+ Post New Thread
Results 1 to 11 of 11
Windows Server 2008 R2 Thread, RODC's in Technical; Right! A biggie this morning. The Plan! We are taking on board another building which is five miles away in ...
  1. #1
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83

    RODC's

    Right! A biggie this morning.

    The Plan!

    We are taking on board another building which is five miles away in the city, it doesnt sound alot BUT herein lies our problem!

    The way the bosses want it to work is they want to be able to replicate this network at the other building IE they want to be able to take A PC and plug in and log on, problem is we will be doing a direct connection through IPSec Tunneling simply because we are going through the local ISP to get to this network in the main building (this building). So Am I right in thinking that if I put an RODC at the new building it will be a lot easier for me to setup and it will work just like being plugged in directly to the network here for logging on, all the shares will still be accessible no problem but with logging on over a 10 meg line it'll take ages having to send the traffic all the way here and back again so with having an RODC at the other end it will cache everything and speed up logins ?? and also what about my Exchange will that be ok tunneling through IPSec or would we be better off putting a second RODC running Exchange at the other building ?

    Thanks everyone - I've been thinking about it all weekend and it's the only way I can think how do set it up.

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,239
    Thank Post
    882
    Thanked 2,742 Times in 2,316 Posts
    Blog Entries
    11
    Rep Power
    784
    RODC plus branch cache should make this work with an always on VPN/IPSec tunnel between the sites.

  3. Thanks to SYNACK from:

    cpjitservices (3rd October 2011)

  4. #3
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    Yeah we are etting up an always on tunnel between the sites - never heard of branch cache ?

  5. #4
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    How would Exchange 2010 work ?? would it be ok to leave the server here and use over the Tunnel ?

    There will be the same amount of users at the remote site as there are here, we will only have one 10 Meg line although it'll be able 6 meg.

  6. #5

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,239
    Thank Post
    882
    Thanked 2,742 Times in 2,316 Posts
    Blog Entries
    11
    Rep Power
    784
    Branch cache is a service offered in Windows 7 and 2008 R2 that sits in the middle between your hosts and a heavily contested network resource. It will cache stuff that is requested from a remote resource locally and then any time a station tries to access that file it checks to see if it has changed on the remote server and if not serves it locally. I think it also does block level changes but I can't remember.

    Windows Server | BranchCache | Remote Office Performance

    BranchCache

  7. Thanks to SYNACK from:

    cpjitservices (3rd October 2011)

  8. #6

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,239
    Thank Post
    882
    Thanked 2,742 Times in 2,316 Posts
    Blog Entries
    11
    Rep Power
    784
    As to exchange it depends on how heavy the usage is with large files etc, I don't imagine it would be any worse than the comparitive fluffy cloud nonsence so you should be alright.

    If you are also pulling internet traffic via the primary site then I'd suggest putting in another cache server in at the remote site to deal with internet traffic like ISA/TMG this will allow for easy setup of the tunnel and also further lower/optimise the traffic over the remote link. ISA/TMG will need its own server or 2008 SP2 VM though (it has issues on 2008 r2).

  9. Thanks to SYNACK from:

    cpjitservices (3rd October 2011)

  10. #7
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    Thanks Synack I just read about that and it looks good, so I'm going to look at implementing that but at the same time I have just read that Exchange doesn't support RODC or ROGC.

    So it looks like the Exchange server here will have to be accessible over the Tunnel and as-long as it doesn't get hammered we should be ok, but I'm thinking it will do.

  11. #8
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    Ahh I see, the Internet traffic will be coming into the site via a different line to the network, that way the network wont be as congested over the same line to the internet.

  12. #9
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    We are using a pfsense box at the remote site like we do here to load balance and firewall the network, this will also be running the IPSec Tunnel.

  13. #10

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,239
    Thank Post
    882
    Thanked 2,742 Times in 2,316 Posts
    Blog Entries
    11
    Rep Power
    784
    In which case if the links are seporate and the main link back to the primary site becomes cogested you could easily make outlook + webmail connect via the internet link instead over SSL which will take some of the load off. It would just be a case of getting the settings right and possible changing DNS at the remote site.

  14. Thanks to SYNACK from:

    cpjitservices (3rd October 2011)

  15. #11
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,528
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    we do have OWA running but but the bosses wont use it!

    I may have to dedicate one link just for outlook / exchange.

SHARE:
+ Post New Thread

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •