Fear and Loathing: More Windows 7 BranchCache Stuff - Part Three

Ok, I'm back from Ishigaki and its time to try and wrap up this BranchCache stuff. Once this is done, my plan is to then move on to other Windows 7 and Windows Server 2008 R2 features. But, for this post let's focus on the remaining BranchCache topics.

Troubleshooting (Is BranchCache is Doing Something)

As I hinted in my last post, BranchCache is kind of a BlackBox. When it's working, users shouldn't notice anything. On the flip side, when BranchCache is not working, users will still probably not really notice anything (besides a performance hit).

So... to determine if BranchCache is doing something you might try any of the following items (also valid for a Hosted Cache deployment):

  1. Load up NetMon (or your favor network monitoring software) and watch the traffic flows. In theory if you have something that can monitor bandwidth across the WAN, you should see improvements in bandwidth usage. This is something that I have not tested.
  2. Watch the BranchCache event logs. However, this is only partly useful as a majority of the event messages do not really tell you anything.
  3. Run the "netsh branchcache show status" command. The results from this command are actually a really good starting point to see how BranchCache is configured on a BranchCache client or Hosted Cache server.
  4. Look at the BranchCache performance counters. And, I'm sure you might be confused over the BranchCache Kernel Mode counters vs. just the plain old BranchCache counters (Hint: You will only see the Kernel Mode counters server side).

Other than that... good luck! You are pretty much on your own to establish if BranchCache is working and what it is doing for you. My only real word of wisdom would be with Offline Files (they call it transparent cache in the Early Adopters guide). In certain cases, BranchCache will not cache content, if it has already been cached by Offline Files (the same holds true for IE cache as well). Naturally, to fix this, you would clear the Offline Files cache. However, do not turn Offline Files off, this will break BranchCache for network files.

BTW

Has anyone had the chance to test BranchCache with other browsers? I have also not been able to test if disable IE cache breaks BranchCache. Something else someone might want to look at.

Hosted Cache Mode

The second distribution mode with BranchCache is Hosted Cache Mode.

Summary

Hosted Cache mode is still kinda Peer-2-Peer. However, in this deployment mode, all the content that is cached on each peer, is also cached on a central server in the "Branch Office". This "Hosted Cache" then becomes the central point of reference for peers to validate locally cached content and then to retrieve that content from the cache. In other words, a Hosted Cache server is kind of a glorified caching proxy server.

Server-Side Configuration

The server-side configuration for a Hosted Cache deployment is exactly the same as a Distributed Cache deployment.

Hosted Cache Server Configuration

However, there is one extra step. You need to deploy a Hosted Cache server. To do that, use the following steps:

  1. Install the BranchCache feature.
  2. ...
  3. Install a server authentication certificate (SSL) were the Subject Name is set to the FQDN of the Hosted Cache server.
  4. Configure the Hosted Cache server to use the server authentication certificate. To do that, get the certificate hash from the certificate you just installed, and execute the following command: NETSH HTTP ADD SSLCERT IPPORT=0.0.0.0:443 CERTHASH="cert-hash" APPID={d673f5ee-a714-454d-8de2-492e4c1bd8f8}
  5. Also, if you are feeling randy, you can use netsh to move the cache around and also increase its size.

Hmmmmmm... seems like I'm missing something. Once I get my lab rebuilt on the RC release, I will come back to this posting and fix the missing step (I'm pretty sure I did something else).

Anyhow, back to the SSL certificate. As I mentioned before, Branch Cache peers do not upload content to the Hosted Cache server. Instead, they advertise the content in their cache, and the Hosted Cache server then downloads the content is needs from the client. Obviously, the question I first had was: What is the server authentication certificate needed for?

Well, it turns out that the client "advertises" its content by doing an HTTP post over TLS. Odd, but that is how it works. Once the Branch Cache figures out it needs or wants the content, the rest of the content exchange is the same as normal peer to peer content exchange.

Client-Side Configuration

Like Distributed Cache mode, there are two methods for configuring Hosted Cache mode. The first method is via netsh. For example, Run Command Prompt (Run as Administrator) and execute:

netsh branchcache set service mode=HOSTEDCLIENT LOCATION="FQDN of Hosted Cache Server"

Also, like before there are GPO settings that you can define as well to turn on Hosted Cache mode. To do this:

  1. Enable the Turn on BranchCache GPO setting (Computer Configuration\Policies\Administrative Templates\Network\BranchCache).
  2. Enable the Turn on BranchCache - Hosted cache mode GPO setting (Computer Configuration\Policies\Administrative Templates\Network\BranchCache).
  3. Enable and configure the BranchCache for network files GPO setting (Computer Configuration\Policies\Administrative Templates\Network\BranchCache). Here you must specify a latency value that determines when the network files aspect of BranchCache will should kick-in.

Once you have finished that, you will also need to configure Windows Firewall to allow incoming HTTP:

  • Allow TCP HTTP - 80 Inbound (from all other BranchCache clients – at the Branch Office).

And.... we are done. Hopefully this has been helpful. I plan on doing this type of deep dive on a number of the new features.

If you like this, check out some other posts from Tyson:

Or if you want, you can also check out some of Tyson's latest publications:

Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet. Or, sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert)

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)