Tuesday, October 7, 2014

Network impact assessment (NIA): FIM 2010 AD MA LDAP traffic throughput

I just performed a Wireshark capture between the FIM and several Active Directory domains to try to validate whether the numbers in the MIIS 2003 Capacity Planning whitepaper are (a) still relevant to FIM 2010 and (b) actually relevant to AD connected data sources.  The whitepaper mentions that the test results show throughput between MIIS and its SQL database.  So, it doesn't specifically say that the numbers are relevant to connected data sources, but it does mention them in the recommended best practices section; and this is confusing.

So, I'm here to clear up the confusion.  And I can summarize by saying, yes, the numbers in the whitepaper are relevant to AD connected data sources.  Here are my findings:

Average LDAP traffic throughput 1.2 Mbps
Peak LDAP traffic throughput 6 Mbps

These findings seem to verify the claim from the MIIS 2003 capacity planning whitepaper that a 5 Mbps bandwidth is the bare minimum (for connected data sources). The sections below show more details about the tests.

CORP_ADMA Full import
object_type count
computer 82
contact 2072
container 208
domainDNS 1
foreignSecurityPrincipal 21
group 1787
NULL 82
organizationalUnit 616
user 10020
TOTAL objects 14889

1.14 Mbps

28287944 total bytes

28287944 / 1024^2 = 26.9775 MB

28287944 * 8 = 226303552 bits

226303552 / 198.559 = 1.1397E6 bps
6e6 bits/tick @ 1 sec/tick

6e6/1e6=6 Mbps peak




EXCH_ADMA Full import
object_type count
contact 3365
container 107
domainDNS 1
group 280
NULL 57
organizationalUnit 163
user 6740
TOTAL objects 10713

1.264 Mbps

19285496 total bytes

19285496 / 1024^2 = 18.3921 MB

5.5e6 bits/tick @ 1 sec/tick
5.5e6/1e6=5.5 Mbps peak



WEB_ADMA Full import
object_type count
container 82
domainDNS 1
group 45
NULL 8
organizationalUnit 3
user 2184
TOTAL objects 2323

1.197 Mbps

2611566 total bytes

2611566 / 1024^2 = 2.4906 MB

5e6 bits/tick @ 1 sec/tick
5e6/1e6=5 Mbps peak