In this tutorial, we will set up a cache system on file servers to speed up access for remote sites.
For that we will set up the BranchCache solution.
BranchCache is an extended WAN bandwidth optimization technology that is included in some editions of the Windows 10 and Windows Server 2016 operating systems, as well as in certain editions of Windows Server 2012 R2, Windows 8.1, Windows Server 2012, Windows 8, Windows Server 2008 R2, and Windows 7. To optimize the bandwidth of a wide area network when users access content on remote servers, BranchCache retrieves content from content servers in your home office or the server. hosted cloud and cache it on branch office systems, allowing branch office client computers to access content locally instead of going through the WAN.
https://docs.microsoft.com/fr-fr/windows-server/networking/branchcache/branchcache
There are two cache modes:
- Hosted cache: This mode uses a dedicated cache server on the remote site
- Distributed cache: This mode uses clients at the remote site for caching.
The two cache modes can not cohabit on the same remote site.
BranchCache technology can be used to:
- Network sharing (SMB)
- IIS Web Server (HTTP/HTTPS
- BITS (WSUS).
Here is the list of BranchCache clients compatible with all 3 technologies that can also be used in a distributed mode:
- Windows 10 Entreprise ou Education
- Windows 8.1 Entreprise
- Windows 8 Entreprise
- Windows 7 Entreprise ou Ultimate.
Pro versions of Windows are only compatible with BITS.
In this tutorial, we will see BranchCache deployed in hosted mode on a dedicated Windows 2016 server.
Prerequisites:
- Be in an Active Directory environment and master the creation of GPO.
- Have a Windows 2012R2 file server minimum.
- Having compatible clients.
Installing BranchCache on a file server
The following manipulations are to be done on the file server where the caching will be effective.
From the server manager, click Add Roles and Features 1 .
When launching the wizard, click Next 1 .
Choose the type of installation: 1 role or feature based installation and click Next 2 .
Select file server 1 and click Next 2 .
In the list of roles check the BranchCache 1 for Network Files box, which is in the Available File and Storage Services roles and click Next 2 .
Skip the list of features by clicking Next 1 .
Confirm the installation of BranchCache on the file server by clicking Install 1 .
Wait during the installation …
When the installation is complete, click Close 1 .
File Server Configuration for BranchCache
Now that BranchCache is installed on the file server, we will see how to configure it so that it can be used with cache servers.
Share configuration
In order to use BranchCache, each share must be configured.
A cache system has an interest in a file that is mostly read-only.
Through the server manager, go to the management of file and storage services in the Shares section. Right click on the share 1 where BranchCache must be activated and click Properties 2 .
Check the Enable branch cache (BranchCache) checkbox on file share 1 and validate by clicking Apply 2 and OK 3 .
Hash Publication for BranchCache
To work, the server has to publish a hash of the files present in the share to know if it is already present on the cache server. This hash is also used for security.
To enable publishing, we will put in place a Group Policy (GPO) that will be applied to a group whose file server is present.
If different shares on different servers are published with BranchCache, simply put the servers in the group for the GPO to apply.
On the domain controller, create a group that will contain the file servers.
Create a Group Policy strategy at the root of the domain.
Edit the strategy by right clicking on 1 then click on Edit 2 .
Go to the following location: Computer Configuration / Policy / Administrative Template / Network / Lanman Server and then double-click on the Hash Publication for BranchCache 1 to configure it.
Choose the option Enabled 1 and set the option to 0: Allow the publication of hashes only for shared folders on which BranchCache is enabled 2 , validate the parameter by clicking the Apply buttons 3 and OK 4 .
The parameter is activated 1 and configure. Exit the Group Policy Management Editor.
In the Security Filtering portion of the policy, delete the Authenticated Users 1 group.
Add the group dedicated to file servers 1 .
The following manipulation is necessary so that the strategy can be read.
Go to the delegation tab 1 of the strategy, click on the button Add 2 . Select the group Authenticated Users 3 with read permission 4 and click OK 5 to validate.
Restart the file server and ensure that the policy is applied to the gpresult / r command.
Deploy a hosted cache server
On the server that will be hosted cache server, it is necessary to install the BranchCache feature and configure it.
Installing BranchCache
From the server manager, click Add Roles and Features 1 .
When launching the wizard, click Next 1 .
Choose Role Based Installation or 1 Functionality and click Next 2 .
Select server 1 and click Next 2 .
Skip the roles by clicking Next 1 .
Check the BranchCache 1 feature and click Next 2 .
Confirm the BranchCache installation by clicking the Install 1 button.
Wait during the installation …
When the installation is complete, exit the wizard by clicking Close 1 .
Server configuration
We will now configure the BranchCache server to publish an SCP record so that the client computers can find it.
Open a PowerShell command prompt as an administrator and enter the following command:
Enable-BChostedServer -RegisterSCP
Enter the following command to verify the configuration:
Get-BCStatus
Configuring clients to use BranchCache
In this part, we will see how to configure clients to use the BranchCache server.
In order to use BranchCache for file services, it is necessary to have a compatible Windows client.
- Windows 10 Entreprise ou Education
- Windows 8.1 Entreprise
- Windows 8 Entreprise
- Windows 7 Entreprise ou Ultimate.
Professional versions of Windows only support BITS at BranchCache level
https://docs.microsoft.com/fr-fr/windows-server/networking/branchcache/branchcache#bkmk_os
The configuration of the clients will be done by a group policy that will be applied on an OR where the client computers are located.
From the Group Policy Management console, right-click on the OU 1 where the computers that will use BranchCache are located and click Create GPO in this area, and link it here 2> >.
Name the GPO 1 and click OK 2 .
Right click on GPO 1 and click on Edit 2 .
The settings to be configured are in the following location: Computer Configuration / Policies / Administrative Templates / Network / BranchCache.
Edit the Enable BranchCache parameter, select On 1 and click Apply 2 and OK 3 .
Edit the Enable automatic discovery of cached hosted by service connection point option, select Enabled 1 then click Apply 2 and OK 3 .
This setting allows you to use the SCP that was created by the PowerShell command.
Edit the Configure BranchCache parameter for network files, choose Active 1 , set the maximum response time to 0 2 then click Apply 3 and OK4.
Ce paramètre permet de forcer la mise en cache.
Summarizes Group Policy settings.
Your BranchCache environment is ready and functional. You just have to test the opening of the same file from 2 different clients. During the second opening, the BranchCache server cache will be used and the opening faster.
On the BranchCache server, you can see the use of the cache using the command below.
Get-BCDataCache