Troubleshooting Active Directory Replication - Page 2

Troubleshooting Poor Performance

There are other causes of slow replication besides a poor choice for a bridgehead server. Many times, the effects are felt in the form of poor Active Directory performance. For example, client requests may be extremely slow. In this section I'll discuss some problems that are ultimately related to Active Directory replication performance, along with the solutions to such problems.

A poorly designed site link structure can lead to slow replication. If all your sites are connected to each other by site links, replication will usually work. However, this may not be the best arrangement. Depending on the layout of your physical network and your site structure, it may be much more effective to create separate site link bridges between some of the sites you're replicating. Doing so will provide the replication traffic with a more direct path to follow. For more information on site link bridges, check out Part 3 of this series ( Building Site Link Bridges ).

"Depending on the layout of your physical network and your site structure, it may be much more effective to create separate site link bridges between some of the sites you're replicating. "

Other problems can be caused when replication-related network traffic consumes far too much network bandwidth. This problem can cause a wide variety of problems, including failed client requests. One solution is to isolate the replication traffic by placing a second network card into each bridgehead server and using an isolated network segment to connect the bridgehead servers. Remember that Windows 2000 allows you to set a cost for each network connection; therefore, you could set a very low cost for the isolated segment and a higher cost for the existing segment. By doing so, Windows 2000 will begin to use the isolated segment for all replication traffic. However, if the isolated segment fails, Windows will reroute the traffic onto the segment with the next highest cost. In this case, that would be the currently existing segment.

Many times, the only possible connection between bridgehead servers is a slow WAN link. In these cases, adding an isolated connection is impossible. Instead, you can reorganize your site structure or your replication schedule. Remember that the whole reason for dividing your network into sites in the first place was to reduce replication traffic. If it's been a while since you established your site configuration, you might go back and look at how it was set up. Perhaps a more effective layout would reduce replication traffic. Even if your sites are optimally arranged, you can always change your replication schedule. For example, if you're replicating between sites every half hour, maybe you could replicate every hour, instead.

Another issue you may encounter is that some clients experience very slow responses when making Active Directory requests. If this is the case, they may be linked to an inappropriate site or domain controller. For example, suppose you have a group of 20 clients at a warehouse down the street. Now, suppose the warehouse is connected to the main office by a T1 line. Although such a connection may have initially been enough to support a limited number of clients, it's much more effective to create a new site at the warehouse so that the clients have a local server with its own copy of the Active Directory. Now, when a client needs to make an Active Directory request, it can do so at the local level rather than having to send the request and the response both across a slow WAN link. After the creation of the new site, the only Active Directory requests sent across the slow link are replication updates. This is a very effective arrangement because the server used to create the new site only needs to be powerful enough to handle basic Active Directory tasks. So, your investment in new hardware could be minimal, should you have budget constraints. For that matter, you could even recycle an old PC as the server.