Permission To Duplicate: Novell Nterprise Branch Office 2.0
Articles and Tips: article
01 Feb 2005
Organizations that have branch offices, need them: by planting a few branches here and there, organizations extend their services to more customers or patients and maintain budget-enhancing relationships with suppliers, distributors and partners. Nevertheless, to network administrators like you, these branch office gems are pain-in-the-net assets.
Providing network services to branch offices requires a balanced solution that solves at least two problems inherent to the task. Problem number one is that you have a limited budget. Your organization does not want network services at the fringe eating away at the budget half of the budget-enhancing purpose that branch offices are supposed to serve.
Problem number two is that branch offices have layer upon layer of not-so-special needs. In fact, branch offices have notably mundane needs--needs that are identical, in fact, to the needs of the central office. Like the central office, branch offices need a data backup plan that is consistent, reliable and hassle free. Branch offices need directory authentication, application, file and print services delivered at the same blink-of-an-eye rate that corporate office workers take for granted.
These two problems--that is, your limited budget and branch offices' need for routine service at routine rates--are by nature opposed. Not surprisingly, many of the so-called solutions for providing network services to branch offices tip the scale in favor of solving one problem while exacerbating the other. For example, running applications, storing files and queuing print jobs on servers at your central office can tip the scale to the costeffective floor. Indeed, consolidation offers enticing savings too often at the cost of adequate network performance at the branch.
If you attempt to balance the scale by setting up private WAN connections to each branch office, you simply tip the scale the other way: now users enjoy decent access rates but your budget wastes away. Likewise, installing full-service NetWare, Windows or Linux servers in each branch office weighs heavily on the fastaccess side of the scale. In fact, while branch office workers enjoy the lightening-speed access this expensive approach offers, your budget flies off the scale entirely. Not only must you contend with the expense of the servers, but you also must contend with the expense and hassle of maintaining a backup solution for each office.
On the flip side, you can opt to stick to the consolidation plan but use inexpensive Internet connections. You can then encourage users to store their data on their local hard disks as a solution to the need-for-speedy-access problem. While this approach appears to balance the scale--users gain fast access to data and your budget suffers no serious loss--in fact it does not: can you guarantee that branch office data is backed up regularly in such a scenario?
Novell Nterprise Branch Office 2.0 offers a balanced solution that solves both the expense and access problems associated with providing network services to branch offices. With Novell Nterprise Branch Office 2.0, visiting and resident branch office workers gain access to network resources to which they have rights at the performance level they expect without the expense of private WAN connections. As a network administrator, you gain the ability to install and maintain network services at branch offices from a central location or from wherever you are. You also gain a reliable, automated, centrally stored backup solution without the need for the speed of private WAN connections.
Branch Office to Central--A Winning Combination
Novell Nterprise Branch Office 2.0 (hereafter Nterprise Branch Office) is software that ships on one CD that contains software for both the branch office (called appliance software) and central office. You decide whether you want to install and configure both the appliance and central office software or whether you prefer to install and configure only the appliance software. As you can guess, the configuration you choose depends on your goals.
When you install and configure only the Nterprise Branch Office appliance software, you gain an appliance that provides local authentication, Distributed Host Configuration Protocol (DHCP), file, print, e-mail and portal services for as many as 250 users. (For more information about portal services, see Virtual Office--Portal Function.) Because these services are hosted locally, users get what they expect: speedy response to requested services.
If that sounds like everything you need, you might want to reconsider: you get the biggest bang for your buck when you install and configure Nterprise Branch Office software at both the branch and central office. (For information about how much bang for how many bucks, see Few Dollars, Plenty of Sense--Novell's Novel Solution on p. 50.) When you configure your Nterprise Branch Office appliance to communicate with an Nterprise Branch Office server at the central office, you naturally gain the same aforementioned appliance that provides the same level of access to the same set of locally-hosted network services. But this speedy access to routine services is the least of your gains.
When you configure your branch office appliance to communicate with your central Nterprise Branch Office server, the results rival the results of installing Lightweight Directory Access Protocol (LDAP) servers, e-mail servers and backup hardware and software in each office. (See Figure 1.) Furthermore, with a branch-to-central configuration, the level of control you gain over these offices is equivalent to the control you would gain by traveling to each office every time you feel like it--every time you need to update software on a server, for example, or change the desktop appearance on a workstation.
