bridging soon enough?

    Should these connection objects be manually deleted from NTDS settings?  I know you CAN, but want to make sure there's no better way to go about it before mucking around with connection objects.

    Thanks.

    Thursday, May 23, 2013 5:21 PM
  • Hi there is some things you need to do.

    1. Trun off/Disable BASL (Bridge all site Links) - as this assume you have a fully routable network:
      http://technet.microsoft.com/en-us/library/cc738789(v=ws.10).aspx
    2. I would go for (3.)
    3. I would also make all DCs as GCs (Global Catalog Servers) there is no reason to not do this as you're in a single domain.

    Have a look at:
    http://blogs.msmvps.com/acefekay/2013/02/24/ad-site-design-and-auto-site-link-bridging-or-bridge-all-site-links-basl/


    Enfo Zipper
    Christoffer Andersson – Principal Advisor
    http://blogs.chrisse.se - Directory Services Blog

    Friday, May 24, 2013 2:50 PM
  • how are you getting on with this?>

    Do you need any further help on this?


    Regards,

    Denis Cooper

    MCITP EA - MCT

    Help keep the forums tidy, if this has helped please mark it as an answer

    My Blog

    LinkedIn:

    Wednesday, May 29, 2013 8:49 AM
  • Thanks Denis and Christoffer -- this has been resolved.  Turning off BASL and setting up the proper site links was definitely necessary.  I would have thought the KCC was smart enough to realize at that point that things had changed & recalculate the NTDS connection objects, but it didn't, and I had to manually delete the ones that were obsolete.  Then on its next pass the KCC removed all auto generated objects except for the one that represented the site link with the lowest cost.  I've checked replication & it's working, and our event logs are clear.

    Thanks again for your help setting things straight, much appreciated!

    Monika

    Thursday, May 30, 2013 2:55 PM