Embed Size (px)
DESCRIPTION
Useful for MCITP: Windows Client
Citation preview
BranchCache Hosted Cache Mode Step by Step GuideMicrosoft Corporation
Published: May, 2010
Author: James McIllece
Editor: Scott Somohano
AbstractBranchCache is a wide area network (WAN) bandwidth optimization technology that is included in some editions of the Windows Server® 2008 R2 and Windows® 7 operating systems. To optimize WAN bandwidth, BranchCache copies content from your main office content servers and caches the content at branch office locations, allowing client computers at branch offices to access the content locally rather than over the WAN.
This step by step guide provides instructions on how to deploy BranchCache in hosted cache mode in a test network environment.
The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.
Your right to copy this documentation is limited by copyright law and the terms of the software license agreement. As the software licensee, you may make a reasonable number of copies or printouts for your own use. Making unauthorized copies, adaptations, compilations, or derivative works for commercial distribution is prohibited and constitutes a punishable violation of the law.
© 2010 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
All other trademarks are property of their respective owners.
ContentsBranchCache Step-by-Step Guide: Demonstrate Hosted Cache Mode in a Test Lab.....................5
Test Lab Scenario Overview........................................................................................................5Requirements for BranchCache...............................................................................................6
Steps for Demonstrating BranchCache Hosted Cache Mode.........................................................7
Perform basic configuration of all computers..................................................................................7
Rename the computer.................................................................................................................... 8
Configure a static IP address..........................................................................................................9
Install and configure the BranchCache content file server............................................................11
Install the WINS feature................................................................................................................11
Install the File Services server role...............................................................................................12
Create a test share and add sample content................................................................................14
Configure hash publication for BranchCache................................................................................20
Manually generate content information.........................................................................................20
Install and configure the hosted cache server...............................................................................21
Install the BranchCache feature and set the service mode...........................................................21
Configure Windows Performance Monitor on Hosted-01..............................................................23
Create and deploy a certificate.....................................................................................................24
Install the Web Server (IIS) server role.........................................................................................25
Create and export a self-signed certificate....................................................................................27
Import the BranchCache certificate on client computers...............................................................36
Link the certificate to BranchCache..............................................................................................40
Configure client computers...........................................................................................................42
Enable BranchCache on client computers....................................................................................42
Configure Windows Performance Monitor on client computers....................................................43
Verify BranchCache functionality..................................................................................................44
Verify WINS registration................................................................................................................44
Access file server content on client computers.............................................................................47
Optional - Reset computers to rerun tests....................................................................................49
Additional Resources.................................................................................................................... 50
BranchCache Step-by-Step Guide: Demonstrate Hosted Cache Mode in a Test LabBranchCache is a wide area network (WAN) bandwidth optimization technology that is included in some editions of the Windows Server® 2008 R2 and Windows® 7 operating systems.
To optimize WAN bandwidth, BranchCache copies content from your main office content servers and caches the content at branch office locations, allowing client computers at branch offices to access the content locally rather than over the WAN.
BranchCache modesWhen content is cached on client computers in the branch office, BranchCache is deployed in distributed cache mode. Distributed cache mode is not depicted in this step-by-step guide.
When content is cached on a server in the branch office, BranchCache is deployed in hosted cache mode.
This guide provides instructions for deploying BranchCache in hosted cache mode in a test lab environment.
Content serverTo deploy BranchCache, you must deploy a content server. This guide provides instructions for deploying a file server content server using the File Services server role in Windows Server® 2008 R2 in a test lab environment.
Test Lab Scenario OverviewIn this BranchCache hosted cache mode scenario, there is one BranchCache content file server, one BranchCache hosted cache server, and two client computers.
In a real world scenario, the content server is installed at your organization’s main office, while the client computers and hosted cache server are installed at a branch office. In addition, the branch office is connected to the main office with DirectAccess, a virtual private network (VPN) connection, or using some other remote access technology.
In this test lab scenario, all four computers are installed on the same local area network (LAN) segment and are connected to a network hub using Ethernet cables. With this test lab configuration, the network hub replaces the VPN or DirectAccess connection that would exist in the real world scenario.
Content servers and content information
When you deploy a BranchCache-enabled file server, the file server automatically generates identifiers for the content at the moment when the content is first requested by a BranchCache-enabled client computer. These content identifiers are called content information.
When a client requests content for the first time, the file server computes content information as it transmits the content to the client. The file server then stores the content information for subsequent client requests.
For this guide, however, instructions are provided so that you can manually generate content information before client computers attempt to access the content. Because of this, the content information exists prior to the first request for the content by the first client computer.
Requirements for BranchCacheFollowing is a list of operating systems that support BranchCache functionality. To successfully deploy BranchCache in a test lab environment, you must use operating systems that support BranchCache.
Operating systems for BranchCache client computer functionalityTo perform the steps in this guide, you must have three physical or virtual client computers that are running one of the following operating systems:
Windows® 7 Enterprise
Windows® 7 Ultimate
Operating systems for BranchCache content server functionalityTo perform the steps in this guide, you must have one physical or virtual server computer to be used as a BranchCache content Web server that is running one of the Windows Server® 2008 R2 family of operating systems, with the following exceptions:
In Windows Server® 2008 R2 Enterprise Core Install with Hyper-V, BranchCache is not supported.
In Windows Server® 2008 R2 Datacenter Core Install with Hyper-V, BranchCache is not supported.
Operating systems for BranchCache hosted cache server functionality:
Windows Server® 2008 R2 Enterprise
Windows Server 2008 R2 Enterprise with Hyper-V
Windows Server 2008 R2 Enterprise Core Install
Windows Server 2008 R2 Enterprise Core Install with Hyper-V
Windows Server 2008 R2 for Itanium-Based Systems
Windows Server® 2008 R2 Datacenter
Windows Server® 2008 R2 Datacenter with Hyper-V
Windows Server 2008 R2 Datacenter Core Install with Hyper-V
To perform the steps in this guide, virtual computers, also called virtual machines (VMs), can be used instead of physical computers if you are running a version of Windows Server 2008 R2 that supports Hyper-V, and if the operating system on the VM supports BranchCache.
Steps for Demonstrating BranchCache Hosted Cache ModeYou can use the following topics to configure a BranchCache content file server, a hosted cache server, and two client computers. In addition, you can verify BranchCache functionality.
1. Perform basic configuration of all computers
2. Install and configure the BranchCache content file server
3. Install and configure the hosted cache server
4. Create and deploy a certificate
5. Configure client computers
6. Verify BranchCache functionality
Perform basic configuration of all computersBefore installing or configuring other technologies, it is important to perform basic computer configuration on the two computers that are running Windows Server® 2008 R2 and on the two computers that are running Windows® 7.
After installing the operating system, you must rename the computer and configure networking. To perform these actions, use the following topics.
1. Rename the computer
2. Configure a static IP address
Note
Rename the computerYou can use this procedure to rename the computers that are running Windows Server® 2008 R2 and to rename the two client computers that are running Windows Server® 2008 R2. While performing this procedure, use the following names for the computers:
Computer Role Operating System Computer Name
BranchCache content server Windows Server 2008 R2 Content-01
BranchCache hosted cache server
Windows Server 2008 R2 Hosted-01
BranchCache client computer Windows 7 Enterprise or Windows 7 Ultimate
Client-01
BranchCache client computer Windows 7 Enterprise or Windows 7 Ultimate
Client-02
Membership in Administrators, or equivalent, is the minimum required to perform these procedures.
1. Click Start, right-click Computer, and then click Properties. The System dialog box opens.
2. In Computer name, domain, and workgroup settings, click Change settings. The System Properties dialog box opens.
Note On computers running Windows 7, before the System Properties dialog box opens, the User Account Control dialog box opens, requesting permission to continue. Click Continue to proceed.
3. Click Change. The Computer Name/Domain Changes dialog box opens.
4. In Computer Name, type the name for your computer based on the values provided in this topic. For example, if you are configuring your content server, type Content-01.
5. Click OK twice, click Close, and then click Restart Now to restart the computer.
To rename computers running Windows Server 2008 R2 and Windows 7
Configure a static IP addressYou can use this procedure to configure a static IP address on the content server and on the three client computers.
Membership in Administrators, or equivalent, is the minimum required to perform these procedures.
To determine the IP address with which to configure each computer, use the following table.
Computer Role Computer Name IP Address
Content server Content-01 192.168.0.254
Hosted cache server Hosted-01 192.168.0.100
Client computer Client-01 192.168.0.1
Client computer Client-02 192.168.0.2
1. Click Start, and then click Control Panel. 2. In Control Panel, click Network and Internet. Network and Internet opens.
In Network and Internet, click Network and Sharing Center. Network and Sharing Center opens.
3. In Network and Sharing Center, click Change adapter settings. Network Connections opens.
4. In Network Connections, right-click the network connection that you want to configure, and then click Properties.
5. In Local Area Connection Properties, in This connection uses the following items, select Internet Protocol Version 4 (TCP/IPv4), and then click Properties. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box opens.
6. In Internet Protocol Version 4 (TCP/IPv4) Properties, on the General tab, click Use the following IP address. In IP address, type the IP address that you want to use.
7. Press tab to place the cursor in Subnet mask. A default value for subnet mask is entered automatically. Either accept the default subnet mask, or type the subnet mask that you want to use.
8. In Default gateway, type the IP address of your default gateway if you have one on your test network.
9. To configure TCP/IP Properties with the IP address of the WINS server that will provide
To configure a static IP address on a computer running Windows Server 2008 R2 or Windows 7
name-to-IP address resolution services in your test lab, click Advanced. The Advanced TCP/IP Settings dialog box opens. Click the WINS tab, and then click Add. Type the IP address of the content server, 192.168.0.254, which will also act as a WINS server in the test lab.
Note You must configure the WINS server value on all four test lab computers, including the content server that will act as a WINS server.
10. Click OK twice, and then click Close.
Install and configure the BranchCache content file serverAfter performing basic configuration of the test lab computers, you can use the following sections to install the File Services server role with the BranchCache for network files role service on Content-01. These topics also provide instructions on how to create a test share, add sample content, configure hash publication for BranchCache, and manually generate content information for the content that you’re sharing.
In addition, you can install the Windows Internet Name Service (WINS) feature to provide name-to-IP address resolution services for computers on the test network.
1. Install the WINS feature
2. Install the File Services server role
3. Create a test share and add sample content
4. Configure hash publication for BranchCache
5. Manually generate content information
Install the WINS featureYou can use this topic to install Windows Internet Name Service (WINS) on the computer Content-01. WINS enables computers running Windows to find other computers using NetBIOS by mapping computer names to IP addresses.
Membership in Administrators, or equivalent, is the minimum required to perform this procedure.
1. Do one of the following:
a. In Initial Configuration Tasks, in Customize This Server, click Add Features. The Add Features Wizard opens.
b. Click Start, click Administrative Tools, and then click Server Manager. In the left pane of Server Manager, click Features, and in the details pane, in Features Summary, click Add Features. The Add Features Wizard opens.
2. In Select Features, in Features, scroll down the list, select WINS Server, and then click Next.
To install WINS
3. In Confirm installation selections, click Install.4. In Installation Results, review your installation results, and then click Close.
After you complete WINS installation, either restart the computers on your network or run the command nbtstat –rr at the command prompt on each computer to cause the computers to register their name records in the WINS server database.
Install the File Services server roleYou can use this topic to install the File Services server role and the BranchCache for Network Files role service on the content server Content-01.
To perform this procedure, you must be a member of the Administrators group on the local computer.
Important
1. On Content-01, click Start, point to Administrative Tools, and then click Server Manager.
2. In Roles Summary, click Add Roles.
3. In the Add Roles Wizard, on the Before You Begin page, click Next.4. On the Select Server Roles page, select File Services, and then click Next.
5. On the File Services page, click Next.6. On the Select Role Services page, in Role Services, ensure that File Server is selected.
Also select BranchCache for network files, and then click Next.
7. On the Confirm Installation Selections page, confirm your selections, and then click Install.
8. On the Installation Results page, confirm that your installation of the File Services role and required role services completed successfully, and then click Close.
Create a test share and add sample contentYou can use this topic to create and share a folder on Content-01, and then add content to the folder that will be used during BranchCache testing for this guide.
To perform these procedures, you must be logged on to Content-01 as Administrator.
1. On Content-01, click Start, and then click Computer. Windows Explorer opens in a view that displays hard disk drives and devices.
To create a test share
2. In Windows Explorer, in Hard Disk Drives, double-click Local Disk (C:). Windows Explorer displays the local disk drive.
3. In Windows Explorer, click New folder. A new folder is created in the right pane with the editable default name New folder. Replace the default name by typing Test_share, and then press ENTER. Windows Explorer creates the folder with the name you provided.
4. Right-click the folder Test_share, click Share with, and then click Specific people.
5. The File Sharing dialog box opens. In File Sharing, click Administrator to ensure that the Administrator account has Read and Write permissions for the share.
6. Click Share. The Network discovery and file sharing dialog box opens.
7. In the Network discovery and file sharing dialog box, click Yes, turn on network discovery and file sharing for all public networks.
8. In File Sharing, you are notified that your folder is shared, and Individual items displays the folder \\Content-01\Test_share.
9. In File Sharing, click Done. This returns you to Windows Explorer. Do not close the window, as it is used in the next procedure.
In the next procedure, you will add sample content to the share by copying one file (ole32.dll) from the Windows\System32 folder on the local computer to the Test_share folder that you just created. In a production environment your shares will contain the content that your organization employees need, however in the test lab all that is needed to demonstrate BranchCache is one file that is over 64k in size. In this circumstance, the ole32.dll file serves the test lab purposes well, because it is larger than this minimum size requirement. For this test lab, this file serves solely as example shared content.