Figure 1: In a branch-to-central office configuration, Nterprise Branch Office automatically provisions users' access rights, enables access to file and print services at high performance rates and synchronizes files and e-mail data to a central server.
To be more specific, connectivity between an Nterprise Branch Office appliance and central server offers these benefits:
Branch office users' authentication credentials are verified against (and synchronized with) the corporate directory--within milliseconds.
Visiting and resident branch office users who log in for the first time to an appliance are automatically provisioned access to all of the network resources to which they have been assigned rights in the corporate directory.
Branch office data--including files and e-mail messages--can be synchronized automatically to the central office server, eliminating the cost and hassle of setting up backup solutions in each office and offering a built-in disaster recovery plan.
Branch office users gain messaging, scheduling and calendar functionality by way of the Novell GroupWise 6.5 Post Office Agent (POA), which you configure as a satellite node in your corporate GroupWise 6.5 domain.
You gain the ability to manage branch office servers and workstations from a central location using Novell ZENworks 6.5 technology, negating the expense and stress associated with the traveling that you or your co-workers would otherwise do. (For more information about the GroupWise POA and about ZENworks integration, see Increasing Performance, Reducing Administration Time.)
Furthermore, regardless of the configuration you choose, getting your Nterprise Branch Office appliance up and running probably will not require a red-eye or any other flight. Nor will it require a drive. In all likelihood, you can do everything you need to do to get things going from the comfort of your office--wherever it might be.
CD and Settings-Fail-Proof Installation
Setting up the Nterprise Branch Office appliance does not take an IT guru, but you will need a helper out at the branch. The good news is that most workers, even a technically-challenged worker, can probably handle the tasks required to set up the appliance.
For your branch office appliance, you need a server-class PC with one (to as many as 32) Pentium II or AMD K7 processor(s) with a minimum of 512 MB RAM and 9 GB of storage, which is sufficient space for five users. (More information about system requirements can be found here.)
To transform this ordinary machine into an Nterprise Branch Office appliance, you start by sending the appliance software and, optionally, a settings diskette to the branch office. The settings diskette, which you create, includes appliance-specific settings such as the server name, IP address, Domain Name Service (DNS) name and certificates for the corporate office server(s). If this diskette is inserted into the appliance during set up, you spare yourself having to configure these settings later. However, to use this diskette, you might need to modify the appliance's boot sequence such that it checks the CD-ROM drive first and the floppy drive last.
Aside from that minor technical requirement, you need someone at the branch office who is skilled enough only to insert the CD into the appliance's bootable CD-ROM drive. Also, this branch office helper needs to insert the settings diskette (assuming you send one) into the appliance's floppy drive.
The CD software images and initializes your appliance as it boots up. Novell engineers enhanced the imaging process in Nterprise Branch Office 2.0 to reduce the length of time required for it to complete. The process typically takes 15 to 20 minutes to complete on low-end hardware. During these few minutes, the program lays down an initial system image, checks the hard disk drive, detects system hardware, locates drivers and configures the server operating system.
Once the imaging and initializing process is complete, your branch office worker can remove the CD and diskette and step away from the appliance. At this point, you take over--from virtually anywhere you choose. To configure the Nterprise Branch Office appliance software, you need only an Internet connection and Microsoft Internet Explorer (IE) 5.5 or higher loaded with Java Virtual Machine (JVM) from Microsoft or Sun. Optionally, you can manage the appliance from its command line, which you can access remotely using a non-IE browser on a handheld computer. (As you would expect, you can also access the command line from the appliance itself.) Thus wired and armed, you can configure and manage your appliance using Nterprise Branch Office Web Administrator, a browser-based management tool, for which you will need to open port 2222 on your firewall.
You can check out the Nterprise Branch Office Web Administrator for yourself by visiting Novell RedPlanIT (www.redplanit.com) and logging in using your Novell credentials. (If you do not have Novell credentials, register as a new user.) After you log in, select "Run Demo" from the Nterprise Branch Office option. From the screen that appears, click where prompted "To sneak a peek at the NBO Admin GUI." When prompted, enter "showme" as both the user name and password to log in to the Admin GUI. The home page of the Nterprise Branch Office Web Administrator appears. (See Figure 2.)
