[Samba] Testing replication between 4 DCs
cn at brain-biotech.de
cn at brain-biotech.de
Wed Nov 23 19:48:24 UTC 2022
About samba always using a "full mesh". Read the changelog of samba 4.5:
" KCC improvements for sparse network replication
The Samba KCC will now be the default knowledge consistency checker in Samba AD. Instead of using full mesh replication between every DC, the KCC will set up connections to optimize replication latency and cost (using site links to calculate the routes). This change should allow larger domains to function significantly better in terms of replication traffic and the time spent performing DRS replication"
Taken from here:
https://wiki.samba.org/index.php/Samba_4.5_Features_added/changed#KCC_improvements_for_sparse_network_replication
Regards
Christian
Am 23. November 2022 20:10:26 MEZ schrieb Michael Tokarev via samba <samba at lists.samba.org>:
>23.11.2022 20:02, Rowland Penny via samba wrote:
>> On 23/11/2022 16:04, Michael Tokarev via samba wrote:
>>
>>> Are you sure DC3 and DC4 *have* to replicate between each other?
>>
>> Yes, all DC's have to replicate to all other DC's
>>
>>> I'm new to this stuff, but I had to add extra links
>>
>> You shouldn't have to, Samba should add them for you.
>
>Does it add all to all links, ie, one link with two DCs,
>3 links with 3 DCs, 6 links with 4 DCs and so on (hopefully
>I counted it correctly), so every DC is connected to every
>other DC (provided everything is on the same site)?
>
>>> (how is that,
>>> NTDS? I forgot) between two out of 3 DCs here in order to enable
>>> replication between them. In "Sites and Subnets" snap, under each
>>> DC, there's one more level with the links. Some links are created
>>> automatically, some have to be created explicitly. I don't know
>>> if that's how it is supposed to work, but this is what I've seen
>>> when doing experiments here.
>>
>> You seem to be having problems, oh yes, aren't you the person using unbound ?
>
>Yeah, I did have problems. For example, Windows explorer crashes
>when opening "Security" tab of a file located on a DC. Is it due
>to unbound, are you sure?
>
>The rest was no problem, just minor annoyances. For example, user IDs
>were different on different servers because I didn't copy idmap.tdb,
>and bug in samba-tool ntacl sysvolcheck vs sysvolreset. Is this due
>to unbound too?
>
>SPN must be unique, - I didn't know this. Is it due to unbound?
>
>..
>>> - I'd
>>> avoid this one because of a very simple reason: if replication to
>>> this DC doesn't work for some reason, DNS replication doesn't work
>>> too, so it wont see new names in the net (which might be required
>>> for the replication to work). This is one of the reasons I don't
>>> use samba-provided DNS,
>>
>> No, that is one of the reasons you are having problems with replication.
>
>Which problems? I don't know problems I have with replication.
>So far, replication works here fine, multiple sities, multiple
>DCs in each. Changes are propagated to all the network quite
>rapidly.
>
>>> - to keep it simple and avoid such sort
>>> of issues. DNS is already well set up with replication and
>>> reservation to ensure it is always working. YMMV.
>>
>> It does, my domain works.
>
>What it and what it does? The fact that your domain work - this
>is excellent. My domain works too, quite well. This too is
>excellent.
>
>/mjt
>
--
Dr. Christian Naumer
Vice President
Unit Head Bioprocess Development
BRAIN Biotech AG
Darmstaedter Str. 34-36
64673 Zwingenberg, Germany
T: +49 6251 9331-30
F: +49 6251 9331-11
cn at brain-biotech.com
www.brain-biotech.com
Sitz der Gesellschaft: Zwingenberg | Bergstrasse
Registergericht AG Darmstadt | HRB 24758
Vorstand: Adriaan Moelker (Vorstandsvorsitzender) | Michael Schneiders
Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
More information about the samba
mailing list