?
Solved

Secondary Sites vs Branch Distribution Points (BDP). Which is best for me?

Posted on 2010-11-12
6
Medium Priority
?
3,311 Views
Last Modified: 2013-11-21
Our current configuration consists of our Primary Site server (Black), and 15 REMOTE servers (over a WAN link) setup as "Server Shares".  The "Server Shares" are the DC's at those remote locations. Some of my remote locations have >10 Pc's, while others have <50. The remote site are over a WAN and use a VPN connection that come over Comcast; I also have 2 branches which are a dedicated 1.5Mbps T1, and another branch which is an Verizon Internet 1.5Mbps T1. I've already established SCCM site boundaries based upon my Active Directory IP subnets, defined my IP subnets and sites in Active Directory, and used the AD sites to create boundaries in SCCM.


The issue is that whenever I sync Microsoft Updates or copy new software installation packages to the remote server shares, it KILLS all of our bandwidth; ping responses to our remote locations spike, and things come to a crawl. I have done some research (got some very good help on here) and found out that I should probably be implementing secondary sites or branch distribution points, but I have some questions before I go though the extra work of setting them up. I know I shouldn't be using a "server Share" configuration (even thought this is what Microsoft recomended me to use), but I don't know if I should "convert" my Server Shares" to Secondary Sites, or Branch Distribution Points.

1) Which configuration, Secondary Site or BDP will give me the GREATEST control over network consumption (time frame, data rates, etc)?

2) Which option is best for my enviroment? I would perfer that clients speak to their local site server, and then that site server  speaks to the primary site server. I'm guessing I would need a Secondary Site Server configuration to do this? However, between all my remote locations, I have >300 Pc's; as I said, some locations have >10 Pc's.

3) *IMPORTANT* Can a secondary site or BDP be installed on a Domain Controller? The only server I have available at my locations is also the Domain Controller for that location. Is having a DC running as a secondary site / BDP even supported? All of those DC's are running Windows 2008 R2, they're also the DHCP, DNS, WINS server for their location.  

4) Is it too late to add secondary sites or BDP to my environment since I've already started to use SCCM with just a primary site and server shares?

5) Does anything need to be configured with the Pc clients, or will they pick up the new settings?


If you need anymore informantion, please don't hesistate to ask!
0
Comment
Question by:DonaldWilliams
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Expert Comment

by:socrates2012
ID: 34124166
A secondary site you can configure the sender address to utilize a certain percentage of the network pipe at different times, like a 10% during production hours and much greater after hours.  The secondary site also has more options available to the clients there such as management proxy and ability to set up a PXE service point.  A windows server is required for a secondary site as well.

A BDP on the other hand can be any flavor of Windows (server, XP, 7) as long as it has the SCCM client loaded on it.  The only control you have for throttling a BDP is configuring BITS for the site and is only a straight kb per second limit.

For sites with more than 50 or so clients and you offer other services such as OSD, I'd recommend a secondary site, for less a BDP is good unless a really remote site that you wouldn't want to travel to twice for a workstation reimage.

The best way to make sure clients don't pull files over the WAN is to set up either the secondary or BDP as a protected site and choose as the boundary the subnet in question.  The clients, after checking into your primary/central site, will know to talk to the local DP once their policy gets updated.

You can add secondaries and BDPs at any point in the game, just make sure your boundaries don't overlap or things get all sorts of screwy and you gamble on what exactly happens during a deployment.

Hope that answers all your questions!
0
 

Author Comment

by:DonaldWilliams
ID: 34124445
I'm debating on whether or not to just make all my locations Secondary Sites as that seems to give me more flexability in the futer and more control with bandwidth. I just have a few more questions:

1) Can a secondary site be configured on a DC? Is there any conflict with things like DHCP, DNS, WINS etc?

2) What is the max number of clients a BDP can realistically support? Is there a specific "cutoff"?

3) Can you have a mixed environemnt; primary site, a couple secondary sites, and a couple BDP's? Would there be any "harm" in making even my small sites (>10 Pc's) secondary sites?

4) II we went with BDP; what about the rest of the network traffic that the agents generate? I'm really trying to minimize t he traffic that SCCM generates across my WAN. Am I safe in assumeing that secondary sites generate less traffic?

0
 
LVL 3

Accepted Solution

by:
socrates2012 earned 1000 total points
ID: 34124813
The big draw for a BDP is that you can use a power user's workstation as the point, not having to add extra hardware or buying an extra windows server license if none there.  Since you already have servers at each site secondaries would be a better option there IMHO too.

To answer your questions:

1) There are no conflicts putting a secondary site on a device with other roles.  If using as a DP there will be more disk I/O so if it is also that site's Home drive or is servicing a large database, may degrade performance.

2) You can have as many clients talking to a BDP as you want, there is one drawback to a BDP though.  There can only be 10 concurrent transfers going on at once.  All other clients will have to wait their turn for a connection to clear before getting their distribution.

3) Mixed environments is specifically what SCCM is good at.  No harm in making a small site a secondary, and many benefits as if you use the tools other than software distribution.

4) The only other traffic clients generate besides file transfers is policy updates and inventory updates.  By utilizing a secondary site and setting it up as a management point you make it the proxy to which all clients send inventory and retrieve policies from.  The secondary site will then, using the throttled data flow configured, send all the information to the primary.
0
10 Questions to Ask when Buying Backup Software

Choosing the right backup solution for your organization can be a daunting task. To make the selection process easier, ask solution providers these 10 key questions.

 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 1000 total points
ID: 34126364
The difference between secondary site & primary site is secondary site is very much like primary byt without sql database.

1) The benefit of Branch distribution point is it can be installed on the software,so creating a branch distribution point gives certain benefit like when pkg or update is pushed to client they are availbel to one system in the site which is configured as BDP & all the client in the site contact bdp to download the package. Else BDP doesn't provide any other benefits

If you install BDP on client the max client support is 10 but on server its 2000.
http://technet.microsoft.com/en-us/library/bb680869.aspx

2)  Secondary site can be configured but domain controller is not the server used for installing another role other than dc related to security & the role played with the dc, as all the request of clients process through secondary server in site for policy,inventory retrieval can overload the DC which can slow the login.

3) There is no harm in promoting small site as secondary site,but for secondary site you require a server & for 10 clients i don't think its wise.

4)  BDP will only acts a distribution point nothing else.

http://technet.microsoft.com/en-us/library/bb680853.aspx

You can make use of remote differential compression along with Bits to control traffic. I belive it requires proper planning.
You can use BranchCache which is new feature available with win7 & windows 2008 R2.
0
 

Author Closing Comment

by:DonaldWilliams
ID: 34155842
I'd like to thank you both for the valuable information. I also have a call in with Microsoft just to confirm a few things, but I think I have a decent handle on everything now.
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question