Figure 2: Using Nterprise Branch Office Web Administrator, you can manage an appliance from anywhere you can have access to a standard Web browser and an Internet connection.
Linux, NetWare or Windows--Platform Predilection
If you want the additional benefits of a branch-to-central configuration, such as automated user-access provisioning and file synchronization, you set up and configure a centrally located
Nterprise Branch Office server. The good news is that you can probably use a server you already have. As with all Novell products, Nterprise Branch Office software for the central office supports several operating systems. Specifically, you can install Nterprise Branch Office central office software on a server running any of the following platforms:
NetWare 6.5
NetWare 6.0 SP4 or higher
SUSE LINUX Enterprise 8.1 or higher
Linux Red Hat Advanced Server 2.1 or higher
Windows 2000 or higher
On these servers, you also run Novell eDirectory 8.7.3 or higher or, in the case of a Windows 2000 server, Active Directory. Doing so enables you to configure Nterprise Branch Office to authenticate branch office users to your existing corporate directory.
User Access Provisioner--Directory Authentication
When you configure Nterprise Branch Office to authenticate branch office users to an existing corporate directory, you set into motion Novell's patent-pending User Access Provisioner--arguably the coolest function of Nterprise Branch Office. User Access Provisioner enables users to authenticate against the corporate directory and automatically provisions access to network resources to which users have directory-defined rights. (See Figure 3.)
Figure 3: When a resident or visiting branch office user first logs in to an Nterprise Branch Office appliance, User Access Provisioner automatically loads on to the appliance information about this users' rights to network services and resources. The appliance stores the information in cache and thereafter users gain access to the network resources to which they have rights at corporate-office rates.
What this means to you is that you do not have to create accounts for branch office users on each appliance, despite the fact that each appliance is a single-server tree. The accounts that you create and manage for all of your network users are in a single, central location. Furthermore, because each appliance is a singleserver tree, you do not need to run partitions and replicas of the corporate directory on each appliance, which means you avoid bandwidth-hogging directory-synchronization processes.
What it means to users is that they gain access to the network resources to which they have rights simply by logging into a branch office appliance--even if they are logging on for the first time in an office they are only visiting.
Users can log in to an appliance using any one of the following protocols:
Hypertext Transfer Protocol (HTTP)
Secure HTTP (HTTPS)
Common Internet File System (CIFS)
Network File System (NFS)
NetWare Core Protocol (NCP)
Apple File Protocol (AFP)
File Transfer Protocol (FTP)
Suppose a user, call him Bill, logs in to an appliance for the first time. The appliance receives his request for authentication, and finds that Bill does not yet have an account on the appliance. It forwards his request to the corporate directory over the Internet (or private WAN) connection using Secure LDAP.
When the corporate directory receives the request, it searches and finds Bill's account. The corporate directory then returns Bill's account information to the appliance. The appliance, in turn, creates a Bill User object and caches his account information, which includes User ID, identity and password attributes (such as Given Name, Surname, Title, E-mail Address and Password Expiration). The appliance also caches information about the groups to which Bill belongs, even creating the group if this group does not already exist in the tree.
When a resident of the branch office logs in, call her Sheri, the process is similar. The appliance makes a Secure LDAP call to the corporate directory and, upon locating the account, authenticates the user. Also at this time, the appliance compares its account information for Sheri with Sheri's account information in the corporate directory. Nterprise Branch Office synchronizes any changes before authenticating Sheri.
Because the appliance stores account information in cache, those who have been provisioned access can authenticate to the appliance (and gain access to network resources) even when the connection to the corporate office is down. (Naturally, if users have not been provisioned on the appliance, they will be unable to log in until the connection is restored.)
Authentication takes milliseconds. More surprising, provisioning access, in most cases, also takes only milliseconds. "In the majority of cases," says Novell engineer Eric Dixon, "the delay--even for the provisioning of a user--will be imperceptible to the user. It is possible," he admits, "when users are on a slow link (e.g., 56 Kbps) that login time will take more than a second."
Login Scripts--Editing Option
The user account information on the Nterprise Branch Office appliance includes a generic login script. This script includes mapped drives to a user's Home directory (which the appliance creates) and to shared directories. You can edit this login script (to add to or alter the default mapped drives, for example) from the Nterprise Branch Office Web Administrator.
