network sorts to provide failover to the backup Directory Servers. For information on setting up and using DNS round-robins or network sorts, refer to the DNS documentation.

6.3.7 Using replication for local availability

The necessity of replicating for local availability is determined by the quality of the network as well as the activities of the site. In addition, carefully consider the nature of the data contained in the directory service and the consequences to the enterprise if that data were to become temporarily unavailable. The more mission-critical the data, the less tolerant the system is of outages caused by poor network connections.

Use replication for local availability for the following reasons:To keep a local master copy of the data.

This is an important strategy for large, multinational enterprises that need to maintain directory information of interest only to the employees in a specific country. Having a local master copy of the data is also important to any enterprise where interoffice politics dictate that data be controlled at a divisional or organizational level.

To mitigate unreliable or intermittently available network connections.

Intermittent network connections can occur if there are unreliable WANs, as often occurs in international networks.

To offset periodic, extremely heavy network loads that may cause the performance of the directory service to be severely reduced.

Performance may also be affected in enterprises with aging networks, which may experience these conditions during normal business hours.

6.3.8Using replication for load balancingReplication can balance the load on the Directory Servers in several ways:By spreading the users' search activities across several servers.

By dedicating servers to read-only activities (writes occur only on the supplier server).

By dedicating special servers to specific tasks, such as supporting mail server activities.

Balancing the workload of the network is an important function performed by directory data replication. Whenever possible, move data to servers that can be accessed using a reasonably fast and reliable network connection. The most important considerations are the speed and reliability of the network connection between the server and the directory users.

Directory entries generally average around one kilobyte in size. Therefore, every directory lookup adds about one kilobyte to the network load. If the directory users perform ten directory lookups per day, then, for every directory user, there is an increased network load of around 10 kilobyte per day. If the site has a slow, heavily loaded, or unreliable WAN, then consider replicatinge the directory tree to a local server.

Also consider whether the benefit of locally available data is worth the cost of the increased network load caused by replication. If an entire directory tree is replicated to a remote site, for instance, that potentially adds a large strain on the network in comparison to the traffic caused by the users' directory lookups. This is especially true if the directory tree is changing frequently, yet there are only a few users at the remote site performing a few directory lookups per day.

Table 6-1 “Effects of replication and remote lookup on the network” compares the approximate cost of replicating a directory of one million entries, where 10% of those entries undergo daily change, with the cost of having a small remote site of 100 employees perform 10 lookups per day. In each case the average size of a directory entry is assumed to be 1Kb.

86 Designing the replication process