Description of Bridgehead Servers in Windows 2000

This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy.


This articles describes how preferred bridgehead servers function in Microsoft Windows 2000 Server.

More Information

In Windows 2000 Server, bridgehead servers are the contact point for the exchange of directory information between sites. A bridgehead server is a domain controller that has been either administratively assigned or automatically chosen to replicate changes collected from other domain controllers in the site to bridgehead servers in other sites.

By default, the Active Directory replication topology generator, the Knowledge Consistency Checker (KCC), automatically chooses servers to act as bridgehead servers. However, if you are an administrator, you may select one or more domain controllers in the site to be preferred bridgehead servers. These servers are used exclusively to replicate changes collected from the site. Even though you may have administratively configured several domain controllers as preferred bridgehead servers, the KCC chooses one of these servers to become the bridgehead server for the site. However, if you choose only one bridgehead server for a particular site, and that server becomes unavailable, the KCC does not choose another domain controller to be the bridgehead server. Therefore, if you assign a preferred bridgehead server, you should assign more than one.

Multiple bridgehead servers may be required to replicate full copies of data from one site to another. This behavior depends on the transports available, the directory partitions that have to be replicated, and the availability of global catalog servers. You must assign one bridgehead server for each writable directory partition in your forest. When you assign a bridgehead server, you can establish a preferred bridgehead server for one or more protocols such as IP or SMTP. When you configure a domain controller to be the preferred bridgehead server, you must specify the transports that are preferred for replication.

Designating a Preferred Bridgehead Server

To designate a preferred bridgehead server, follow these steps:

  1. On the Administrative Tools menu, click Active Directory Sites and Services. Alternatively, click Start, click Run, and then type dssite.msc.
  2. Click to expand the Sites node in the left pane to expose each of the sites defined in the forest.
  3. Under the site where the domain controller resides (as defined by Active Directory), click to expand the Servers node. A list of the servers in the site is displayed.
  4. Right-click the domain controller object and click Properties on the Context menu.
  5. Click the inter-site transport or transports for which this computer is the preferred bridgehead server, and then click Add. The transport is moved to the This server is a preferred bridgehead server for the following transports box.
  6. Click Apply or OK to commit the changes.

The KCC chooses bridgehead servers in the following manner:

As the KCC constructs the inter-site topology for each directory partition, the servers in each site are evaluated to see if they can be bridgehead servers. Preferred bridgehead servers are chosen first. If you have not configured a preferred bridgehead server, all servers in the site that host the directory partition, and that can communicate over a given transport, can become bridgehead servers. In either case, the first domain controller that meets the requirements becomes the bridgehead server. The domain controllers are sorted in ascending globally unique class identifier (GUID) order. Each preferred bridgehead server that exists in the same site that is configured for the same transport is considered equal.

When you set a preferred bridgehead server, ensure that you choose servers that are capable of replicating the topology. For example, if you have two domain controllers in a site, and domaincontroller1 is a global catalog server, and domaincontroller2 is not, when you choose domaincontroller2 to be the preferred bridgehead, if Active Directory uses domaincontroller1 to replicate read-only domains, the KCC must creates a new connection using domaincontroller1 as a bridgehead server. An event 1567 message is reported that states a non-preferred bridgehead was used.

The next time the KCC runs, it is not be able to reuse the existing connection to domaincontroller1 because it does not use a preferred bridgehead. If the KCC is in "keeping connections" mode (for example, if it has logged an event 1311 message), duplicate connections are created every time the KCC runs. Even if the KCC is not in "keeping connections" mode, it still affects the directory performance because the old connection must be deleted and a new, identical connection must be created every time KCC runs. More information about bridgehead servers can be obtained from the Windows 2000 Server Resource Kit, Distributed Systems Guide, Chapter Six.

Preferred Bridgehead servers should not be defined unless absolutely necessary.

Article ID: 271997 - Last Review: Dec 16, 2009 - Revision: 1