To do so, you select the User Access icon in the Nterprise Branch Office Web Administrator toolbar. When you do, the tool displays the appliance directory tree. From the tree, you click on the user, group or container for which you want to modify the login script, and select "Modify User/Group/Context" from the menu on the left of the screen. On the screen that appears, you have the option to modify the login script for this user, group or container object. (See Figure 4.) Try this for yourself on Novell RedPlanIT (www.redplanit.com).
Figure 4: You can modify the login script for users or groups in Nterprise Branch Office Web Administrator.
Password Change--Without Reservation
The Nterprise Branch Office corporate server includes the Password Expiration attribute with the user account information that it sends to the appliance. With this attribute stored locally, the appliance knows not only when to prompt users to change their passwords but also enables users to change their passwords. With or without being prompted to do so, users can change their own password from either the Novell client with Novell Modular Authentication Services (NMAS) enabled or from Virtual Office.
Virtual office--Portal Function
Virtual Office is a ready-to-go portal that installs automatically when you install Nterprise Branch Office software on a branch office appliance. If you visit Novell RedPlanIT and click to view the Nterprise Branch Office demo, it opens to a view of Virtual Office, assuming your browser supports redirection. (See Figure 5.) If your browser does not support redirection, just click where prompted.
Figure 5: A ready-to-go portal, Virtual Office installs automatically when you install Nterprise Branch Office appliance software. From Virtual Office, users can open and write to their files, install printer drivers, create or join virtual teams and change their passwords.
The Virtual Office Home page includes links to areas that offer explanations for completing tasks that might otherwise require a helpdesk call or, worse, a visit from you or one of your IT coworkers. For example, Virtual Office in Nterprise Branch Office enables access to the following areas that offer the functions described:
My Web Links, which displays a list of shared and personal Web links.
Virtual Teams, which enables users to create their own online teams or join existing teams so they can easily exchange information, share files and maintain a calendar of events.
Printer Access, which offers users information regarding how to install and configure printers on Windows workstations using iPrint and how to print from Linux, Unix and Macintosh workstations using CUPS.
NetStorage File Access, which enables users to download (for viewing or editing) their files from anywhere they have access to an Internet connection.
Other File Access Methods, which offers step-by-step instructions about how to access files using the protocol of choice.
My Settings, which enables users to change their passwords.
Branch Office to Central--Rsync Replication
In addition to its directory authentication and user access provisioning services, Nterprise Branch Office includes a built-in solution to the problem of backing up user data on branch office servers. Nterprise Branch Office solves the problem--and saves your company money--through the use of rsync, an open source utility that can replicate and efficiently synchronize data--including files and GroupWise 6.5 e-mail messages--from your branch office to a centrally located Linux, NetWare or Windows server. (For more information about or to download rsync, see http://samba.anu.edu.au/rsync.)
Just how efficient is rsync? Rsync can complete an incremental synchronization of a 10 GB file system in as few as 20 minutes over a 512 Kbps connection. In an incremental synchronization, as opposed to a first-time, new synchronization (otherwise called replication), rsync sends only changes to a file system--not the whole, raw file system. (To calculate how long it would take rsync to perform both a new and incremental synchronization of your file system given your connection speed, see Rsync Calculations: So Much to Send, So Little Time.)
With Nterprise Branch Office, you gain a reliable, automated backup solution at a cost of no more than the cost of Nterprise Branch Office software and a fairly standard Internet connection. You also gain the assurance of backing up branch office data without the cost and hassle of deploying tape or other backup solutions in each branch office. Of course, if you already have a backup solution in your branch office, you can configure an Nterprise Branch Office appliance to back up to this existing system.
The secret underlying rsync's efficiency is that when performing an incremental synchronization it sends across the wire only changed portions of files--not entire files. To synchronize data, rsync uses the rsync algorithm to compare files on the rsync server in the central office with the files on the branch office appliance, one 4 KB block at a time. If rsync finds that no change has occurred in a 4 KB block, it ignores the block. If rsync finds a change has occurred in a 4 KB block, it sends the changed block over the wire to the central server. (For information about how rsync handles MS Office files, see Rsync Calculations: So Much to Send, So Little Time.)
Nterprise Branch Office encrypts the data in each of these 4 KB block using Secure Sockets Layer (SSL). Using the blocks it receives, the central server then reconstructs the changed files so that they are identical to the files stored on the branch office appliance.
