AD site boundary vs IP address range boundary

I'm running AD Forest Discovery and there is a option to automatically create AD site and IP address range boundaries. What really is the difference between these two? We have well maintained AD and IP subnets are up to date always so should I onlu use AD sites boundaries? Will AD site boundaries work with machines that are not yet domain joined (OSD)? If not then I choose to use IP ranges..

January 22nd, 2014 4:05am

It depends. Often, AD sites aren't granular enough or don't accurately reflect the network infrastructure and/or actual physical locations to divide traffic among the various DPs (from the clients).

Workgroup machines or machines from untrusted forests/domains also throw a monkey wrench into the use of AD Sites.

I generally always choose to use IP Address ranges because they are crystal clear and have no ambiguity or functionality caveats. The one caveat though is they they have quite a bit more overhead than the other boundary types. Thus, if you are going to end up with thousands of IP Address boundaries, you will have a large perf hit on your SQL instance.

Free Windows Admin Tool Kit Click here and download it now
January 22nd, 2014 10:24am

Thanks Jason!

This is small network with only about 600 clients so I will choose the IP address ranges. I think the SQL overhead doesn't really matter in this situation.

January 22nd, 2014 11:16am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics