HP-UX Directory Server 8.1 deployment guide
network sorts to provide failover to the backup Directory Servers. For information on setting up
and using DNS round-robins or network sorts, refer to the DNS documentation.
6.3.7 Using replication for local availability
The necessity of replicating for local availability is determined by the quality of the network as
well as the activities of the site. In addition, carefully consider the nature of the data contained
in the directory service and the consequences to the enterprise if that data were to become
temporarily unavailable. The more mission-critical the data, the less tolerant the system is of
outages caused by poor network connections.
Use replication for local availability for the following reasons:
• To keep a local master copy of the data.
This is an important strategy for large, multinational enterprises that need to maintain
directory information of interest only to the employees in a specific country. Having a local
master copy of the data is also important to any enterprise where interoffice politics dictate
that data be controlled at a divisional or organizational level.
• To mitigate unreliable or intermittently available network connections.
Intermittent network connections can occur if there are unreliable WANs, as often occurs
in international networks.
• To offset periodic, extremely heavy network loads that may cause the performance of the
directory service to be severely reduced.
Performance may also be affected in enterprises with aging networks, which may experience
these conditions during normal business hours.
6.3.8 Using replication for load balancing
Replication can balance the load on the Directory Servers in several ways:
• By spreading the users' search activities across several servers.
• By dedicating servers to read-only activities (writes occur only on the supplier server).
• By dedicating special servers to specific tasks, such as supporting mail server activities.
Balancing the workload of the network is an important function performed by directory data
replication. Whenever possible, move data to servers that can be accessed using a reasonably
fast and reliable network connection. The most important considerations are the speed and
reliability of the network connection between the server and the directory users.
Directory entries generally average around one kilobyte in size. Therefore, every directory lookup
adds about one kilobyte to the network load. If the directory users perform ten directory lookups
per day, then, for every directory user, there is an increased network load of around 10 kilobyte
per day. If the site has a slow, heavily loaded, or unreliable WAN, then consider replicatinge the
directory tree to a local server.
Also consider whether the benefit of locally available data is worth the cost of the increased
network load caused by replication. If an entire directory tree is replicated to a remote site, for
instance, that potentially adds a large strain on the network in comparison to the traffic caused
by the users' directory lookups. This is especially true if the directory tree is changing frequently,
yet there are only a few users at the remote site performing a few directory lookups per day.
Table 6-1 “Effects of replication and remote lookup on the network” compares the approximate
cost of replicating a directory of one million entries, where 10% of those entries undergo daily
change, with the cost of having a small remote site of 100 employees perform 10 lookups per
day. In each case the average size of a directory entry is assumed to be 1Kb.
86 Designing the replication process