Planning Site Boundaries

Creating site boundaries enables an administrator to control workstation logons and replication throughout a business. When planning and defining the site boundaries, your main focus should be on the physical topology of the network. At this point, you should refer to the diagram you created when performing an assessment of WAN links and available bandwidth.

When planning site boundaries, use the following guidelines:

• Define an IP subnet in Active Directory or physical IP subnet in the enterprise network.

• Create a site for each group of IP subnets connected by fast, available, and reliable links.

• For a network compromised of a single LAN, a single site is usually sufficient.

• Create a separate site for those IP subnets connected by slow, unreliable, and heavily used links.

• For any sites that do not have a domain controller located in them, consider merging them with another nearby site.

These are just some basic guidelines to follow when determining how many sites to create. As you'll see in the next section, in some instances these guidelines will not be appropriate.

Managing Replication

Even though IP subnets should typically be grouped together into one site, sometimes you'll need to do just the opposite to manage replication.

In a site, a process called the Knowledge Consistency Checker (KCC) is responsible for generating a replication topology. The KCC ensures that two replication paths always exist between domain controllers in a site (this way, if one link is unavailable, the other can be used). The KCC also creates extra connections between domain controllers so that updates between them are never more than three hops away.

With this in mind, you can imagine how many replication paths would exist in a single site with a large number of domain controllers. For example, if an organization maintains a central headquarters, 20 “30 domain controllers could exist in a single site. Even though the entire network is well connected, and your first instinct might be to create one site, the intrasite replication topology becomes very complicated and more replication traffic is generated. Remember that in a site, enough connections are automatically created to ensure that two domain controllers are never three hops away. In a situation such as this, the headquarters could be divided into multiple sites to create a more manageable replication topology.

Sometimes the rule can be broken the other way to manage replication. If a company has one large office along with two satellite offices linked by a 1.5Mbps T1 line, you would normally create three separate sites. However, there might be business reasons that dictate that only one site should be created, such as faster replication. If it is critical that all three offices have up-to-date Active Directory information, the three offices can be grouped into one site. You might even try this with lines as slow as 256Kbps, although this is not recommended.