Boudnary Settign SCCM 2012 R2 SP1

I  am using SCCM 2012 R2 SP1
I have parent AD site where the IP subnet is X.X.0.0
I have 13 child AD sites under the parent AD site
When i configure AD sites boundary in SCCM, all other 13 location (WAN Connected) tries to connect the parent server and download the content from parent server if local server not available for any reason

I do know local subnets and configured subnet boundary in SCCM, Now
Some systems will get the IP X.X.X.X and subnet will be X.X.0.0 - which is configured at parent AD where as local boundary will be X.X.X.0

1. how to make sure SCCM does not pick the Subnet ID from AD when it has configured to local subnets? or
2. how to make sure configure the AD sites as boundary but clients will not download the content from parent server at any point of time
Nagesh A SSCCM AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Without knowing a little bit more about the architecture of your environment it is hard to know what might be causing this issue.

I am assuming that you have a primary site configure as a management point. Are your secondary sites configured as management points as well or simply distribution points? One thing to ensure is that the following option is unselected on the properties page of each of your servers with the distribution point role installed:

The next thing to double-check is the following:

Assuming you have only central Management Point and site server's with the distribution point role at your secondary sites ensure that you create Boundary Groups for each of your sites for the purposes of assigning distribution points at each site boundary to its respective boundary group. Create one Boundary Group for site assignment only and add all of your distribution points to it.

By doing the above you ensure that your distribution points only look at the local distribution server for content, but look at the central management point for site assignment

Hope this helps

Let me know if you have any questions or require a further description.
Nagesh A SSCCM AdministratorAuthor Commented:
let me explain more about my infra

i have one PRI server and 10 Sec server 4 DPs
10 sec server also DPs
I have 14 locations which are connected over the WAN to PRI server.
Sub net boundary group has configured for all 14 locations (10sec+4 dp)
Secondary site code is given for site assignment for the location and content server also location server.
For example

Primary server =PRISRV=PRI
Secondary server -1 = SECSRV1=XYZ
Secondary server -2 =SECSRV2=ABC

Boundary one = x.x.x.0
Boundary two =x.x.1.0
Boundary three =x.x.2.0
Boundary four =x.x.3.0

Boundary Group
Boundary one and two for Site XYZ & content location SECSRV1 - connected at location one
Boundary three and four for site ABC & Content location SECSRV2 - connected at location two

Both location connected with MPLS

There is AD site which has the sub net x.x.0.0 (All above sub nets comes with in this sub net, but not in same location)

Some clients get authenticated at AD site where sub net configured as x.x.0.0 and belongs to the same sub net (if you see above - no boundary created as x.x.0.0 in the sccm). hence client will not assigned to the site

Let us say
I configure x.x.0.0 to any of the site - then client which belongs to that sub net picks the content from any of the DPs because all these DPs are in the same sub nets and which will load the MPLS
Nagesh A SSCCM AdministratorAuthor Commented:
Fallback source is not enabled in my infrastructure
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Mike TLeading EngineerCommented:

Subnetting in SCCM is notoriously fraught for not behaving how you expect because it only calculates the subnet once. Search "subnets are evil" for more info from Garth Jones a top MVP.

I would seriously consider switching to IP ranges instead given the problems you are seeing. Subnets can be used, but just with great care and in specific environments. It sounds to me like your environment may be happier with IP ranges.

Nagesh A SSCCM AdministratorAuthor Commented:
I read that configuring IP Range boundary will increase the load on Database server and reduce the database performance, Is this true?
Mike TLeading EngineerCommented:

From TechNet:

When designing your boundary strategy, we recommend you use boundaries that are based on Active Directory sites before using other boundary types. Where boundaries based on Active Directory sites are not an option, then use IP subnet or IPv6 boundaries. If none of these options are available to you, then leverage IP address range boundaries. This is because the site evaluates boundary members periodically, and the query required to assess members of an IP address range requires a substantially larger use of SQL Server resources than queries that assess members of other boundary types.

In short:

1. Use AD sites

2. Use IP subnets

3. Use IP ranges

However, as often happens in real world applications, option 1 rarely works because your AD site is in a mess and will just make a bigger mess in SCCM. IP subnets is then the next choice, but again, owing to the physical/logical network topology you have machines and whole buildings disappear from the console, which leaves the only option to be IP ranges.

I do understand there is a higher SQL load, but then that's what the server is there to do: serve. You can easily frame this as a business justification for upping the RAM and disk on the SQL box if you find it lagging. The only way to quantify that though is to run some baseline monitoring to establish what "normal" looks like and then go from there.

You do need to know what the everyday performance profile of your CM SQL is, to know when it's under stress generally. Someone new to reports may for example run a badly designed software reporting that can hammer the system into the ground, and you won't know why. That's a good reason to offload the reporting role to a separate server entirely.

A good example of how to monitor is here:

There is a whole discussion on this subject here:

which I recommend you read if you haven't already.

I guess the real answer, is how big your environment is, how many boundaries you need, and then how expensive the result is to SQL.  I expect a smallish site (<5000 clients) with 15 boundaries to be handled fine by a standard sized SQL box.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.