Q142692: Minimizing WAN Traffic
Article: Q142692
Product(s): Microsoft Windows NT
Version(s): 3.51 SP5,4.0
Operating System(s):
Keyword(s): kbnetwork
Last Modified: 06-AUG-2002
-------------------------------------------------------------------------------
The information in this article applies to:
- Microsoft Windows NT Server versions 3.51 SP5, 4.0
-------------------------------------------------------------------------------
IMPORTANT: This article contains information about modifying the registry. Before you
modify the registry, make sure to back it up and make sure that you understand how to restore
the registry if a problem occurs. For information about how to back up, restore, and edit the
registry, click the following article number to view the article in the Microsoft Knowledge Base:
Q256986 Description of the Microsoft Windows Registry
SUMMARY
=======
This article lists the modifications that have to be made to your computers
deployed in a WAN environment, if you want to minimize the traffic over the
routers. This information applies only to Windows NT 4.0 and Windows NT 3.51
Service Pack 5.
This information can become very useful if, for example, you are using ISDN lines
rather than leased lines. When using ISDN, each frame sent across the ISDN line
may establish a new connection and, therefore, costs money. Thus, the operating
cost of your ISDN lines can become very high.
Because much of the traffic is generated by Windows NT domain controllers, this
traffic can be dramatically reduced using these modifications.
CAUTION: The parameter change included in this article has not been extensively
tested in large installations. Microsoft cannot guarantee that modification of
registry settings as recommended herein will accomplish the objective described
in this article under all circumstances and in all configurations.
MORE INFORMATION
================
WARNING: If you use Registry Editor incorrectly, you may cause serious problems
that may require you to reinstall your operating system. Microsoft cannot
guarantee that you can solve problems that result from using Registry Editor
incorrectly. Use Registry Editor at your own risk.
Assume that your Windows NT systems have been spread across several sites
interconnected by routers, and consider two typical cases:
- A single domain split into several LANs, with one backup domain controller
(BDC) on each LAN.
- Several domains with trust relationships.
This article includes a short description of the network frames that can Be
encountered in the absence of the modifications described later in the article.
The network traces were captured in a lab with the following configuration:
- Name of domain = DOMWAN
- Name of primary domain controller (PDC) = PDCWAN = 191.75.0.2 (on a separate
LAN)
- Name of backup domain controller (BDC) = BDCWAN = 191.76.0.2 (on a separate
LAN)
----- | | -----
| PDC |-----| |----| BDC | 191.76.0.2
| WAN | | | | WAN |
----- | ISDN | -----
191.75.0.2 |--- router <====> router ---|
| 191.75.0.1 191.76.0.1 |
The License Service May Generate Traffic Every 15 Minutes
---------------------------------------------------------
The License service performs licensing replication. Data moves from BDCs and
member servers to the PDCs, and then, optionally, from the PDCs to an enterprise
server, which maintains licensing information across the whole network.
This replication, by default, is performed one time every 24 hours. If, for some
reason, the BDC cannot connect to the license service on the PDC, the BDC will
continue to attempt replication one time every 15 minutes until it is
successful.
Reducing Exchange of Browse Lists
---------------------------------
Every MasterPeriodicity time interval (every 12 minutes, by default), the master
browsers, which are the BDCs, try to contact the domain master browser, the PDC,
to exchange their browse lists.
This parameter can be changed in the registry of all the BDCs:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters
Value : MasterPeriodicity DWORD <number in seconds>
Default : 720
To optimize the traffic on your WAN lines, increase the value above on all BDCs.
SAM Replication Between a PDC and Its BDCs
------------------------------------------
The SAM replication is controlled by Netlogon on the PDC. The following registry
value defines the typical pulse frequency (in seconds):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Value : Pulse REG_DWORD 60 to 172800 seconds (48 hours)
Default : 300
For additional information, click the article number below to view the article in
the Microsoft Knowledge Base:
Q150350 NetLogon Maximum Value of Pulse Should Exceed 3600
All SAM/LSA changes made within this time are bundled together. After this period
has elapsed, a pulse is sent to each BDC needing the changes. No pulse is sent
to a BDC that is up-to-date.
Increasing this value on the PDC reduces the number of replications between the
PDC and the BDCs. Nevertheless, the SAM changes are propagated less quickly from
the PDC to the BDCs. You must choose a balance between infrequent replication
that may increase the number of connections to a PDC to validate changed
passwords and frequent replication that may generate excessive ISDN traffic.
The Netlogon PulseMaximum parameter has to be changed:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Value : PulseMaximum REG_DWORD 60 to 172800 seconds (48 hours)
It defines the maximum pulse frequency (in seconds). Every BDC will be sent at
least one pulse at this frequency, whether its database is current or not.
NOTE: The replication takes place immediately if a change is made in LSA secrets,
for example, when adding a workstation to the domain or changing trusts
relationships.
Close of SMB Connections
------------------------
The following value specifies the maximum amount of time that a connection can be
left dormant:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
Value : KeepConn REG_DWORD 1 to 65535 seconds
Default : 600 (10 minutes)
In a WAN environment, it is preferable to lower this value to 10 seconds on all
the servers and the workstations, so that a new ISDN connection is not
established just because of a SMB connection close.
Changing KeepConn may generate significant SMB overhead. As connections are
closed very quickly, each new connection implies the establishment of a new SMB
connection.
NetBIOS Name Resolution Mode
----------------------------
When you use a domain spanning into multiple sites, the NetBIOS name resolution
mode should be set to m-node (broadcasts followed by name server) on all servers
and workstations.
This setting ensures that a local (for example, on the same subnet) domain
controller is always contacted first (for example, before trying to contact the
PDC).
On Windows NT systems, the NetBIOS name resolution mode can be set to m-node with
the modification of the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBt\Parameters
Value : NodeType REG_DWORD 4 (4 is for M-NODE)
Trusts Relationships
--------------------
Under certain circumstances, it is possible for 2 PDCs of 2 domains with a trust
relationship to generate traffic every 15 minutes. For additional information,
click the article numbers below to view the articles in the Microsoft Knowledge
Base:
Q152719 WAN and Trust: Traffic on the Wire
Q154355 How to Tune Trusts for Dialup Routers in a WAN
The following parameter defines the time interval during which Netlogon does
miscellaneous work (on the PDC and on the BDCs), for example, finding a domain
controller.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Value : ScavengeInterval REG_DWORD 60 to 172800 seconds (48 hours)
Default : 900 (15 minutes)
Other Services That Generate Traffic
------------------------------------
Check out the configuration of your WINS database renewal interval, and the
replicator service as well.
The replicator service may be modified as follows:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Replicator\Parameters
Value : Interval REG_DWORD 60 (minutes)
Default : 5 (minutes)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Replicator\Parameters
Value : Pulse REG_DWORD 6 (6 * 60 minutes = 6 hours)
Default : 3
For additional information about how to modify WINS settings, click the article
numbers below to view the articles in the Microsoft Knowledge Base:
Q142305 Min. and Max. Interval Values for WINS Configuration
Q135922 Windows NT Registry Parameters for WINS
Additional query words:
======================================================================
Keywords : kbnetwork
Technology : kbWinNTsearch kbWinNT351search kbWinNT400search kbWinNTSsearch kbWinNTS400search kbWinNTS400 kbWinNTS351search kbWinNTS351sp5
Version : :3.51 SP5,4.0
Issue type : kbinfo
=============================================================================
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Copyright Microsoft Corporation 1986-2002.