The 12 BranchCache tips of ConfigMas

  1. Enable data deduplication on your content library. Dedup precalculates the hash (no hash = no P2P). Also means that you’ll get dedup savings over the wire because you’re using the dedup hash algorithm BEFORE P2P kicks in (you’re transferring already deduped content). If you distribute content from a deduped volume, BranchCache checks dedup’s VSS store for the hashes. Since we care about dedup for content, please exclude everything else but the content library when the volume is shared with other stuff.
  2. Don’t make packages full of small files. Every file downloaded initiates a new HTTP(s) connection. P2P is at the file level so it (P2P) will start over at each new file. You’ll lose out on BranchCache’s flash crowd detection. It’s how BranchCache saves the network from multiple identical downloads by learning who else might be downloading the same file and waiting for the downloading client to share locally. Finally, files under 64KB are too small for BranchCache. If there are a few small files, leave them alone. If it’s a package full of small files, it’s better to zip them.
  3. Zip is your friend but use the deflate algorithm. The deflate algorithm is better at figuring out deltas. Other ideas for dealing with packages with tons of small files:
    1. Create a WIM.
    2. Create a VHD.
  4. Dont keep adding to the same update package all year long. Often files get so large that they never finish transferring before a maintenance task comes along and kills the job. Windows updates are cumulative now. There isn’t a good reason to have the CU’s from last winter included in the current update package. Keep the update packages small and tidy. While this isn’t a BranchCache problem, it certainly is the first to get the blame when the problem is that packages are prevented from reaching the DP because they are so large.
  5. Check on your BranchCache service. If you’re using ConfigMgr to enable BranchCache, it only cares about enabling the service, it doesn’t care about the health of it. BranchCache is a Windows component, not a ConfigMgr component. You need to check on the following (clients and server):
    1. Status (is it even running??).
    2. Startup type (preferably not disabled 😊 ).
    3. Service account (please don’t change it away from the default Network Service account unless you like angry ACLs).Johan wrote a blog post which covers client health and includes scripts you can use.
  1. Keep track of P2P flags on deployments.
    1. New packages will be auto enabled for BC starting with ConfigMgr 1802.
    2. Old packages will retain their flags. Luckily there is a script for finding the flags and converting them if necessary.
  2. Keep track of disk space
    1. Client side: you need room to download the package into CCM cache AND BC cache
    2. Server side: disk space for content library is super important too – use Johan’s DP health script
  3. Keep track of cache size. BranchCache operates on a first in first out + what is most frequently used model. BranchCache by default only uses 5% of your disk once enabled. You need change it to something more reasonable, so you don’t accidentally boot stuff out of the cache, and also because when BranchCache is happy, everybody is happy.
  4. Check firewall configuration. Better yet, use our shiny BranchCache tuner to take care of things like cache size, firewall, and BranchCache service.
    1. Use something other than port 80 (we like 1337).
    2. Check URL reservation with netsh because if it isn’t there BranchCache won’t enter the party; it’ll just hover on the doorstep. You do this with the following command: netsh http show url acl.
  5. Keep track of your boundaries.
    1. Don’t lose out on BranchCache because of crazy boundaries. Make sure clients aren’t going to a DP on a different continent to get content. And while we are on the topic, should clients really go out to the internet unthrottled?
  6. There are two BranchCache databases and both are on each enabled client and server
    1. Server side has perfmon for BC – if you see a lot of failures you know you have some work to do
    2. You can dig into the BranchCache database with tools such as ESEDatabaseView
  7. Enable BranchCache on your DPs using ConfigMgr. This way ConfigMgr will coordinate the server secret. Packages might not be downloaded from peers if they aren’t all using the same server secret.