Replication Across A Wide-Area Network - Red Hat DIRECTORY SERVER 7.1 - DEPLOYMENT Deployment Manual

Defining a Replication Strategy
• Where the consumer server is connected via a slow network, excluding
infrequently changed attributes or larger attributes such as
in less network traffic.
• Where the consumer server is placed on an untrusted network such as the
public Internet, excluding sensitive attributes such as telephone numbers
provides an extra level of protection that guarantees no access to those
attributes even if the server s access control measures are defeated or the
machine is compromised by an attacker.
Fractional replication can only be done where the consumer is a read-only replica
(dedicated consumer). This condition is enforced at the time the supplier server
initiates a replication connection to the consumer, not at the time the agreement is
created. Therefore, be aware that it is possible to create a fractional replication
agreement on a supplier that will fail later when the supplier actually attempts to
contact the consumer. This failure will be logged in the supplier s error log.

Replication across a Wide-Area Network

Directory Server version 7.1 and later support efficient replication when a
supplier and consumer are connected via a wide-area network. Wide-area
networks typically have higher latency, higher bandwidth delay product, and
lower speeds than local area networks.
In previous versions of Directory Server, the replication protocols used to
transmit entries and updates between suppliers and consumers were highly
latency-sensitive because the supplier would send only one update operation and
then wait for a response from the consumer. This led to reduced throughput with
higher latencies. For example, on a typical USA coast-to-coast connection with
100ms round trip time, replication updates would be sent no faster than 10 per
second.
Now, the supplier sends many updates and entries to the consumer without
waiting for a response. Thus, on a network with high latency, many replication
operations can be in transit on the network, and replication throughput is similar
to that which can be achieved on a local area network.
When a current Directory Server supplier detects that it is connected to another
supplier running an older release, it falls back to the old replication mechanism
for compatibility. Thus, it is necessary to have both your supplier and consumer
servers running version 7.1 or later in order to achieve the benefits of the new
latency-insensitive replication.
128 Red Hat Directory Server Deployment Guide • May 2005
results
jpegPhoto