Nterprise Branch Office gives you a great deal of control over rsync synchronization. For example, from Nterprise Branch Office Web Administrator, you can set multiple times of day when you want synchronization to occur. For example, you can specify that that you want synchronization to occur only after 8 p.m.
When Hardware Fails--Disaster Preparation
When configured to communicate with a central server, Nterprise Branch Office offers you a ready-made disaster recovery plan. If your Nterprise Branch Office appliance fails, you simply redirect users to the central server, where requisite network services--including authentication, file and print services--continue to be available. Furthermore, because Nterprise Branch Office replicates local data to the central server, users may also access the version of their data that was available as of the last synchronization.
Likewise, when the connection to the central office is down, you don't care and users don't notice. New users aside, your branch office users can log on to the network to access and print local and shared files (from the local cache). In other words, whether the Internet or private WAN connection is up or down, branch office users have access to all of the services they need to continue working without interruption.
Of course, if your appliance fails, your ultimate goal is to restore it, a process that Nterprise Branch Office simplifies. Assuming you purchase new hardware to replace a failed branch office appliance, you need only someone in the branch office to insert the CD containing the branch office software and the settings diskette into the appropriate drives on the new machine. You can then back up the replicated data on the central server to a CD/DVD and send the CD/DVD to the branch office, where you can restore the data to the new machine. Alternately, you can transfer the replicated data from the central server to the new branch office appliance over the wire. You might also decide to restore the appliance at the corporate office and send the entire, ready-to-go appliance to the branch.
When you restore replicated data to a branch office appliance, users' access rights and file attributes are fully restored. Likewise, when an appliance is down and branch office users are redirected to the central office server, user access rights and file attributes are retained, assuming you run Nterprise Branch Office central office software on a NetWare server. If you run Nterprise Branch Office on a Linux or Windows server, users can access files when an appliance is down; however, NetWare-specific file rights and attributes are lost.
The source of this small hiccup is Linux and Windows file systems, which have inherent limitations. For example, the NetWare file system, Novell Storage Services (NSS), offers roughly three times the number of file attributes that Linux file systems offer. Similarly, NSS offers roughly double the number of access rights that Linux file systems offer. For example, NSS enables you to control who can delete directories and files, who can see (but not open) files in the directory structure, and who can add or remove trustees to directories and files through Erase, File Scan and Access Control rights, which are not available in standard Linux file systems.
The good news is that the next release of Nterprise Branch Office will support Novell Open Enterprise Server (OES). Novell OES offers NSS on Linux, specifically on SUSE LINUX Enterprise Server (SLES) 9. With Nterprise Branch Office central office software on a Novell OES server running on SLES 9, your branch office file attributes and user access rights will be fully retained when users are redirected to this Linux server.
Few Dollars, Plenty of Sense--Novell'S Novel Solution
Barring hardware failure at your branch office, users there enjoy network services at corporate-office rates. With Nterprise Branch Office, branch office users authenticate within milliseconds to the appliance; they gain access to locally hosted file and print services at the blink-of-an-eye rate today's spoiled users expect; and they read, write to and create locally stored personal and shared files that are, without their knowledge, replicated to the corporate office server. In addition, Nterprise Branch Office ensures that branch office data is backed up--as often as you want it to be.
With this type of service at the network's edge, you can safely say that you have solved at least one half of the two-fold problem inherent to providing network services to branch offices: Nterprise Branch Office ensures that branch office users get routine access at routine rates to the network services they need to do their jobs.
But what about the other half of the problem--that is, the expense associated with providing network services at the fringe? Nterprise Branch Office solves that one too. When you invest in Nterprise Branch Office, you can expect a return on investment (ROI) in as few as three to six months, a feat made possible through the dramatic hardware savings and the elimination of per-office backup solutions that this solution affords.
For example, the State of Montana deployed Nterprise Branch Office to support its 200 remote offices spread over the 56 counties in the state. The result was a 60 percent reduction in hardware costs and an even more dramatic decrease in backup costs, which would have required US$2,000 worth of storage media per site.
Similarly, Mariner Health Care reduced its hardware costs by more than 75 percent by consolidating its infrastructure at the central office and deploying inexpensive appliances rather than expensive servers at each of its 300 facilities. Nterprise Branch Office also enabled the automated and centralized backup of branch office data to the corporate data center, negating the need for Mariner to invest in tape drives and software for each of its facilities. (For more information about these and other success stories see them online.)