1. In Windows Explorer, double-click Windows. The Windows folder opens. Scroll down to and double-click the folder System32.
2. In the Windows\System32 folder, scroll down to the file ole32.dll, right-click the file, and then click Copy.
3. In Windows Explorer, click the Back arrow twice to return to local disk C, and then double-click Test_share. The Test_share folder opens.
4. In Test_share, right-click the right pane, and then click Paste. The ole32.dll file is copied into the Test_share folder and can now be used during the test lab as example file share content.
Add content to the share
Configure hash publication for BranchCacheYou can use this procedure to enable hash publication for BranchCache using local computer Group Policy on Content-01.
Membership in Administrators, or equivalent is the minimum required to perform this procedure.
1. Click Start, click Run, type mmc, and then press ENTER. The Microsoft Management Console (MMC) opens.
2. In the MMC, on the File menu, click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box opens.
3. In Add or Remove Snap-ins, in Available snap-ins, double-click Group Policy Object Editor. The Group Policy Wizard opens with the Local Computer object selected. Click Finish, and then click OK.
4. In the Local Group Policy Editor MMC, expand the following path: Computer Configuration, Administrative Templates, Network, Lanman Server. Click Lanman Server.
5. In the details pane, double-click Hash Publication for BranchCache. The Hash Publication for BranchCache dialog box opens.
6. In the Hash Publication for BranchCache dialog box, click Enabled.
7. In Options, click Allow hash publication for all shared folder, and then click Allow hash publication for all shared folder.
8. Click OK.
Manually generate content informationYou can use this procedure to generate content information, also called hashes, for the content that exists in the file share you created earlier in this guide. In a production environment, manually creating content information is not required, however doing so in this test lab allows the deployment of two rather than three client computers to demonstrate BranchCache functionality.
To perform this procedure, you must be a member of the Administrators group.
1. On Content-01, click Start, click Search programs and files, and then type command. In search results, under Programs, right-click Command Prompt, and then click Run as
To configure hash publication for BranchCache To generate content information on Content-01
Administrator. The command prompt opens with the elevated privileges that are required to run netsh commands.
2. At the command prompt, run the following command: hashgen –f C:\Test_share.
Install and configure the hosted cache serverYou can use the following section to install the BranchCache feature on Hosted-01 and configure the computer as a hosted cache server.
1. Install the BranchCache feature and set the service mode
2. Configure Windows Performance Monitor on Hosted-01
Install the BranchCache feature and set the service modeYou can use these procedures to install the BranchCache feature, start the BranchCache service, and set the service mode to HOSTEDSERVER on the BranchCache hosted cache server, Hosted-01.
Membership in Administrators, or equivalent is the minimum required to perform this procedure.
1. On Hosted-01, click Start, click Administrative Tools, and then click Server Manager. Server Manager opens.
2. In the Server Manager left pane, right-click Features, and then click Add Features. The Add Features Wizard opens.
3. In the Add Features Wizard, in Features, select the BranchCache check box, and then click Next.
To install and enable the BranchCache feature
4. In Confirm Installation Selections, review your choice and then click Install. The Installation Progress pane is displayed during installation, and then the Installation Results pane is displayed.
5. In Installation Results, review the summary and then click Close. The Add Features Wizard closes.
6. In the Server Manager left pane, double-click Configuration, and then click Services.
7. In the details pane, in Services, double-click BranchCache. The BranchCache Properties dialog box opens.
8. In the BranchCache Properties dialog box, on the General tab, verify that the BranchCache service is started. If it is not already started, click Start to start the BranchCache service, and then click OK.
Important The BranchCache service startup type is Automatic, which means that the BranchCache service starts whenever the computer is restarted. It is recommended that you keep the startup type value set to Automatic.
You can use the following procedure to configure the BranchCache service mode on Hosted-01. Because the hosted cache server is not a member of an Active Directory domain, the additional
parameter clientauthentication=NONE is included when you run the netsh branchcache set service mode command.
1. On Hosted-01, click Start, click Search programs and files, and then type command. In search results, under Programs, right-click Command Prompt, and then click Run as Administrator. The command prompt opens with the elevated privileges that are required to run netsh commands.
2. Run the following command: netsh branchcache set service mode=hostedserver clientauthentication=NONE
Note Running the netsh branchcache set service command both configures the server computer to act as a hosted cache server and automatically configures the computer firewall with the following inbound exceptions for hosted cache mode: TCP port 80 and TCP port 443.
