Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Site Planning

Posted on 2009-03-29
Medium Priority
Last Modified: 2012-05-06
First post is always frightening, but i'll live.
I've currently got a site with two locations geographically spread by around 200m.
They are currently tied together with Cisco 1200 series waps in bridge mode with directional antennas at 54mbps.

Site A - is the main site with fibre to the curb providing internet and wan activity. It currently houses a 2k8 PDC (DHCP/DNS/AD) and 2k3 BDC(DNS/Print/WSUS/Deployment/AV) and a Web server.  Site A houses around 200 workstations and 50+ mobile devices, 1000 odd users.
No issues, just working really smoothly.

Site B - currently has about 50 workstations and 10 mobile devices. Workstations cabled, mobile wi-fi. All cisco Hardware. The building is going to be demolished in a years time and a new one built in its place so I'm holding out on the fibre or microwave link to get them connected flawlessly.

Im concerned that in an AD environment where there is a whole lot of traffic with the SOE currently in commission that Symantec updates/wsus updates/ logins, gpo's, software all sorts of things arent going to cope. So im trying to figure out what I do as far as getting network continuity.

Im just throwing around ideas at the moment. I'm not quite sure how to tackle it.
My thoughts are to build another DC making it a global catalog and dns server in the same Domain and localise some of the services to that server, break down the traffic flow locally.

Do clients make authoritive connections to the DC with the lowest latency or do they always pass via the PDC. Is putting another DC down at the other site a viable option? Am I going to increase replication traffic due to creating another Global Catalog? Can you throttle full replication to the back of the clock? Do I create another domain within the forest on another subnet? Am I wasting my time even considering this. Feel free to chime in. Theres too many Ideas floating around my head.


Question by:InsightNetworks
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 18

Accepted Solution

Americom earned 500 total points
ID: 24016090
User authenticate to any DC respond to user upon request. What you can do is create AD site to control user authentication as well as replication. With AD Sites, user will by default authenticate to the local DC to it's local site. User can still be authenticated by the remote site DC if the local site DC is not available.

I don't see creating a domain is going to help you at all as I don't see any security need for it. It just going to make things more complicated and will create more administrative overhead and not justify in your description above.
LVL 57

Expert Comment

by:Mike Kline
ID: 24016337
I agree creating a domain won't help you; Tony Murray has a good article about when you may need multiple domains
If you go about halfway down the thread below you will see my comment which is a more detailed step by step on the site creation
Currently are users in site B complaining about any slowness or latency issues?

Author Comment

ID: 24093590
Americom: Thank you for the help, ive chosen this path and have setup the majority of it.
Next step I have is im part of a large WAN and have a 10.x.y.z/22 ip range for the whole network.
I have no idea as to how to subnet it for AD sites. I've read quite a lot of information and cant figure it out. Do you need to create subnets for Sites to work correctly?
I've got 4 ranges with the /22
Site A needs the majority of the host addresses....
Site B could do with one complete range, 254 Usable hosts.
I know its probably an annoying question but if someone could shed a little light.

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question