Equally (if not more) important, Nterprise Branch Office reduces administration time, which also saves your company money, although a specific amount is difficult to quantify. For example, the centralized management of branch office network services that Nterprise Branch Office enables, reduces Mariner Health Care's administration time by an estimated 20 percent. The State of Montana estimates that it saves US$100,000 per year in travel costs alone: prior to Nterprise Branch Office, the state's IT staff had to make the rounds between remote offices scattered throughout the fourth largest of the United States.
Of course, the amount that these and other customers save by using Nterprise Branch Office might be far greater or much less than the amount your company could save. How can you know? The bottom line is that you can only know how much money you will save by putting the solution to work. However, Novell provides both quick and comprehensive ROI tools that help you estimate the amount Nterprise Branch Office could potentially save your company. (To use these tools, view them online.)
Increasing Performance, Reducing Administration Time
In addition to directory authentication, user access provisioning and file synchronization, Nterprise Branch Office 2.0 improves the performance of branch office messaging and reduces the time and expense of branch office administration.
Local Messaging Without Global Routing
Nterprise Branch Office 2.0 includes a GroupWise 6.5 post office agent (POA), which installs automatically when you install the appliance software. With this locally hosted POA configured to store and forward messaging to a centrally located GroupWise 6.5 message transfer agent (MTA), branch office users gain a reliable, fast-performing collaboration solution. Branch office users can correspond, compare calendars and schedule time with their local and remote co-workers using the full-featured GroupWise 6.5 client.
Although easily overlooked, the fact that the POA runs on the appliance is an important detail. This small fact brings a big boost in performance. If your POA runs at corporate headquarters, when a branch office user e-mails the guy down the hall, the message travels to headquarters before reaching its destination: two doors down from where it started. As you can guess, with this extra mileage, performance takes a hit. In contrast, with the GroupWise 6.5 POA on the appliance, internal messages are processed locally. This means not only better performance but also less of a drain on your connection to headquarters.
The GroupWise 6.5 POA on the appliance forwards messages bound for recipients outside the branch office to the GroupWise 6.5 server at the corporate office. You configure this server to provide domain and MTA services for your branch office appliance POA. Because GroupWise 6.5 works with Novell eDirectory, you manage your branch office POA just as you manage any other network resource in your eDirectory tree: using ConsoleOne 1.3.3, the eDirectory management utility. To troubleshoot and check the status of your branch office POA, you use Nterprise Branch Office Web Administrator.
Remote Administration Without Globe Trotting
The servers and workstations on your branch office network are no different than the servers and workstations in your corporate office, apart from obvious differences in accessibility. Wherever they are, server operating systems, applications and files need to be patched, updated, modified, deleted or newly installed; similarly, workstations, regardless of location, require updates, configuration, maintenance and monitoring.
The inaccessibility of branch office servers and workstations gets in the way of the routine maintenance they require. You most likely don't have the budget to hire onsite IT personnel, nor the time, energy or funds to travel continually. Novell Nterprise Branch Office 2.0 works with Novell ZENworks 6.5 Server Management and ZENworks 6.5 Desktop Management to address the problems to which branch office accessibility (or lack thereof) gives rise.
With Nterprise Branch Office, you can use ZENworks 6.5 Server Management Tiered Electronic Distribution (TED). Using TED, you enable a distributor, in this case, a server in your corporate office, to indirectly service many subscribers, in this case, your branch office appliances. The TED distributor is capable of distributing applications, files, software patches and server policies to one branch office appliance or to several simultaneously. It does so by way of compressed data packages that it routes to appliances through distribution channels that you configure.
With ZENworks 6.5 Desktop Management, you can automatically and transparently configure, update and troubleshoot Windows 98/NT/2000/XP workstations in your branch offices using ConsoleOne--without having to actually touch any one of those workstations. Using policies and profiles you create and store within eDirectory, you generate work environments with content and applications tailored to the personal needs of each user or group of users. Among other things, ZENworks 6.5 Desktop Management enables you to do the following:
Control an application's use and install or uninstall its files and map required drives.
Install a standard image on new workstations and enable future re-imaging.
Manage workstations from the management console with remote control, remote wake up and remote file execution, file transfer, diagnostics and auditing.
