Read Windows Server 2008 R2 Unleashed Online
Authors: Noel Morimoto
NBT
Bytes Total/sec
Monitors the network traffic generated by NetBIOS over TCP
Connection
connections
ptg
FIGURE 34.18
Network-based counters in Performance Monitor.
Optimizing Performance by Server Roles
In addition to monitoring the common set of bottlenecks (memory, processor, disk subsys-
tem, and network subsystem), the functional roles of the server influence what other
counters you should monitor. The following sections outline some of the most common
1424
CHAPTER 34
Capacity Analysis and Performance Optimization
roles for Windows Server 2008 R2 that require the use of additional performance counters
for analyzing system behavior, establishing baselines, and ensuring system availability and
scalability.
Microsoft also makes several other tools available that will analyze systems and recommend
changes. Ensuring a system is properly configured to deliver services for the role it supports
is essential before performance monitoring and capacity planning can be taken seriously.
Domain Controllers
A Windows Server 2008 R2 domain controller (DC) houses Active Directory Domain
Services (AD DS) and may have additional roles such as being responsible for one or more
Flexible Single Master Operations (FSMO) roles (schema master, domain naming master,
relative ID master, PDC emulator, and/or infrastructure master) or a global catalog (GC)
server. Also, depending on the size and design of the system, a DC might serve many
other functional roles such as DNS and WINS. In this section, AD, replication, and DNS
monitoring will be explored.
Monitoring Active Directory and Active Directory Replication
Active Directory Domain Services (AD DS) is the heart of Windows Server 2008 R2
domains and has been the directory of choice for years. Active Directory has continuously
ptg
been improved with each release, including performance enhancements. AD DS is used for
many different facets, including, but not limited to, authentication, authorization, encryp-
tion, and Group Policies. Because AD plays a vital role in a Windows Server 2008 R2
network environment and organizations rely on it heavily for communication and user
management, it must perform its responsibilities as efficiently as possible. You can find
more information on Windows Server 2008 R2’s Active Directory in Chapter 4, “Active
Directory Doman Services Primer.” Each facet by itself can be optimized, but this section
focuses on the Directory Services and Database objects. Organizations that take advantage
of System Center Operations Manager can take advantage of the management pack avail-
able for Active Directory.
The Directory Services Performance Monitor object provides various AD performance indi-
cators and statistics that are useful for determining AD’s workload capacity. Many of these
counters can be used to determine current workloads and how these workloads can affect
other system resources. There are relatively few counters in this object, so it’s recom-
mended that you monitor each one in addition to the common set of bottleneck objects.
With this combination of counters, you can determine whether the system is overloaded
and Active Directory performance is impacted.
Measuring AD DS replication performance is a complex process because of the many vari-
ables associated with replication. They include, but aren’t limited to, the following:
. Intrasite versus intersite replication
. The compression being used (if any)
. Available bandwidth
. Inbound versus outbound replication traffic
Optimizing Performance by Server Roles
1425
Fortunately, there are performance counters for every possible AD replication scenario.
These counters are located within the Directory Services object and are prefixed by the
primary process that is responsible for AD DS replication—the Directory Replication Agent
(DRA). Therefore, to monitor AD replication, you need to choose those counters begin-
ning with DRA.
Like most other server products, AD DS uses a database and its performance should also be
monitored to provide an accurate reflection of AD DS performance. Understanding a
domain controller’s overall system resource usage and the performance of AD DS will help
you align future upgrades and changes with capacity and performance needs. As compa-
nies continue to grow, it is essential that the systems be able to grow with them, especially
in regard to something critical like AD DS. Although many counters exist, some of the
relevant counters necessary to monitor AD DS and the database are in Table 34.5. This is
only a sample list and additional counters might need to be added, depending on the
34
desired outcome of the monitoring and specific AD DS functionality.
TABLE 34.5
Performance Counters Relative to AD DS Performance and Replication
Object
Counter
Description
Directory
DRA Inbound Full Sync
Objects remaining before synchronization is marked
ptg
Services
Objects Remaining
complete.
Directory
DRA Inbound Object
Objects remaining that need to be processed by
Services
Updates Remaining in
the domain controller. Indicates delay in applying
Packet
changes to the database.
Directory
DRA Remaining
Objects that have been received during replication
Services
Replication Updates
but have not yet been applied. Indicates slow repli-
cation.
Directory
DRA Pending Replication
Number of queued directory synchronizations
Services
Synchronizations
remaining. Indicates replication backlog.
Directory
LDAP Client Sessions
Sessions generated from LDAP clients.
Services
Directory
LDAP Searches/sec
Search queries performed by LDAP clients per
Services
second.
Directory
LDAP Writes/sec
Amount of writes per second from LDAP clients.
Services
Security
Kerberos
Client authentication tickets passed to the domain
Systemwide
Authentications/sec
controller per second.
Statistics
Security
NTLM
NTLM authentication requests served per second.