3. To verify that BranchCache hosted server mode is correctly configured on the computer, run the following command: netsh branchcache show status. The BranchCache Service Status is displayed in the command prompt window with the following values: Service Mode: Hosted Server; Client Authentication: No Authentication; and Current Status= Running.
Configure Windows Performance Monitor on Hosted-01You can use this topic to configure Windows Performance Monitor on the hosted cache server, Hosted-01, to monitor BranchCache performance. Before accessing the content from client computers, you must configure Performance Monitor with BranchCache counters to record BranchCache activity.
Membership in Administrators, or equivalent is the minimum required to perform this procedure.
1. On Hosted-01, click Start, click Search programs and files, and type perfmon. In Search results, in Programs, click perfmon.exe. Windows Performance Monitor opens.
2. In Monitoring Tools click Performance Monitor to view the Performance Monitor graph. To change the performance monitor graph to report view, click the graph toolbar icon that displays an arrow to reveal the drop-down list, and then click Report.
3. To add BranchCache counters, click the graph toolbar icon that is a green plus sign (+). The Add Counters dialog box opens. In the left pane, scroll to BranchCache, and click
To enable BranchCache hostedserver mode using network shell commandsTo configure Performance Monitor
the arrow to expand the list of BranchCache counters. Select the following counters.
Retrieval: Bytes from cache Retrieval: Bytes from server Retrieval: Bytes served SMB: Bytes from cache SMB: Bytes from server
4. Click Add, and then click OK. Note that the values for all BranchCache counters are zero.
Create and deploy a certificateYou can use the following sections to deploy an IIS self-signed server certificate on Hosted-01, to link the certificate to BranchCache, and to configure client computers to trust the certificate when Hosted-01 uses the certificate to prove its identity to client computers during the server authentication process.
1. Install the Web Server (IIS) server role
2. Create and export a self-signed certificate
3. Import the BranchCache certificate on client computers
4. Link the certificate to BranchCache
Install the Web Server (IIS) server roleYou can use this procedure to deploy a static content Web server on Hosted-01. Hosted-01 will not be acting as a Web server for this test lab, however Internet Information Services (IIS) provides a simple way to create a server certificate that the hosted cache server can use to prove its identity to client computers. After these instructions for IIS installation, this guide provides instructions on how to create a self-signed certificate using IIS, how to export the certificate, and how to import the certificate on client computers so that they trust the server certificate during the authentication process with Hosted-01.
You must be a member of the IIS 7 Administrators group to perform this procedure.
1. On Hosted-01, click Start, point to Administrative Tools, and then click Server Manager.
2. In Roles Summary, click Add Roles.
3. In the Add Roles Wizard, on the Before You Begin page, click Next.4. On the Select Server Roles page, select Web Server (IIS), and then click Next.
Note If an informational dialog box notifies you of required dependencies, click Add Required Role Services to accept installation of the dependencies.
Note To install the Web Server (IIS) server role
5. On the Web Server (IIS) page, click Next.6. On the Select Role Services page, note the preselected role services that are installed by
default, and then click Next.
Note You only have to install the IIS 7 default role services for a static content Web server.
7. On the Confirm Installation Selections page, confirm your selections, and then click Install.
8. On the Installation Results page, confirm that your installation of the Web Server (IIS) role and required role services completed successfully, and then click Close.
Create and export a self-signed certificateYou can use these procedures to create a self-signed certificate using Internet Information Services (IIS), and then export the certificate for use on client computers.
You must be a member of the IIS 7 Administrators group to perform this procedure.
1. On Hosted-01, click Start, click Run, and then type mmc. The Microsoft Management Console (MMC) opens.
To create a self-signed certificate
2. In the MMC, click File, and then click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box opens. In Available snap-ins, click Internet Information Services (IIS) Manager, and then click Add. Click OK.
3. In the IIS console, double click Internet Information Services (IIS) Manager, and then click Hosted-01 (HOSTED-01).
4. In Hosted-01 Home, scroll to and double-click Server Certificates.
5. In Actions, click Create Self-Signed Certificate.
6. The Create Self-Signed Certificate page opens. In Specify a friendly name for the certificate, type BranchCache.
7. Click OK. IIS Manager creates a self-signed certificate named BranchCache, which is displayed in IIS Manager. Do not close the MMC, as it is used in the next procedure.
You can use the following procedure to export the BranchCache certificate to a folder location on Hosted-01.
You must be a member of the Administrators group to perform this procedure.
1. In the MMC, click File, and then click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box opens. In Available snap-ins, click Certificates, and then click Add.
