Branch Office Infrastructure Design
During the design of a branch office infrastructure, your overall goal is to provide reliability for remote locations, regardless of the connectivity status back at the main data center. At the same time, you need to keep the management overhead of additional infrastructure to a minimum.
RODC, global catalog, and UGMC
RODCs are a primary means with which branch offices can achieve the goals of local service and data availability, without the burden of extra administrative overhead. Objective 5.2, “Design a domain controller strategy,” discussed several design considerations for both RODC and the global catalog.
In a multi-domain forest scenario, Universal Group Membership Caching (UGMC) prevents additional traffic from crossing the WAN for initial user logon. UGMC is deployed for branch offices in multi-domain forests that don’t have a local global catalog server at the branch office.
If a global catalog server is to be deployed, UGMC isn’t necessary.
DNS and DHCP
Domain Name System (DNS) servers should be placed with a domain controller, even an RODC. So when you deploy a domain controller for a branch office, you should also deploy the DNS service on that domain controller. The benefit of doing so means that the branch office can continue with DNS lookups, even if the link to the data center is unavailable.
For an RODC deployment, you should use primary read-only zone types. The RODC then copies all the application directory partitions, including the domain partition,ForestDNSZones, and DomainDNSZones. If the domain controller at the branch office isn’t an RODC, you can operate the DNS server in caching mode or as a secondary to the main DNS server, with the latter option being more complicated to initially configure.
You can also operate Dynamic Host Configuration Protocol (DHCP) on the same server with Active Directory, although the decision to do so rests largely with the amount of traffic and resource usage already on that domain controller, as well as the amount of administrative overhead incurred by implementing an additional server to handle DHCP traffic at a branch office. Three deployment options are available for DHCP at a branch office:
- Deployment with Active Directory and DNS
- Deployment with File and Print services
- Deployment with a networking server, such as Internet Security and Acceleration (ISA)
The decision to deploy a DHCP server rests on the need for availability at that location, along with the reliability and overhead for the WAN link between the branch office and the data center—essentially, the same set of decisions that go into deployment of any services for the branch office.
BranchCache helps reduce network traffic over WAN links by locally caching content accessed from the data center or cloud-based content. BranchCache operates in two modes: distributed cache mode disperses cached content among client computers, and hosted cache mode stores the cached content on a server at the branch office. The choice of cache mode becomes a central decision when designing a deployment with BranchCache.
Note: You should be familiar with the difference between hosted and distributed modes for the exam, including when to use each.
Hosted cache mode has the benefit of increased cache availability because the content cache doesn’t rely on whether a given client is online. With hosted cache mode, content also can be shared on multi-subnet branch offices, a scenario that isn’t possible with distributed cache mode. However, hosted cache mode requires deployment of a server for hosting the cache and therefore incurs additional administrative overhead.
The BranchCache feature needs to be installed on select web and application servers for content to be cached.
Follow these guidelines for determining which mode is appropriate for BranchCache in a given situation.
Use distributed cache mode when
- The branch office has fewer than 100 users and has no other servers deployed in the branch.
- The branch office has multiple subnets, each with fewer than 100 users per subnet.
Use hosted cache mode when
- The branch office has more than 100 users, either in a single subnet or multiple subnets.
- The branch office has other servers deployed on which BranchCache can be installed.