| Author |
 Topic  |
|
|
Pesos
Honorable But Hopeless Addict
USA
3518 Posts
Status: offline |
 Posted - 05/16/2012 : 3:05:41 PM
|
Setting up a multi-site active directory and trying to figure out the best way to configure the site links - things aren't behaving the way I would expect.
We have a west coast datacenter, and an east coast one. We then have a few east coast branches and a few west coast branches. All sites have connectivity back to the west coast datacenter because that is where the KMS server lives. West coast branches only have connectivity back to the west coast datacenter.
What I would like to set up is that the datacenters have links to each other, and the branch sites have links to their respective coastal datacenter. So I created a site link for each branch site with only that site and its coastal datacenter in the link. I then created a link with only the two datacenter sites in it. I then removed the default sitelink.
All links are set to 100 for cost and 15 minute interval. is this the best way to achieve my desired configuration? Thanks!
|
-Wes |
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/17/2012 : 10:38:12 AM
|
> So I created a site link for each branch site with only that site and its coastal datacenter in the link
Good. two sites per sitelink, that's best practice.
> things aren't behaving the way I would expect.
What did you expect, and what is happening? |
Make it as simple as you can, but not simpler -- Albert Einstein |
 |
|
|
Pesos
Honorable But Hopeless Addict
USA
3518 Posts
Status: offline |
Posted - 05/17/2012 : 3:16:54 PM
|
The links have built a godawful mess, like this... |
-Wes |
Edited by - Pesos on 05/17/2012 3:17:40 PM |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3518 Posts
Status: offline |
Posted - 05/17/2012 : 3:23:10 PM
|
| it's also generating connections between sites that don't have a site link between them. |
-Wes |
|
|
|
chamezzzz
Honorable But Hopeless Addict
United Kingdom
2301 Posts
Status: offline |
Posted - 05/17/2012 : 4:01:48 PM
|
Wes,
Why did you remove the default sitelink?
is this a best practice or was there an article you followed?
Have you been through this document? (apols in advance if stating the obvious)
http://technet.microsoft.com/en-us/library/cc731170
|
James |
Edited by - chamezzzz on 05/17/2012 4:02:13 PM |
|
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/17/2012 : 4:10:51 PM
|
| taking the default-first-site-link out of the picture is not a problem, as long as the remaining sitelinks take care of all site connectivity. No, there is something else here that is very interesting: there are duplicate connection object. That, and the fact that connection objects connect all over the place means that the KCC has trouble establishing valid connection agreements. In other words, network problems. My money is on either your routing or firewalling having a problem. |
Make it as simple as you can, but not simpler -- Albert Einstein |
|
|
|
chamezzzz
Honorable But Hopeless Addict
United Kingdom
2301 Posts
Status: offline |
Posted - 05/17/2012 : 4:32:26 PM
|
Nice Willem.
I have a much smaller set up than Wes. Main office, Branch, Data Center. I have been taught/advised, because I have good bandwidth to just define my subnets and leave everything under the default-site.
All has been working well.
Are there any problems with this approach Willem?
|
James |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3518 Posts
Status: offline |
Posted - 05/17/2012 : 4:33:06 PM
|
| Connectivity isn't an issue between all sites that have links to each other... Pings are consistent and firewalls aren't blocking anything... Hmm |
-Wes |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3518 Posts
Status: offline |
Posted - 05/17/2012 : 4:33:53 PM
|
| No problem james bc you have connectivity between all sites... We don't |
-Wes |
|
|
|
chamezzzz
Honorable But Hopeless Addict
United Kingdom
2301 Posts
Status: offline |
Posted - 05/17/2012 : 4:36:18 PM
|
| Yes..sorry to divert the subject, hope you get this fixed Wes. |
James |
|
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/18/2012 : 02:42:50 AM
|
quote:
Originally posted by Pesos
Connectivity isn't an issue between all sites that have links to each other... Pings are consistent and firewalls aren't blocking anything... Hmm
Still, this configuration strongly suggests connectivity problems to me, so I want to follow up on it. Can you please check the Directory Services eventlog, especially those with the ISTG roles? You can find those using: repadmin /istg. If there are connectivity problems, you will have probably have messages from the KCC to that effect.
Note that I'm not saying that you have problems all the time. They could well be transient. The KCC will look for replication failures, and if they occur it will generate CO's to new DC's until it succeeds in finding one that will replicate. The other CO's will stick around for a while, which is what we are seeing.
Can we try some other diagnostics?
- repadmin /replsum
- on the ISTG's: dcdiag
Assuming you find data supporting the connectivity hypothesis, we need to think about possible sources. Firewall, Intrusion Detection, teaming software on DC's, bad cable/port/switch, ... |
Make it as simple as you can, but not simpler -- Albert Einstein |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3518 Posts
Status: offline |
Posted - 05/18/2012 : 11:45:32 AM
|
| Ya something strange was definitely going on. Back from vacation now and had a chance to reboot all DCs and force KCC check - it seems to be all good now... |
-Wes |
|
|
| |
Topic |
|
site links and costs
