2008R2 Domain & Forest Functional Level; 30 sites; 1 hub the rest are spokes. Bridge all site Links = enabled; all DC's running Win2K8R2 SP1.
In my AD topology there is one hub site (the data center with multiple dc's) and the rest are branch sites with 2 domain controllers each. Bridge all Site Links in enabled and i want to leave it that way as 90% of my sites are connected via high speed, reliable MPLS WAN. Three of my AD sites are outside the U.S. and connected via VPN which is mostly stable but has had some stability issues in the past.
Each AD site has one site link object defined which contains only itself and the "hub" site (the data center)
The problem: In my sites connected via VPN, the KCC is creating replication partners with DC's in the other branch VPN sites instead of just with the dc's in the hub site.
As per
http://technet.microsoft.com/en-us/library/dd736189(v=ws.10).aspx, In these three VPN-connected branch AD sites, i've set the repadmin siteoption as such:
repadmin /siteoptions <dc name> /site:<sitename> +W2K3_BRIDGES_REQUIRED
My understanding is that this setting allows Bridge All Site Links to remain enabled at the InterSite Transports - IP level in AD S&S, but for the sites where its set as such, will force KCC to only set up replication partners with dc's contained within its
site link object. In my case, the only other site link object is the hub site itself.
Even odder is that, on dc's in each of the three branch sites, the KCC is not creating ANY replication links with DC's in the hub site ONLY with DC's in the other branch VPN sites-----the exact branch sites these DC's can't communicate with due to routing limitations. Because of this weirdness, i've had to manually create replication links with DC's in the hub site to maintain replication flow.
JKuta