Active Directory replication is the process of copying Active Directory database changes between domain controllers. Active Directory uses sites and subnets to represent the physical layout of the network and to optimize and customize replication traffic. Active Directory uses the following objects to represent the physical structure of the network and to control replication traffic.

Object Description
Subnet A subnet represents a physical network segment.
  • The subnet object identifies the network address and mask. Both IPv4 and IPv6 are supported.
  • Domain controllers are indirectly associated with a subnet based on the domain controller IP address.
Site A site represents a group of well-connected networks (networks that are connected with high-speed links).
  • Sites are linked to one or more subnets. All subnets within the site can communicate over high-speed and reliable links.
  • Domain controllers are associated with a specific site. You can specify the target site during installation, or move existing domain controllers into sites.
  • When you install the first domain controller in a forest, a default site is created named Default-Site-First-Name.
  • Sites can host domain controllers from more than one domain, and a domain can be represented in more than one site.
  • You typically create additional sites to identify locations separated by WAN links.
Site link A site link is an Active Directory object that represents logical paths between sites that can be used for Active Directory replication.
  • Site links represent logical, not physical connections. For example, you can have all sites connected with a single site link.
  • In most cases, you would match the site link design to the physical network, with a site link for each WAN link.
  • When you install the first domain controller in a forest, a default site link named DEFAULTIPSITELINK is created.
  • Sites are associated with a site link. Each site link can have multiple associated sites, and each site can be associated with more than one site link. In a simple scenario, you can have all sites associated to the default site link.
  • The site link object controls the replication schedule between sites.
  • When more than one logical route exists between two sites, the site link with the lowest cost determines the preference for using a specific site link for replication. The higher the site link cost, the slower the link speed.
Site link bridge A site link bridge is a collection of two or more site links that can be grouped as a single logical link. The best way to understand site link bridging is to consider three sites, linked as follows:

SiteA-----(Site-Link-1)-----SiteB-----(Site-Link-2)-----SiteC

Without bridging, SiteA does not have a communication path to SiteC. With bridging, the two site links in the example are transitive, allowing a connection from SiteA to SiteC.

  • By default, site link bridging is enabled for all sites.
  • If you disable site link bridging, you must manually specify site link bridges.
Bridgehead server A bridgehead server is a domain controller in a site that replicates with domain controllers in other sites.
  • Replication between sites occurs only between bridgehead servers. The bridgehead server in one site contacts a bridgehead server in another site for replication information.
  • Replication within a site does not use bridgehead servers. All domain controllers replicate with all other domain controllers in the site.
  • Active Directory automatically identifies a bridgehead server in each site (typically it will be the first domain controller in the site). You can manually designate bridgehead servers to control which domain controllers participate in intersite replication.
Connection A connection is a logical communication channel between domain controllers.
  • Connections are created automatically, although you can manually create connections if desired.
  • The connector is a property of a domain controller, and identifies one other domain controller from which replication changes will be received. Replication is always a pull configuration, meaning that the target domain controller contacts the source domain controller for replicated information.
  • Connections are unidirectional (one-way). For bidirectional communications, two connections must exist between the domain controllers (one configured on each domain controller).