MPLS has been implemeted in our environment and i'm looking to change our AD sites and services to match the changes. We are currently running a hub and spoke design but MPLS changes everything. I'm hoping someone can send me some suggestions or a link that would help with designing AD Sites and Services with MPLS.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
AD Sites and Services and MPLS
- Thread starter olara00
- Start date
We are on an MPLS network as well and I cannot think of anything that would dictate a change in design away from geography.
We were originally on a point to point T1 network and sites were based on geography. We moved to a MPLS network and that did nothing to my geography, so nothing needed to change.
What "changes" happened to your organization that you think would be better from a change?
We were originally on a point to point T1 network and sites were based on geography. We moved to a MPLS network and that did nothing to my geography, so nothing needed to change.
What "changes" happened to your organization that you think would be better from a change?
- Thread starter
- #3
From my understanding because of the MPLS cloud, all WAN links are redundant, meaning that if one WAN link goes down, other sites will be able to communicate with each other. Sites should match your WAN diagram, so I'm wondering if the design should match the redundancy. With the hub and spoke design, if the hub WAN link were to go down, the rest of the sites would not be able to communicate with each other. I'm comtemplating wethere the hub and spoke design is the optimal choice for us now.
This is from Micrsoft's technet site:
"The KCC, a process running on each domain controller, automatically identifies the most efficient replication topology for your network, based on information you provide about your network in Active Directory Sites and Services. The KCC regularly recalculates the replication topology to adjust for any network changes that have occurred. The KCC of one domain controller within each site (the intersite topology generator) determines the intersite replication topology."
This takes place automatically and is independent of what happens behind the scenes at your WAN provider.
So think of it this way. Unless you have two circuits from two different carriers coming into your building from two completely different paths, your redundancy from your carrier is that of failover in their network, not physically yours in a sense. Server A communicating with Server B and Server C won't know that the carrier had a router go out 100 miles away since they failed over internally to an alternate router or different path. That's not AD's responsibility to keep up with the carriers internal issues.
Even if you did have an MPLS network and a DSL/Cable VPN network as a failover, it's your routing/firewall equipment that would make the best choice based on routing protocols on how to get to alternate paths.
That's not to say you can't make manual changes and add additional site links, but I've found it's less headache to just let Microsoft do it automatically.
"The KCC, a process running on each domain controller, automatically identifies the most efficient replication topology for your network, based on information you provide about your network in Active Directory Sites and Services. The KCC regularly recalculates the replication topology to adjust for any network changes that have occurred. The KCC of one domain controller within each site (the intersite topology generator) determines the intersite replication topology."
This takes place automatically and is independent of what happens behind the scenes at your WAN provider.
So think of it this way. Unless you have two circuits from two different carriers coming into your building from two completely different paths, your redundancy from your carrier is that of failover in their network, not physically yours in a sense. Server A communicating with Server B and Server C won't know that the carrier had a router go out 100 miles away since they failed over internally to an alternate router or different path. That's not AD's responsibility to keep up with the carriers internal issues.
Even if you did have an MPLS network and a DSL/Cable VPN network as a failover, it's your routing/firewall equipment that would make the best choice based on routing protocols on how to get to alternate paths.
That's not to say you can't make manual changes and add additional site links, but I've found it's less headache to just let Microsoft do it automatically.
- Status
Similar threads
