BranchCache – Course 110: Q & A

When i started reading about BranchCache, i got couple of questions that i worked hard to answer. I want to share with you my thoughts in the Q & A post.

 Q: What are the requirements for clients to participate in BranchCache Technology?

A: Clients should be running supported edition of Windows and have the BranchCache local service set to Automatic. After that, the clients should be under the scope of a group policy that will enable them for BranchCache and will open couple of local Windows firewall exceptions.

Q: What are the requirements for my WSUS server or file server so that clients can cache content from?

A: Your WSUS or your file server, are called (Content Servers) and should be running supported edition of Windows. You then have to go and add the feature that is called (BranchCache) from the Add Features Wizard.

Q: Do I need to open anything on my firewalls or to contact my ISP provider for any changes in order to deploy BranchCache?

A: Absolutely NO. The clients will use native original ports when connecting to your WSUS/IIS/File servers.

Q: In Distributed Cache mode, clients will cache content locally on their hard disk. Can you tell me more and will it fill up the client hard disk?

A: By default, clients configured for BranchCache in Distributed Cache mode will download content on the C drive of their hard disk under “C:\Windows\ServiceProfiles\NetworkService\AppData\Local\PeerDistPub”. By default, BranchCache will only consume 5% of the total disk space. Make sure that you have enough space on your C drive to handle cache files. When those 5% are consumed, BranchCache service will start overwriting old content (least accessed).

 Q: If my machines are using BranchCache, is it possible that they may get old cached data from neighbor peers?

A: NO. You will never ever get old data. BranchCache is designed to ensure it can work perfectly even with the most dynamic web sites that have content changing very quickly. The reason why this is true, is that clients will always connect to the live web site or share, get the newest hashes, and then requesting it from its neighbor machines if they have such data in their cache.

Q: If the main link between the branch and the main site is down, will my branch machines continue getting cached content from their neighbor peers?

A: NO. Because each machine should connect to the content server first that is located in the main site, to get those hashes that describe the data, before requesting the complete data from neighbor peers.

Q: What should I do if I want to troubleshoot a problem from my BranchCache client that cannot access a certain internal web site or file share? How can I temporarily disable BranchCache on that machine so I can troubleshoot the problem?

A: Just stop the BranchCache Service, troubleshoot your problem, and then enable it again.

Q: What do you recommend: Distributed Cache mode or Hosted Cache mode?

A: Well, it depends .Hosted Cache mode is excellent if the branch office has more than 50 machines (numbers are changed in Windows 8) because you don’t need to consume disk space on branch machines or introduce slight processing overhead on their machines for replying to BranchCache requests from neighbor machines. But this requires that you install a server in the branch site with BranchCache supported edition from Windows Server.

Finally, always remember to have your Windows client machines with good space on their C drive just in case.

Q: Is it possible for neighbor machines to request access to cache content on my machine without being authorized to do so?

A: NO. Because each BranchCache client will encrypt the data with a unique key that is shared with the content server. So neighbor machines should connect to the content server first, authenticate, get that encryption key, before asking your machine for cache content.

Q: I am concerned about security and I am not sure if I can trust such technology and have sensitive files cached everywhere.

A: Take it easy. We didn’t mention everything yet. BranchCache security is a long and complicated topic that I will be very pleased to discuss it with you if you drop me an email, and I will explain to you how BranchCache uses effective cryptography to protect data. For now, just take it from me: IT IS SECURE.

Q: What will happen if the BranchCache service fail to download content from neighbor peer or from the content server?

A: When BranchCache is unable to retrieve data from a peer or from the Hosted Cache, the upper layer protocol will return to the server for content. If a failure occurs in the Branch Caching component, the upper layer protocol should seamlessly download content from the server. No BranchCache misconfiguration or failure should prevent the display of a webpage or connection to a share.

This is part of the story. If you are interested to know more about this nice technology, come here again and filter posts with (BranchCache) tag.

One comment on “BranchCache – Course 110: Q & A

  1. Thank you for great posts about BranchCache. Some questions if I may….
    1. Considering the versioning info below, is there anyway to take advantage of the benefits of BC V2 (Dist Cache mode b/c I am using it with SCCM) with a Server2012 + W7 environment?
    BC V1 = Server 2k8 + W7
    BC V2 = Server 2012 + W8

    2. What do you suggest are the most effective methods to verify which source (BranchCache vs Distribution Point) a BC client obtained source files from? Any logs?

    3. Is the client BranchCache service Startup Type supposed to be “Manual” by default? Any reason this shouldn’t be “Automatic”?

    Thank you in advance for any responses.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s