Active Directory  «Prev  Next»
Lesson 5Replication protocols
ObjectiveDefine site links and their role in replication.

Replication Protocols used with Active Directory

Site Links in Active Directory (AD) represent logical, reliable network connections between sites. They play a critical role in the replication process by defining the path along which replication traffic flows. Let's dive into a deeper explanation of Site Links and their role during Active Directory replication.
  1. Definition of Site Links: Site Links in Active Directory are used to represent the physical or logical network connections between different sites in an organization's network. These links are utilized by the Knowledge Consistency Checker (KCC) to generate the replication topology for Active Directory replication. Site Links are established within the Active Directory Sites and Services snap-in. Each Site Link contains two or more sites, with each site able to belong to multiple Site Links. The link can utilize either IP or SMTP as the transport protocol.
  2. Role of Site Links in Active Directory Replication: In Active Directory, replication is the process by which changes made to objects in one domain controller are synchronized with other domain controllers in the network. This is a vital mechanism for ensuring data consistency across the network.
    • Replication Path: Site Links play a crucial role in defining the path or route through which replication data is transferred between sites. The Active Directory replication topology is essentially a map of Site Links.
    • Cost Assignment: Each Site Link has an associated cost, which is an arbitrary number assigned by the administrator. The cost represents the relative efficiency or speed of the network connection between sites. Lower-cost links are favored over higher-cost links for replication traffic. The cost affects the choice of replication partners and the sequence of replication.
    • Replication Schedule and Frequency: Site Links allow you to control when replication occurs and how often. This can help to manage network traffic by scheduling replication during off-peak hours or reducing the replication frequency on slower network connections.
    • Inter-Site Topology Generator (ISTG): The ISTG, part of the KCC, uses Site Links to determine the most efficient route for replication traffic. It uses the cost of the Site Links to generate the least cost spanning tree for replication.
    • Failover and Redundancy: Multiple Site Links provide redundancy and failover options. If one Site Link fails, the KCC can use an alternate Site Link for replication.

By effectively managing Site Links, administrators can control the replication traffic flow, optimize network usage, and ensure data consistency and availability across multiple sites in an Active Directory environment. Careful planning and configuration of Site Links are crucial for an efficient, reliable, and resilient Active Directory replication strategy.


Role of Site Links in Active Directory with respect to Replication

Site links in Active Directory play a crucial role in the replication process by defining the paths or routes through which replication data is transferred between sites. They are used by the Knowledge Consistency Checker (KCC) to generate the most efficient replication topology, taking into account factors like the cost of the site links, which affects the choice of replication partners and the sequence of replication. The cost of site links can be adjusted to influence the KCC's decisions on the most efficient replication paths.
There are two protocols available for replication over site links: the Remote Procedure Call (RPC) over Internet Protocol (IP) and the Simple Mail Transfer Protocol (SMTP). RPC over IP is the default and preferred protocol for replication within a site, while SMTP can be used for replication between sites, especially when direct RPC-based connections are not feasible due to firewalls or other network restrictions. However, SMTP is more limited in functionality compared to RPC over IP and should be used judiciously.
Site links are configured in the Active Directory Sites and Services console, where administrators can create, modify, and delete site links, and adjust their properties, such as the cost and replication schedule. It is important to set up site links correctly to ensure efficient and timely replication of Active Directory changes across the network.
Active Directory requires a network protocol[1] for replication traffic. Within a single site, only one protocol is used for replication. In a multiple site structure, you must select a replication protocol for replication between sites.
  • Protocols for intrasite replication: Remote Procedure Call (RPC): Active Directory replication uses Remote Procedure Call (RPC) over IP for replication within a site. RPC is an industry standard protocol for client/server communications that is compatible with most types of networks. For replication within a site, RPC provides uniform, high-speed connectivity.
  • Protocols for Intersite Replication: RPC over IP or SMTP: When you configure replication between sites, you have a choice of replication protocol. You must choose between RPC over IP[2] or the Simple Mail Transfer Protocol (SMTP)[3]. A note about SMTP SMTP is used to send mail on the Internet. SMTP is a more reliable transport, but it requires more network overhead. Because we establish sites to conserve bandwidth, using SMTP defeats this purpose. The only good reason to use SMTP would be if you are experiencing dropped connections with RPC. SMTP has one restriction: you can use it only for replication between domain controllers in different domains. In most cases, choose RPC over IP for replication between sites. Active Directory Sites and Services labels the protocol for connections within a site as RCP and the protocol for connections between sites as IP. Both labels, however, mean that the connection uses RPC over IP. The only good reason to use SMTP would be if you are experiencing dropped connections with RPC.

The following series of images below describes the replication protocols for intra and inter-site replication.

Intrasite replication always uses the RPC protocol, without data compression
1) Intrasite replication always uses the RPC protocol, without data compression

Replication between site can use RPC over IP with data compression
2) Replication between site can use RPC over IP with data compression

Replication between sites can use SMTP with data compression.
3) Replication between sites can use SMTP with data compression.

SMTP is used to replicate configuration and global catalog information, but it cannot be used for replication between domain controllers that belong to the same domain. RPC should be used instead.
4) SMTP is used to replicate configuration and global catalog information, but it cannot be used for replication between domain controllers that belong to the same domain. RPC should be used instead.


In the next lesson, we will discuss the definition and roles of two additional objects that are available for replication: site links and site link bridges.
[1]network protocol: A network protocol is a set of established rules that govern how devices communicate over a network.
[2]RPC over IP: Remote Procedure Call is a message-passing facility that is used for remote administration of computers. It can run over the Internet Protocol
[3] SMTP: Simple Mail Transfer Protocol; a protocol often used for sending Internet mail, which can also be used for replication over site links in Active Directory.

SEMrush Software