Systemwide
Authentications/sec
Statistics
1426
CHAPTER 34
Capacity Analysis and Performance Optimization
TABLE 34.5
Performance Counters Relative to AD DS Performance and Replication
Object
Counter
Description
Database
Database Cache % Hit
Percentage of page requests for the database file
that were fulfilled by the database cache without
causing a file operation. If this percentage is low
(85% or lower), you might consider adding more
memory.
Database
Database Cache Page
Number of page faults per second that cannot be
Fault Stalls/sec
serviced because there are no pages available for
allocation from the database cache. This number
should be low if the system is configured with the
proper amount of memory.
Database
Database Cache Page
Number of page requests per second for the data-
Faults/sec
base file that require the database cache manager
to allocate a new page from the database cache.
Database
Database Cache Size
Amount of system memory used by the database
cache manager to hold commonly used information
from the database to prevent file operations.
ptg
Monitoring DNS
The domain name system (DNS) has been the primary name resolution mechanism in
almost all networks and this continues with Windows Server 2008 R2. For more informa-
tion on DNS, refer to Chapter 10, “Domain Name System and IPv6.” Numerous counters
are available for monitoring various aspects of DNS in Windows Server 2008 R2. The most
important categories in terms of capacity analysis are name resolution response times and
workloads, as well as replication performance.
The counters listed in Table 34.6 are used to compute name query traffic and the workload
that the DNS server is servicing. These counters should be monitored along with the
common set of bottlenecks to determine the system’s health under various workload
conditions. If users are noticing slower responses, you can compare the query workload
usage growth with your performance information from memory, processor, disk subsys-
tem, and network subsystem counters.
TABLE 34.6
Performance Counters to Monitor DNS
Counter
Description
Dynamic Update
Dynamic Update Received/sec is the average number of dynamic
Received/sec
update requests received by the DNS server in each second.
Recursive Queries/sec
Recursive Queries/sec is the average number of recursive queries
received by the DNS server in each second.
Recursive Query
Recursive Query Failure/sec is the average number of recursive query
Failure/sec
failures in each second.
Optimizing Performance by Server Roles
1427
TABLE 34.6
Performance Counters to Monitor DNS
Counter
Description
Secure Update
Secure Update Received/sec is the average number of secure update
Received/sec
requests received by the DNS server in each second.
TCP Query
TCP Query Received/sec is the average number of TCP queries received
Received/sec
by the DNS server in each second.
TCP Response
TCP Response Sent/sec is the average number of TCP responses sent
Sent/sec
by the DNS server in each second.
Total Query
Total Query Received/sec is the average number of queries received by
Received/sec
the DNS server in each second.
Total Response
Total Response Sent/sec is the average number of responses sent by
Sent/sec
the DNS server in each second.
34
UDP Query
UDP Query Received/sec is the average number of UDP queries
Received/sec
received by the DNS server in each second.
UDP Response
UDP Response Sent/sec is the average number of UDP responses sent
Sent/sec
by the DNS server in each second.
ptg
Comparing results with other DNS servers in the environment can also help you to deter-
mine whether you should relinquish some of the name query responsibility to other DNS
servers that are less busy.
Replication performance is another important aspect of DNS. Windows Server 2008 R2
supports legacy DNS replication, also known as zone transfers, which populate informa-
tion from the primary DNS to any secondary servers. There are two types of legacy DNS
replication: incremental (propagating only changes to save bandwidth) and full (the entire
zone file is replicated to secondary servers).
Asynchronous full zone transfers (AXFR) occur on the initial transfer and then the incre-
mental zone transfers (IXFR) are performed thereafter. The performance counters for both
AXFR and IXFR (see Table 34.7) measure both the requests and successful transfers. It is
important to note that if your network environment integrates DNS with non-Windows
systems, it is recommended that those systems support IXFR.
NOTE
If your network environment is fully Active Directory–integrated, the counters listed in
Table 34.7 will all be zero because AD–integrated DNS replicates with AD DS.
Remote Desktop Services Server
Remote Desktop Services Server has its own performance objects for the Performance
Monitor called the Remote Desktop Services Session and Remote Desktop Services objects.
1428
CHAPTER 34
Capacity Analysis and Performance Optimization
TABLE 34.7
DNS Zone Transfer Counters
Counter
Description
AXFR Request
Total number of full zone transfer requests received by the DNS service
Received
when operating as a master server for a zone
AXFR Request Sent
Total number of full zone transfer requests sent by the DNS service when
operating as a secondary server for a zone
AXFR Response
Total number of full zone transfer requests received by the DNS service
Received
when operating as a secondary server for a zone
AXFR Success
Total number of full zone transfers received by the DNS service when oper-
Received
ating as a secondary server for a zone
AXFR Success Sent
Total number of full zone transfers successfully sent by the DNS service
when operating as a master server for a zone
IXFR Request
Total number of incremental zone transfer requests received by the master
Received
DNS server
IXFR Request Sent
Total number of incremental zone transfer requests sent by the secondary
DNS server
IXFR Response
Total number of incremental zone transfer responses received by the
ptg
Received