Gather hardware and software inventory information from workstations and store and create reports about this information.
Rsync Calculations: So Much to Send, So Little Time
How much time does it take rsync to replicate and to synchronize the file system on your branch office appliance with a central server? Follow the steps below to estimate the answer to this question. (For a flow chart of these steps, see Figure 6.)
Figure 6: Follow these steps to estimate how long it will take rsync to replicate and to synchronize the file system on your branch office appliance with a central server.
STEP 1: Calculate File List Size
The first number to consider when estimating the time required for a branch-to-central-office synchronization is the size of the rsync file list. When synchronizing data, rsync first generates and sends to the central server a file list. This file list contains metadata for each file in your branch office file system. Metadata includes information such as the name, date, and size of the file and adds approximately 260 bytes of data per file.
To calculate the size of the file list rsync will generate and send for your system, multiply the number of files in your system by 260. For example, if you have 1,500 files on your file system, multiply that number by 260 (1,500 * 260 = 390 KB).
STEP 2: Calculate Practical Throughput
The next number to consider is the practical throughput of your connection to your central server. As you may know, every connection protocol generates overhead, which means that you never get 100 percent of the bandwidth associated with your connection. The bandwidth you actually enjoy, called your practical throughput, runs anywhere from 30 percent to 70 percent of the bandwidth your connection claims.
To calculate practical throughput, multiply the bandwidth your connection claims by a percentage between 30 percent and 70 percent, depending on how conservative or liberal you want to be in making this estimate. For example, if you have a DSL 512 Kbps connection, you may choose to multiply that number by 50 percent (512 * .50 = 256 Kbps).
STEP 3: New Sync or Incremental Sync?
The amount of data that rsync sends over the wire depends primarily on which of two synchronization scenarios it is attempting:
A. New Sync
B. Incremental Sync
A new sync is one of two ways to load a complete version of your branch office file system onto your central server, which you have to do once (but only once). For a new sync, rsync replicates your entire branch office file system to your central office server over the wire.
Novell recommends an alternative approach to loading your branch office file system on your central server: back up your system to CD or DVD, send (or hand deliver) the CD/DVD to your central office and restore the contents to the central rsync server. By using this approach, you never have to send the entire file system over the wire. Once you have stored a copy of your branch office file system on a central server, rsync synchronizes your data through incremental syncs. For an incremental sync, rsync sends over the wire only changes in your branch office file system.
To estimate the time required for a new sync, see New Sync (NS) Steps 4 through 8 below.
To estimate the time required for an incremental sync, see Incremental Sync (IS) Steps 4 through 6 below.
New Sync (NS) Steps 4 Through 8
If you plan to replicate your entire branch office file system over the wire, complete Steps 1 – 3 above, and then complete the calculations in NS steps 4 through 8 below.
NS STEP 4: Calculate Compressed File System Size
Rsync compresses files before sending them over the wire. The specific compression ratio varies depending on the file type. For example, textdense files (such as word processing or spreadsheet files) compress at a better ratio than multimedia files (such as picture or sound files). If your file system, like most, includes all types of files, Novell engineers recommend that you assume an average compression ratio of 3:1.
To calculate the size to which your file system will compress, divide the total number of bytes in your (uncompressed) file system by the compression ratio. For example, if you have a 10 GB file system, divide 10 by 3 (10 / 3 = 3.33 GB).
If you have enabled the file compression in your file system, rsync will not compress it further. Novell recommends that you do not enable the compression option. (By default, the compression option is turned off on an Nterprise Branch Office appliance.)
NS STEP 5: Calculate Overhead
Rsync adds approximately five percent overhead during transmission. To calculate the number of bytes rsync transmits during a new sync, multiply the compressed file system size by five percent and add the result to the original number (e.g., (3.33 * .05) + 3.33 = approx 3.5 GB).
NS STEP 6: Calculate NS Transmission in KB
To calculate the total number of bytes that rsync will send for a new sync, add the file list size to the compressed file size with overhead. For example, if your file list size is 390 KB and your compressed file size with overhead is 3.5 GB, then rsync sends 390 KB + 3,500,000 KB (390 + 3,500,000 KB = 3,500,390 KB).
NS STEP 7: Calculate NS Transmission in KBits
As you may know (but may sometimes forget), bytes are not the same as bits. Bits are the units of measurement for data transmitted over the wire. Each byte of data equals 8 bits.
