Windows Server 2008 R2 Unleashed (281 page)

NBT

Bytes Total/sec

Monitors the network traffic generated by NetBIOS over TCP

Connection

connections

ptg

FIGURE 34.18

Network-based counters in Performance Monitor.

Optimizing Performance by Server Roles

In addition to monitoring the common set of bottlenecks (memory, processor, disk subsys-

tem, and network subsystem), the functional roles of the server influence what other

counters you should monitor. The following sections outline some of the most common

1424

CHAPTER 34

Capacity Analysis and Performance Optimization

roles for Windows Server 2008 R2 that require the use of additional performance counters

for analyzing system behavior, establishing baselines, and ensuring system availability and

scalability.

Microsoft also makes several other tools available that will analyze systems and recommend

changes. Ensuring a system is properly configured to deliver services for the role it supports

is essential before performance monitoring and capacity planning can be taken seriously.

Domain Controllers

A Windows Server 2008 R2 domain controller (DC) houses Active Directory Domain

Services (AD DS) and may have additional roles such as being responsible for one or more

Flexible Single Master Operations (FSMO) roles (schema master, domain naming master,

relative ID master, PDC emulator, and/or infrastructure master) or a global catalog (GC)

server. Also, depending on the size and design of the system, a DC might serve many

other functional roles such as DNS and WINS. In this section, AD, replication, and DNS

monitoring will be explored.

Monitoring Active Directory and Active Directory Replication

Active Directory Domain Services (AD DS) is the heart of Windows Server 2008 R2

domains and has been the directory of choice for years. Active Directory has continuously

ptg

been improved with each release, including performance enhancements. AD DS is used for

many different facets, including, but not limited to, authentication, authorization, encryp-

tion, and Group Policies. Because AD plays a vital role in a Windows Server 2008 R2

network environment and organizations rely on it heavily for communication and user

management, it must perform its responsibilities as efficiently as possible. You can find

more information on Windows Server 2008 R2’s Active Directory in Chapter 4, “Active

Directory Doman Services Primer.” Each facet by itself can be optimized, but this section

focuses on the Directory Services and Database objects. Organizations that take advantage

of System Center Operations Manager can take advantage of the management pack avail-

able for Active Directory.

The Directory Services Performance Monitor object provides various AD performance indi-

cators and statistics that are useful for determining AD’s workload capacity. Many of these

counters can be used to determine current workloads and how these workloads can affect

other system resources. There are relatively few counters in this object, so it’s recom-

mended that you monitor each one in addition to the common set of bottleneck objects.

With this combination of counters, you can determine whether the system is overloaded

and Active Directory performance is impacted.

Measuring AD DS replication performance is a complex process because of the many vari-

ables associated with replication. They include, but aren’t limited to, the following:

. Intrasite versus intersite replication

. The compression being used (if any)

. Available bandwidth

. Inbound versus outbound replication traffic

Optimizing Performance by Server Roles

1425

Fortunately, there are performance counters for every possible AD replication scenario.

These counters are located within the Directory Services object and are prefixed by the

primary process that is responsible for AD DS replication—the Directory Replication Agent

(DRA). Therefore, to monitor AD replication, you need to choose those counters begin-

ning with DRA.

Like most other server products, AD DS uses a database and its performance should also be

monitored to provide an accurate reflection of AD DS performance. Understanding a

domain controller’s overall system resource usage and the performance of AD DS will help

you align future upgrades and changes with capacity and performance needs. As compa-

nies continue to grow, it is essential that the systems be able to grow with them, especially

in regard to something critical like AD DS. Although many counters exist, some of the

relevant counters necessary to monitor AD DS and the database are in Table 34.5. This is

only a sample list and additional counters might need to be added, depending on the

34

desired outcome of the monitoring and specific AD DS functionality.

TABLE 34.5

Performance Counters Relative to AD DS Performance and Replication

Object

Counter

Description

Directory

DRA Inbound Full Sync

Objects remaining before synchronization is marked

ptg

Services

Objects Remaining

complete.

Directory

DRA Inbound Object

Objects remaining that need to be processed by

Services

Updates Remaining in

the domain controller. Indicates delay in applying

Packet

changes to the database.

Directory

DRA Remaining

Objects that have been received during replication

Services

Replication Updates

but have not yet been applied. Indicates slow repli-

cation.

Directory

DRA Pending Replication

Number of queued directory synchronizations

Services

Synchronizations

remaining. Indicates replication backlog.

Directory

LDAP Client Sessions

Sessions generated from LDAP clients.

Services

Directory

LDAP Searches/sec

Search queries performed by LDAP clients per

Services

second.

Directory

LDAP Writes/sec

Amount of writes per second from LDAP clients.

Services

Security

Kerberos

Client authentication tickets passed to the domain

Systemwide

Authentications/sec

controller per second.

Statistics

Security

NTLM

NTLM authentication requests served per second.

