DonaldWilliams
asked on
Secondary Sites vs Branch Distribution Points (BDP). Which is best for me?
Our current configuration consists of our Primary Site server (Black), and 15 REMOTE servers (over a WAN link) setup as "Server Shares". The "Server Shares" are the DC's at those remote locations. Some of my remote locations have >10 Pc's, while others have <50. The remote site are over a WAN and use a VPN connection that come over Comcast; I also have 2 branches which are a dedicated 1.5Mbps T1, and another branch which is an Verizon Internet 1.5Mbps T1. I've already established SCCM site boundaries based upon my Active Directory IP subnets, defined my IP subnets and sites in Active Directory, and used the AD sites to create boundaries in SCCM.
The issue is that whenever I sync Microsoft Updates or copy new software installation packages to the remote server shares, it KILLS all of our bandwidth; ping responses to our remote locations spike, and things come to a crawl. I have done some research (got some very good help on here) and found out that I should probably be implementing secondary sites or branch distribution points, but I have some questions before I go though the extra work of setting them up. I know I shouldn't be using a "server Share" configuration (even thought this is what Microsoft recomended me to use), but I don't know if I should "convert" my Server Shares" to Secondary Sites, or Branch Distribution Points.
1) Which configuration, Secondary Site or BDP will give me the GREATEST control over network consumption (time frame, data rates, etc)?
2) Which option is best for my enviroment? I would perfer that clients speak to their local site server, and then that site server speaks to the primary site server. I'm guessing I would need a Secondary Site Server configuration to do this? However, between all my remote locations, I have >300 Pc's; as I said, some locations have >10 Pc's.
3) *IMPORTANT* Can a secondary site or BDP be installed on a Domain Controller? The only server I have available at my locations is also the Domain Controller for that location. Is having a DC running as a secondary site / BDP even supported? All of those DC's are running Windows 2008 R2, they're also the DHCP, DNS, WINS server for their location.
4) Is it too late to add secondary sites or BDP to my environment since I've already started to use SCCM with just a primary site and server shares?
5) Does anything need to be configured with the Pc clients, or will they pick up the new settings?
If you need anymore informantion, please don't hesistate to ask!
The issue is that whenever I sync Microsoft Updates or copy new software installation packages to the remote server shares, it KILLS all of our bandwidth; ping responses to our remote locations spike, and things come to a crawl. I have done some research (got some very good help on here) and found out that I should probably be implementing secondary sites or branch distribution points, but I have some questions before I go though the extra work of setting them up. I know I shouldn't be using a "server Share" configuration (even thought this is what Microsoft recomended me to use), but I don't know if I should "convert" my Server Shares" to Secondary Sites, or Branch Distribution Points.
1) Which configuration, Secondary Site or BDP will give me the GREATEST control over network consumption (time frame, data rates, etc)?
2) Which option is best for my enviroment? I would perfer that clients speak to their local site server, and then that site server speaks to the primary site server. I'm guessing I would need a Secondary Site Server configuration to do this? However, between all my remote locations, I have >300 Pc's; as I said, some locations have >10 Pc's.
3) *IMPORTANT* Can a secondary site or BDP be installed on a Domain Controller? The only server I have available at my locations is also the Domain Controller for that location. Is having a DC running as a secondary site / BDP even supported? All of those DC's are running Windows 2008 R2, they're also the DHCP, DNS, WINS server for their location.
4) Is it too late to add secondary sites or BDP to my environment since I've already started to use SCCM with just a primary site and server shares?
5) Does anything need to be configured with the Pc clients, or will they pick up the new settings?
If you need anymore informantion, please don't hesistate to ask!
ASKER
I'm debating on whether or not to just make all my locations Secondary Sites as that seems to give me more flexability in the futer and more control with bandwidth. I just have a few more questions:
1) Can a secondary site be configured on a DC? Is there any conflict with things like DHCP, DNS, WINS etc?
2) What is the max number of clients a BDP can realistically support? Is there a specific "cutoff"?
3) Can you have a mixed environemnt; primary site, a couple secondary sites, and a couple BDP's? Would there be any "harm" in making even my small sites (>10 Pc's) secondary sites?
4) II we went with BDP; what about the rest of the network traffic that the agents generate? I'm really trying to minimize t he traffic that SCCM generates across my WAN. Am I safe in assumeing that secondary sites generate less traffic?
1) Can a secondary site be configured on a DC? Is there any conflict with things like DHCP, DNS, WINS etc?
2) What is the max number of clients a BDP can realistically support? Is there a specific "cutoff"?
3) Can you have a mixed environemnt; primary site, a couple secondary sites, and a couple BDP's? Would there be any "harm" in making even my small sites (>10 Pc's) secondary sites?
4) II we went with BDP; what about the rest of the network traffic that the agents generate? I'm really trying to minimize t he traffic that SCCM generates across my WAN. Am I safe in assumeing that secondary sites generate less traffic?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'd like to thank you both for the valuable information. I also have a call in with Microsoft just to confirm a few things, but I think I have a decent handle on everything now.
A BDP on the other hand can be any flavor of Windows (server, XP, 7) as long as it has the SCCM client loaded on it. The only control you have for throttling a BDP is configuring BITS for the site and is only a straight kb per second limit.
For sites with more than 50 or so clients and you offer other services such as OSD, I'd recommend a secondary site, for less a BDP is good unless a really remote site that you wouldn't want to travel to twice for a workstation reimage.
The best way to make sure clients don't pull files over the WAN is to set up either the secondary or BDP as a protected site and choose as the boundary the subnet in question. The clients, after checking into your primary/central site, will know to talk to the local DP once their policy gets updated.
You can add secondaries and BDPs at any point in the game, just make sure your boundaries don't overlap or things get all sorts of screwy and you gamble on what exactly happens during a deployment.
Hope that answers all your questions!