To export the BranchCache certificate
2. The Certificates snap-in page opens. On the Certificates snap-in page, click Computer account, and then click Next.
3. In Select Computer, ensure that Local computer is selected, and then click Finish.
4. Click OK. The Certificates snap-in is added to the same MMC that contains the IIS Manager snap-in. In the MMC, double-click Certificates (Local Computer), double-click Personal, and then click Certificates. In the details pane, the BranchCache certificate issued to Hosted-01 is displayed.
5. Right-click Hosted-01, click All Tasks, and then click Export.
6. The Certificate Export Wizard opens. Click Next.7. In Export Private Key, ensure that No, do not export the private key is selected, and
then click Next.
8. In Export File Format, ensure that DER encoded binary X.509 (.CER) is selected, and then click Next.
9. In File to export, click Browse, and then navigate to a folder location where you want to save the certificate. In File name, type BranchCache, and then click Save. The Browse dialog box closes and the File to export page is displayed with the file location and file name that you selected. For example, if you selected a file location of C: and a file name of BranchCache, C:\BranchCache.cer is displayed.
10. Click Next, and then click Finish. An information dialog box opens that displays the message The export was successful. Click OK.
11. If needed, click Finish. Using Windows Explorer, navigate to the file location where you saved the certificate. Copy the certificate and save the certificate to a file location on both Client-01 and Client-02.
Import the BranchCache certificate on client computersYou can use the following procedure to import the BranchCache certificate into the Trusted Root Certification Authorities certificate store for the local computer on each client computer.
You must be a member of the Administrators group to perform this procedure.
You must perform the following procedure on both Client-01 and Client-02.
1. Click Start, click Run, and then type mmc. The Microsoft Management Console (MMC)
Important To import the BranchCache certificate on client computers
opens.
2. In the MMC, click File, and then click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box opens. In Available snap-ins, click Certificates, and then click Add. The Certificates snap-in page opens.
3. On the Certificates snap-in page, click Computer account, and then click Next.4. In Select Computer, ensure that Local computer is selected, and then click Finish.
Click OK. The Certificates snap-in is added to the MMC.
5. In the MMC, double-click Certificates (Local Computer), double-click Trusted Root Certification Authorities, and then click Certificates.
6. On the Action menu, click All Tasks, and then click Import. The Certificate Import Wizard opens.
7. Click Next. In File to import, click Browse. In the Open dialog box, navigate to the folder location where you saved the BranchCache.cer file. Select the file and click Open. The Open dialog box closes.
8. In the Certificate Import Wizard, click Next.9. In Certificate Store, verify that Trusted Root Certification Authorities is selected, and
then click Next.
10. Click Finish. An information dialog box opens that displays the message The import was successful. Click OK.
Link the certificate to BranchCacheYou can use these procedures to obtain the SHA-1 hash, also called the thumbprint, of the server certificate of a hosted cache server so that you can then link the certificate to BranchCache. These procedures must be performed on a hosted cache server to which a server certificate has already been enrolled.
Membership in Administrators or equivalent is the minimum required to perform this procedure.
1. On Hosted-01, click Start, click Run, type mmc, and then press ENTER. The Microsoft Management Console (MMC) opens.
2. In the MMC, on the File menu, click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box opens.
3. In Add or Remove Snap-ins, in Available snap-ins, double-click Certificates. The Certificates snap-in dialog box opens. Click Computer account, and then click Next.
4. In Select Computer, in This snap-in will always manage, ensure that Local computer: (the computer this console is running on) is selected, click Finish, and
To obtain the SHA-1 hash of the hosted cache server certificate
then click OK.
5. In the navigation pane, double-click Certificates (Local Computer) and then double-click the Personal certificate store.
6. The Certificates folder is a subfolder of the Personal certificate store. Click the Certificates folder.
7. In the details pane, browse to the server certificate that was issued by Hosted-01 and double-click the certificate. The Certificate dialog box opens.
8. In the Certificate dialog box, click the Details tab. In the list of fields, select Thumbprint.9. In the lower pane, the hexadecimal string that is the SHA-1 hash of your certificate is
displayed. Select the SHA-1 hash and press the Windows keyboard shortcut for the Copy command (Ctl+C) to copy the hash to the Windows clipboard.
10. Click Start, click All Programs, click Accessories, and then click Notepad. The Notepad application opens.
11. In Notepad, press the Windows keyboard shortcut for the Paste command (Ctl+V) to paste the SHA-1 hash into a new text file. Remove all of the spaces between the characters in the SHA-1 hash so that the hash contains no spaces, and then save the text file to hard disk.
In the next procedure where you link the hosted cache server certificate to BranchCache, you will use the SHA-1 hash of the certificate while running a network shell (netsh) command.