To calculate the Kbit size of your transmission, multiply the estimated NS transmission size (in KB) by 8. For example, if your estimated transmission is 3,500,390 KB, multiply that number by 8: (3,500,390 * 8 = 28,003,120 Kbits).
NS STEP 8: Calculate NS Transmission Time
The final step in calculating new sync transmission time is to divide the estimated NS transmission size in Kbits by your practical throughput.
For example, if your estimated NS transmission size is 28,003,120 Kbits and your practical throughput is 256 Kbps, divide the first by the latter number (28,003,120 / 256 = 109,387 seconds). To calculate the minutes, divide the seconds by 60 (109,387 / 60 = 1,823 minutes); to calculate the hours, divide the minutes by 60 (1,823 / 60 = 30 hours). Hence, rsync can perform a new sync of a 10 GB file system in 30 hours over a DSL 512 Kbps connection.
Depending on the size of your file system and your connection speed, a new sync can take a considerable amount of time. Remember, a new sync is optional: Novell recommends backing up your branch office data to CD or DVD and loading it on your central server.
Incremental Sync Steps 4 Through 7
If you already have stored a copy of your branch office file system on your central server, then rsync uses incremental syncs to synchronize data on the branch and central server. To estimate the time required for an incremental sync, complete steps 1 through 3 above and then follow IS steps 4 through 6 below.
IS STEP 4: Calculate the Churn
For incremental syncs, rsync sends only changes to files--not whole files. To prepare for an incremental sync, rsync compares the data on your branch and central servers one 4 KB block at a time. If rsync does not detect a change in one 4 KB block, it moves to the next one. If rsync does detect a change in a block, it sends this block over the wire.
Microsoft (MS) Office files pose no exception to this rule: rsync sends portions of changed MS Office files, not whole files. Popular belief mistakenly holds that when you change an MS Office file, even if you change only one letter, Windows changes the entire file. This is not the case. When you change an MS Office file, Windows changes the file's body as well as its header and footer. As with any other type of file, rsync sends only the 4 KB blocks that have changed. In the case of modified MS Office files, rsync sends the 4 KB blocks that contain changes to the header, footer and body.
The ratio between the file system size and the actual bits necessary to synchronize that system is called the speedup. A typical speedup is 100:1, which means that the amount of data rsync typically sends over the wire to synchronize a file system is approximately 1/100th of the actual file system size. Given this speedup, rsync can synchronize a 1 MB file by transmitting only 10 KB (80 Kbits) over the wire. The actual number of bits transmitted over the wire in an incremental sync is called the churn.
To calculate the churn, divide the file system size (uncompressed) by 100. If your file system is 10 GB, you divide that number (in bytes) by 100 (10,000,000,000 / 100 = 100,000,000 or 100,000 KB).
IS STEP 5: Compress the Churn
Rsync compresses files before sending them over the wire, even the churn, at an average compression ratio of 3:1. (See NS Step 4 above.) To calculate the size to which your churn will compress, divide the total number of Kilobytes in the churn by the compression ratio. For example, if you have a 100,000 KB churn, divide 100,000 by 3 (100,000 / 3 = 33,333 KB).
IS STEP 6: Calculate Compressed Churn in KBits
To calculate the number of Kbits that rsync sends over the wire for an incremental sync, multiply the churn (in KB) by 8. (For more information about bits and bytes, see NS Step 7: Calculate NS Transmission in Kbits above.) For example, if your churn is 33,333 KB, multiply that number by 8 (33,333 * 8 = 266,664 Kbits).
IS STEP 7: Calculate IS Transmission Time
To calculate incremental sync transmission time, divide the churn in Kbits by your practical throughput.
For example, if your churn is 266,664 Kbits (which is the churn for a 10 GB file system) and your practical throughput is 256 Kbps (which is 50 percent of a 512 Kbps connection), divide the first by the latter number to arrive at the seconds required for transmission (266,264 / 256 = 1,042 seconds). To calculate the minutes, divide the seconds by 60 (1,042 / 60 = 17 minutes). Hence, rsync can incrementally sync a 10 GB file system in as few as 20 minutes over a DSL 512 Kbps connection, (depending largely upon the practical throughput).
* Originally published in Novell Connection Magazine
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.