Minimizing WAN Traffic

ID: Q142692

The information in this article applies to:
  • Microsoft Windows NT Server version 3.51 Service Pack 5
  • Microsoft Windows NT Server version 4.0
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information on how to do this, view the "Restoring the Registry" online Help topic in Regedit.exe or the "Restoring a Registry Key" online Help topic in Regedt32.exe.

SUMMARY

This article lists the modifications that have to be made to your computers deployed in a WAN environment, if you want to minimize the traffic over the routers. This information applies only to Windows NT 4.0 and Windows NT 3.51 Service Pack 5.

This information can become very useful if, for example, you are using ISDN lines rather than leased lines. When using ISDN, each frame sent across the ISDN line may establish a new connection and, therefore, costs money. Thus, the operating cost of your ISDN lines can become very high.

Because much of the traffic is generated by Windows NT domain controllers, this traffic can be dramatically reduced using these modifications.

CAUTION: The parameter change included in this article has not been extensively tested in large installations. Microsoft cannot guarantee that modification of registry settings as recommended herein will accomplish the objective described in this article under all circumstances and in all configurations.


MORE INFORMATION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

Assume that your Windows NT systems have been spread across several sites interconnected by routers, and consider two typical cases:

  • A single domain split into several LANs, with one backup domain controller (BDC) on each LAN.


  • Several domains with trust relationships.


This article includes a short description of the network frames that can Be encountered in the absence of the modifications described later in the article. The network traces were captured in a lab with the following configuration:
  • Name of domain = DOMWAN


  • Name of primary domain controller (PDC) = PDCWAN = 191.75.0.2 (on a separate LAN)


  • Name of backup domain controller (BDC) = BDCWAN = 191.76.0.2 (on a separate LAN) 
    
    -----      |                            |     -----
   | PDC |-----|                            |----| BDC | 191.76.0.2
   | WAN |     |                            |    | WAN |
    -----      |            ISDN            |     -----
   191.75.0.2  |--- router <====> router ---|
               |  191.75.0.1     191.76.0.1 |


The License Service May Generate Traffic Every 15 Minutes



The license service performs licensing replication. Data moves from BDCs and member servers to the PDCs, and then, optionally, from the PDCs to an enterprise server, which maintains licensing information across the whole network.

This replication, by default, is performed one time every 24 hours. If, for some reason, the BDC cannot connect to the license service on the PDC, the BDC will continue to attempt replication one time every 15 minutes until it is successful.

Reducing Exchange of Browse Lists



Every MasterPeriodicity time interval (every 12 minutes, by default), the master browsers, which are the BDCs, try to contact the domain master browser, the PDC, to exchange their browse lists.

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

This parameter can be changed in the registry of all the BDCs: 


   Key     : HKLM\SYSTEM\CCS\Services\Browser\Parameters
   Value   : MasterPeriodicity DWORD <number in seconds>
   Default : 720


For additional information about this parameter, please see the following article in the Microsoft Knowledge Base:
ARTICLE-ID: Q134985
TITLE : Browsing & Other Traffic Incurs High Costs Over ISDN Routers

To optimize the traffic on your WAN lines, increase the value above on all BDCs.

SAM Replication Between a PDC and Its BDCs



The SAM replication is controlled by NetLogon on the PDC. The following registry value defines the typical pulse frequency (in seconds):

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD). 


   Key     : HKLM\SYSTEM\CCS\Services\NetLogon\Parameters
   Value   : Pulse REG_DWORD 60 to 172800 seconds (48 hours)
   Default : 300


For additional information, please see the following article in the Microsoft Knowledge Base:
ARTICLE-ID: Q150350
TITLE : NetLogon Maximum Value of Pulse Should Exceed 3600


All SAM/LSA changes made within this time are bundled together. After this period has elapsed, a pulse is sent to each BDC needing the changes. No pulse is sent to a BDC that is up-to-date.

Increasing this value on the PDC reduces the number of replications between the PDC and the BDCs. Nevertheless, the SAM changes are propagated less quickly from the PDC to the BDCs. You must choose a balance between infrequent replication that may increase the number of connections to a PDC to validate changed passwords and frequent replication that may generate excessive ISDN traffic.

The NetLogon PulseMaximum parameter has to be changed: 


   Key     : HKLM\SYSTEM\CCS\Services\NetLogon\Parameters
   Value   : PulseMaximum REG_DWORD 60 to 172800 seconds (48 hours)


It defines the maximum pulse frequency (in seconds). Every BDC will be sent at least one pulse at this frequency, whether its database is current or not.

NOTE: The replication takes place immediately if a change is made in LSA secrets, for example, when adding a workstation to the domain or changing trusts relationships.

Close of SMB Connections

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD). 


   Key     : HKLM\SYSTEM\CCS\LanmanWorkstation\Parameters
   Value   : KeepConn REG_DWORD 1 to 65535 seconds
   Default : 600 (10 minutes)


This value specifies the maximum amount of time that a connection can be left dormant.

In a WAN environment, it is preferable to lower this value to 10 seconds on all the servers and the workstations, so that a new ISDN connection is not established just because of a SMB connection close.

Changing KeepConn may generate significant SMB overhead. As connections are closed very quickly, each new connection implies the establishment of a new SMB connection.

NetBIOS Name Resolution Mode

When you use a domain spanning into multiple sites, the NetBIOS name resolution mode should be set to m-node (broadcasts followed by name server) on all servers and workstations.

This setting ensures that a local (for example, on the same subnet) domain controller is always contacted first (for example, before trying to contact the PDC).

On Windows NT systems, the NetBIOS name resolution mode can be set to m-node with the modification of the following key: 


   Key     : HKLM\SYSTEM\CCS\Services\NetBt\Parameters
   Value   : NodeType REG_DWORD 4 (4 is for M-NODE)

Trusts Relationships



Under certain circumstances, it is possible for 2 PDCs of 2 domains with a trust relationship to generate traffic every 15 minutes. For additional information, please see the following articles in the Microsoft Knowledge Base:
ARTICLE-ID: Q152719
TITLE : WAN and Trust: Traffic on the Wire

ARTICLE-ID: Q154355
TITLE : How to Tune Trusts for Dialup Routers in a WAN


WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD). 


   Key     : HKLM\SYSTEM\CCS\Services\NetLogon\Parameters
   Value   : ScavengeInterval REG_DWORD 60 to 172800 seconds (48 hours)
   Default : 900 (15 minutes)


This parameter defines the time interval during which NetLogon does miscellaneous work (on the PDC and on the BDCs), for example, finding a domain controller.

Other Services That Generate Traffic

Check out the configuration of your WINS database renewal interval, and the replicator service as well.

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

The replicator service may be modified as follows: 


   Key     : HKLM\SYSTEM\CCS\Services\Replicator\Parameters
   Value   : Interval REG_DWORD 60 (minutes)
   Default : 5 (minutes) 



   Key     : HKLM\SYSTEM\CCS\Services\Replicator\Parameters
   Value   : Pulse REG_DWORD 6 (6 * 60 minutes = 6 hours)
   Default : 3


For additional information on modifying the WINS settings, please see the following article in the Microsoft Knowledge Base:
ARTICLE-ID: Q142305
TITLE : Min. and Max. Interval Values for WINS Configuration

ARTICLE-ID: Q135922
TITLE : Windows NT Registry Parameters for WINS

Keywords : kbnetwork NTSrvWkst
Version : 3.51 4.0
Platform : winnt
Issue type : kbinfo


Last Reviewed: February 6, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.