1. On the BranchCache hosted cache server that you want to configure, click Start, click Search programs and files, and then type command. In search results, under Programs, right-click Command Prompt, and then click Run as Administrator. The command prompt opens with the elevated privileges that are required to run netsh commands.
2. Open the text file that you created using Notepad, and use the SHA-1 hash to create and run the command below.
3. Run the following command: netsh http add sslcert ipport=0.0.0.0:443 certhash=SHA-1_Hash appid={d673f5ee-a714-454d-8de2-492e4c1bd8f8}, where SHA-1_Hash is the SHA-1 hash of the server certificate on the hosted cache server. After you run the command, the message, “SSL Certificate successfully added” is displayed in Command Prompt.
4. To verify the binding of the certificate, run the following command to display SSL certificate bindings: netsh http show sslcert
Note To link the hosted cache server certificate to BranchCache
Configure client computersYou can use the following sections to configure client computers for your test lab.
Enable BranchCache on client computers
Configure Windows Performance Monitor on client computers
Enable BranchCache on client computersYou can use this procedure to manually configure each BranchCache client computer for hosted cache mode by using network shell (netsh) commands.
You must perform this procedure on both client computers to successfully deploy BranchCache in your test lab.
Membership in Administrators, or equivalent is the minimum required to perform this procedure.
1. On the BranchCache client computer that you want to configure, click Start, click Search programs and files, and then type command. In search results, under Programs, right-click Command Prompt, and then click Run as Administrator. The command prompt opens with the elevated privileges that are required to run netsh commands.
2. Run the following command: netsh branchcache set service mode=hostedclient location=Hosted-01
Note Running the netsh branchcache set service command both configures the client computer for hosted cache mode and automatically configures the client computer firewall with the following inbound exception for hosted cache mode: TCP port 80.
3. To verify that BranchCache hosted cache mode is correctly configured on the client computer, run the following command: netsh branchcache show status. The BranchCache Service Status is displayed in the command prompt window with the following values: Service Mode: Hosted Cache Client and Current Status= Running.
4. To set the latency allowed between the client and the server, run the following command: netsh branchcache smb set latency 0.
Note The default BranchCache latency is 80 milliseconds (ms). For this test lab, latency is set to 0 ms because the content server, client computers, and hosted cache server are all installed on the same network, so there is no delay expected in communications between the computers during BranchCache operation.
Important To enable BranchCache hosted cache mode by using network shell commands
Configure Windows Performance Monitor on client computersYou can use this topic to configure Windows Performance Monitor on both client computers to monitor BranchCache performance. Before accessing the content on Content-01, you must configure Performance Monitor with BranchCache counters to record BranchCache activity.
You must perform the following procedure on both Client-01 and Client-02 in order to measure BranchCache performance during testing.
Membership in Administrators, or equivalent is the minimum required to perform this procedure.
1. On client computers, click Start, click Search programs and files, and type perfmon. In Search results, in Programs, click perfmon.exe. Windows Performance Monitor opens.
2. In Monitoring Tools click Performance Monitor to view the Performance Monitor graph. To change the performance monitor graph to report view, click the graph toolbar icon that displays an arrow to reveal the drop-down list, and then click Report.
3. To add BranchCache counters, click the graph toolbar icon that is a green plus sign (+). The Add Counters dialog box opens. In the left pane, scroll to BranchCache, and click the arrow to expand the list of BranchCache counters. Select the following counters.
Retrieval: Bytes from cache Retrieval: Bytes from server Retrieval: Bytes served SMB: Bytes from cache SMB: Bytes from server
4. Click Add, and then click OK. Note that the values for all BranchCache counters are zero. The following illustration displays performance counters configured on Client-01.
Important To configure Performance Monitor
Verify BranchCache functionalityYou can use the following sections to verify BranchCache functionality.
1. Verify WINS registration
2. Access file server content on client computers
3. Optional - Reset computers to rerun tests
Verify WINS registrationYou can use this topic to verify that all computers on the test network have registered their NetBIOS names with the WINS server, to verify that networking is functioning correctly, and to ensure that your configuration matches the requirements of this guide before you begin the BranchCache testing process.
Membership in Administrators, or equivalent is the minimum required to perform this procedure.
1. On Content-01, click Start, point to Administrative Tools, and then click Server Manager. Server Manager opens.
2. In the Server Manager left pane, click and expand Features and then WINS.
3. In WINS, click Active Registrations. Note that no WINS records are displayed in the
To verify computer registration in WINS
right pane yet. Right-click Active Registrations, and then click Display Records. The Display Records dialog box opens.
