Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

Single Domain Site Replication Topology

I was hoping somebody could double check my setup here.

Single Domain, Windows 2003 Servers
2 sites, 2 domain controllers at both sites.

Site 1:
Server 1 - FSMO roles Except not Global Catalogue, Preferred IP Bridgehead
Server 2 - Global Catalogue

Site 2:
Server A - Global Catalogue, Preferred IP Bridgehead
Server B -

Site 1. Server 1 has NTDS settings of "auto gen" , site 1, Server 2, and Manually config'd, Site 2, Server B

Site1. Server 2 has NTDS settings of "auto gen", site 1, Server 1, and Manually config'd, Site 2, Server A

Site 2 Server A has "auto gen", Site 2, Server B, and Manually config'd Site 1, Server 1.

Site 2 Server B has "auto gen", Site 2 Server A, and Site 1 Server 1

Any suggestions or "best practices" would be greatly appreciated.  Thanks in advance.

Matt B
0
mbigogno
Asked:
mbigogno
  • 2
  • 2
  • 2
  • +1
1 Solution
 
trenesCommented:
Hi mbigogno,

Make sure you run DNS on both sites that keeps traffic down.
Also make both machines  Global Catalog.

those things come 2 mind first.

Cheers!
0
 
trenesCommented:
trenes,

My bad you have 2 catalogs . ;-)
0
 
mbigognoAuthor Commented:
Sorry, I did leave that out.  I have DNS and DHCP at both sites.  I just recently added the 2nd DC at Site 2, this is the ONLY DC that is not running DNS or DHCP.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Jay_Jay70Commented:
personallly i dont see the need for your bridgehead server entry at all, seeing its only two sites, and you have DNS and a GC at each site, you are in good shape
0
 
saw830Commented:
I had just written my reason for leaving the bridgehead server in place to help with WAN traffic management and such.  But I then deleted it when I suspected bit-rot and decided to re-read an article about bridgeheads.  (http://support.microsoft.com/kb/271997)  According to this article, if you don't specify one, KCC will nominate one.  If you specify more than one KCC will nominate one from the list that you specify.  If you specify one (or more) and it (or they) become unavailable then replications will not be able to occur.  With this in mind I have to agree with Jay Jay70 and add a little more pressure to not specify the bridgehead unless you have an overriding reason.

One thing that seems to cause more grief for some folks is DNS settings.  Make sure that ALL your systems are configured (either statically or with DHCP) so that the IP settings are looking only at your internal AD DNS servers for DNS resolutions.  This even includes your DCs with and with out DNS.  If you need to resolve external DNS queries (almost certainly you will so that the boss can get to raging bull or yahoo stocks or whatever it is he doesn't in the ivory tower, and more importantly you can get to EE), remove the Root DNS Zone, make sure Roots Hints is configured, and open both UDP port 53 and TCP port 53 on your firewall.  (see http://support.microsoft.com/kb/300202)

I'd also like to say that althought you seem to be indicating a slight doubt in yourself by publicly asking for comments, quite frankly I'm impressed that you seem to have it put together pretty well, and certainly better than most that I've seen done in smaller implementations.  Kudos to you!

Alan
0
 
mbigognoAuthor Commented:
Thanks for the compliment Saw, and thank you Jay.  So much to learn, so little time.  Just like to double check things.

MB
0
 
Jay_Jay70Commented:
I can understand that feeling, although diving head first into it is the best way to learn and it looks so far like you have done well
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now