Site Planning

Posted on 2009-03-29
Medium Priority
Last Modified: 2012-05-06
First post is always frightening, but i'll live.
I've currently got a site with two locations geographically spread by around 200m.
They are currently tied together with Cisco 1200 series waps in bridge mode with directional antennas at 54mbps.

Site A - is the main site with fibre to the curb providing internet and wan activity. It currently houses a 2k8 PDC (DHCP/DNS/AD) and 2k3 BDC(DNS/Print/WSUS/Deployment/AV) and a Web server.  Site A houses around 200 workstations and 50+ mobile devices, 1000 odd users.
No issues, just working really smoothly.

Site B - currently has about 50 workstations and 10 mobile devices. Workstations cabled, mobile wi-fi. All cisco Hardware. The building is going to be demolished in a years time and a new one built in its place so I'm holding out on the fibre or microwave link to get them connected flawlessly.

Im concerned that in an AD environment where there is a whole lot of traffic with the SOE currently in commission that Symantec updates/wsus updates/ logins, gpo's, software all sorts of things arent going to cope. So im trying to figure out what I do as far as getting network continuity.

Im just throwing around ideas at the moment. I'm not quite sure how to tackle it.
My thoughts are to build another DC making it a global catalog and dns server in the same Domain and localise some of the services to that server, break down the traffic flow locally.

Do clients make authoritive connections to the DC with the lowest latency or do they always pass via the PDC. Is putting another DC down at the other site a viable option? Am I going to increase replication traffic due to creating another Global Catalog? Can you throttle full replication to the back of the clock? Do I create another domain within the forest on another subnet? Am I wasting my time even considering this. Feel free to chime in. Theres too many Ideas floating around my head.


Question by:InsightNetworks
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 18

Accepted Solution

Americom earned 500 total points
ID: 24016090
User authenticate to any DC respond to user upon request. What you can do is create AD site to control user authentication as well as replication. With AD Sites, user will by default authenticate to the local DC to it's local site. User can still be authenticated by the remote site DC if the local site DC is not available.

I don't see creating a domain is going to help you at all as I don't see any security need for it. It just going to make things more complicated and will create more administrative overhead and not justify in your description above.
LVL 57

Expert Comment

by:Mike Kline
ID: 24016337
I agree creating a domain won't help you; Tony Murray has a good article about when you may need multiple domains
If you go about halfway down the thread below you will see my comment which is a more detailed step by step on the site creation
Currently are users in site B complaining about any slowness or latency issues?

Author Comment

ID: 24093590
Americom: Thank you for the help, ive chosen this path and have setup the majority of it.
Next step I have is im part of a large WAN and have a 10.x.y.z/22 ip range for the whole network.
I have no idea as to how to subnet it for AD sites. I've read quite a lot of information and cant figure it out. Do you need to create subnets for Sites to work correctly?
I've got 4 ranges with the /22
Site A needs the majority of the host addresses....
Site B could do with one complete range, 254 Usable hosts.
I know its probably an annoying question but if someone could shed a little light.

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month13 days, 19 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question