Systemwide

Authentications/sec

Statistics

1426

CHAPTER 34

Capacity Analysis and Performance Optimization

TABLE 34.5

Performance Counters Relative to AD DS Performance and Replication

Object

Counter

Description

Database

Database Cache % Hit

Percentage of page requests for the database file

that were fulfilled by the database cache without

causing a file operation. If this percentage is low

(85% or lower), you might consider adding more

memory.

Database

Database Cache Page

Number of page faults per second that cannot be

Fault Stalls/sec

serviced because there are no pages available for

allocation from the database cache. This number

should be low if the system is configured with the

proper amount of memory.

Database

Database Cache Page

Number of page requests per second for the data-

Faults/sec

base file that require the database cache manager

to allocate a new page from the database cache.

Database

Database Cache Size

Amount of system memory used by the database

cache manager to hold commonly used information

from the database to prevent file operations.

ptg

Monitoring DNS

The domain name system (DNS) has been the primary name resolution mechanism in

almost all networks and this continues with Windows Server 2008 R2. For more informa-

tion on DNS, refer to Chapter 10, “Domain Name System and IPv6.” Numerous counters

are available for monitoring various aspects of DNS in Windows Server 2008 R2. The most

important categories in terms of capacity analysis are name resolution response times and

workloads, as well as replication performance.

The counters listed in Table 34.6 are used to compute name query traffic and the workload

that the DNS server is servicing. These counters should be monitored along with the

common set of bottlenecks to determine the system’s health under various workload

conditions. If users are noticing slower responses, you can compare the query workload

usage growth with your performance information from memory, processor, disk subsys-

tem, and network subsystem counters.

TABLE 34.6

Performance Counters to Monitor DNS

Counter

Description

Dynamic Update

Dynamic Update Received/sec is the average number of dynamic

Received/sec

update requests received by the DNS server in each second.

Recursive Queries/sec

Recursive Queries/sec is the average number of recursive queries

received by the DNS server in each second.

Recursive Query

Recursive Query Failure/sec is the average number of recursive query

Failure/sec

failures in each second.

Optimizing Performance by Server Roles

1427

TABLE 34.6

Performance Counters to Monitor DNS

Counter

Description

Secure Update

Secure Update Received/sec is the average number of secure update

Received/sec

requests received by the DNS server in each second.

TCP Query

TCP Query Received/sec is the average number of TCP queries received

Received/sec

by the DNS server in each second.

TCP Response

TCP Response Sent/sec is the average number of TCP responses sent

Sent/sec

by the DNS server in each second.

Total Query

Total Query Received/sec is the average number of queries received by

Received/sec

the DNS server in each second.

Total Response

Total Response Sent/sec is the average number of responses sent by

Sent/sec

the DNS server in each second.

34

UDP Query

UDP Query Received/sec is the average number of UDP queries

Received/sec

received by the DNS server in each second.

UDP Response

UDP Response Sent/sec is the average number of UDP responses sent

Sent/sec

by the DNS server in each second.

ptg

Comparing results with other DNS servers in the environment can also help you to deter-

mine whether you should relinquish some of the name query responsibility to other DNS

servers that are less busy.

Replication performance is another important aspect of DNS. Windows Server 2008 R2

supports legacy DNS replication, also known as zone transfers, which populate informa-

tion from the primary DNS to any secondary servers. There are two types of legacy DNS

replication: incremental (propagating only changes to save bandwidth) and full (the entire

zone file is replicated to secondary servers).

Asynchronous full zone transfers (AXFR) occur on the initial transfer and then the incre-

mental zone transfers (IXFR) are performed thereafter. The performance counters for both

AXFR and IXFR (see Table 34.7) measure both the requests and successful transfers. It is

important to note that if your network environment integrates DNS with non-Windows

systems, it is recommended that those systems support IXFR.

NOTE

If your network environment is fully Active Directory–integrated, the counters listed in

Table 34.7 will all be zero because AD–integrated DNS replicates with AD DS.

Remote Desktop Services Server

Remote Desktop Services Server has its own performance objects for the Performance

Monitor called the Remote Desktop Services Session and Remote Desktop Services objects.

1428

CHAPTER 34

Capacity Analysis and Performance Optimization

TABLE 34.7

DNS Zone Transfer Counters

Counter

Description

AXFR Request

Total number of full zone transfer requests received by the DNS service

Received

when operating as a master server for a zone

AXFR Request Sent

Total number of full zone transfer requests sent by the DNS service when

operating as a secondary server for a zone

AXFR Response

Total number of full zone transfer requests received by the DNS service

Received

when operating as a secondary server for a zone

AXFR Success

Total number of full zone transfers received by the DNS service when oper-

Received

ating as a secondary server for a zone

AXFR Success Sent

Total number of full zone transfers successfully sent by the DNS service

when operating as a master server for a zone

IXFR Request

Total number of incremental zone transfer requests received by the master

Received

DNS server

IXFR Request Sent

Total number of incremental zone transfer requests sent by the secondary

DNS server

IXFR Response

Total number of incremental zone transfer responses received by the

ptg

Received