4. In Display Records, on the Record Mapping tab, click Find Now.
5. The Display Records dialog box closes, and the WINS registrations for all computers that have registered a record with the server are displayed in Active Registrations.
6. In Active Registrations, you should see both [00h] Workstation and [20h] File Server WINS records for all computers on the network, including Client-01, Client-02, Content-01, and Hosted-01, as illustrated in the example below.
If all computers have registered records in the WINS database, your test network is installed correctly, and you can continue with the BranchCache tests in this guide.
If one or more computers have not registered records in WINS, do the following:
a. Verify that you have configured the WINS server IP address in TCP/IP v4 network connection properties according to the instructions provided in the topic Configure a static IP address.
b. Either restart the computer so that it automatically registers its NetBIOS name with the WINS server or run the following command at the command prompt to release and then renew the name record registration with the WINS server: nbtstat -RR
In order for you to successfully perform the procedures in this guide, Content-01 must register its own record in the WINS database. If Content-01 has not registered a record in WINS, configure the TCP/IP v4 properties of the network connection on Content-01 with its own IP address as the WINS server. This will cause Content-01 to register its own record if it has not already done so.
Important
A Microsoft WINS server record includes the WINS client NetBIOS name, IP address, and a value called a version ID. When you release and renew the record, an existing record’s version ID is incremented or a new record is registered. When you run nbtstat -RR, a timer is invoked so that the command cannot be successfully run again for 2 minutes. This delay is provided to prevent a WINS server from becoming saturated by client renewal requests. The –RR portion of the command syntax is case sensitive.
Access file server content on client computersYou can use this procedure on client computers to access and download sample content from Content-01 while you have Windows Performance monitor open and configured with BranchCache performance counters. On each client computer, access and download the sample content, ole32.dll, and review the changes in the BranchCache performance counters.
You must perform this procedure on Client-01, wait two minutes to allow Client-01 sufficient time to upload the file to the hosted cache server, and then perform this procedure on Client-02.
You must be a member of Administrators to perform this procedure.
1. On the client computer, click Start and then click Run. The Run dialog box opens.
2. In the Run dialog box, in Open, type \\Content-01\Test_share\, and then press ENTER. The Windows Security dialog box opens.
3. In the Windows Security dialog box, in Enter Network Password, type CONTENT-01\Administrator in the first text box. Type your Administrator password in the second text box, and then press ENTER. The Content-01 test share opens in Windows Explorer.
4. Right-click the sample content, ole32.dll, and click Copy.
5. Right-click the client computer desktop and click Paste. The sample content is copied from Content-01 to the client computer.
6. Close Windows Explorer.
7. Review the BranchCache counter changes in Windows Performance Monitor on the client computer and on the hosted cache server, Hosted-01, as follows:
a. After you download content to Client-01, the performance counters on Client-01 show that the content was obtained from Content-01:
Note Important To access and download file server sample content
b. On Hosted-01, the performance counters are also incremented:
c. After you download content to Client-02, the performance counters on Client-02 show that the content was obtained from the cache on Hosted-01, while the content information was obtained from the content server:
d. On Hosted-01, the performance counters are also incremented:
Optional - Reset computers to rerun testsYou can use the following procedure to reset the hosted cache server and two client computers so that you can rerun the tests in this guide and achieve the same results.
1. On Hosted-01, Client-01, and Client-02, delete all BranchCache cached content by using the following command at the command prompt: netsh branchcache flush.
2. If there are any open instances of Windows Explorer on the computer, close Windows Explorer.
3. On Client-01 and Client-02, delete content from the Offline Files cache:
a. Click Start, click Search, and then type Manage offline files. In search results, click Manage offline files. The Offline Files dialog box opens.
b. In the Offline Files dialog box, click the Disk Usage tab, and then click Delete temporary files.
4. On all three client computers, restart the computer to reset the counters in Performance Monitor.
Note You might need to reconfigure Windows Performance Monitor with BranchCache performance counters after you restart the computer. If this is the case, add the performance counters that are specified in the topics Configure Windows Performance Monitor on client computers (on client computers) and Configure Windows Performance Monitor on Hosted-01 (on the hosted cache server) in this guide.
Additional ResourcesFor more information about the technologies in this guide, see the following resources:
BranchCache Design Guide
BranchCache Deployment Guide
Network Shell (Netsh) Commands for BranchCache
IIS 7 Deployment Guide
WINS Product Help (Windows Server 2003)
The documentation for WINS is not updated for Windows Server® 2008 R2. Aside from some software engineering changes that make WINS less vulnerable to malicious attack, WINS functionality is not changed from that available in the Windows Server® 2003 operating systems.
To reset all computers Note
