So, I am in the process of deploying a simple DFS-R infrastructure. I have about 70+ servers in just as many remote offices that act as File & Print servers but, they also will double as App-V streaming servers. I want to use DFS-R to keep the App-V content share consistent on each server. Now I know that DFS-R uses RPC to replicate the data to each server.
My road blocks are: We will have a mixed bag of '03 R2 and '08 R2 systems which use different RPC ports. Another is: our network security team will not allow these RPC random ports. Rather than just isolate DFS-R replication to a single port as outlined in: http://support.microsoft.com/kb/319553/en-us
. I was thinking I can accomplish both issues by limiting all RPC coming from the server on a port range of 300 (Example: 5000-5300) I chose 300 because the minimum port range for Windows server '08 is 255 and I wanted a round number:).
I was going to follow the following articles:
Windows Server 2003: http://support.microsoft.com/kb/154596
Windows Server 2008: http://blogs.technet.com/b/askds/archive/2007/08/24/dynamic-client-ports-in-windows-server-2008-and-windows-vista-or-how-i-learned-to-stop-worrying-and-love-the-iana.aspx
I was hoping that someone could provide feedback or flaws.