How to Increase SCCM IBCM server capacity (Distribution capacity ) with current setup or new plan ?

Question
Hi Team,

My infra, SCCM 1906, we have SCCM 1 primary & 24 secondary sites & SQL DB cluster & 1 SSRS, –

SCCM IBCM (MP/SUP/DP role configured )server configured (used SSL certificate) public IPs nated and done map xxxx.xxx.com name mapped done entry in external DNS>  internet source client communicate via 443 port. coming on DMZ (IBCM) server. But here one DP supporting to 4k client.

Now client count increase more 13k client on internet.

require your suggestion and plan step by step

1) How can increase capacity with existing setup – ( second DPs only on another for IBCMserver   )?

2) Any New plan — (i mean round robin method – use same SSL cert )- setup 2 server is possible ?

or suggest any new plan where we increase DP for ibcm capacity ?

Target 13k client communicate to SCCM IBCM server DP?

please help to implement or share plan or any ref articles where we get all information

 

Thanks,

Dinesh G

 

 

 

 

Answers ( 4 )

    1
    2020-06-03T17:07:37+05:30

    IBCM doesn’t works that way, you can not have round robin or load balancing.
    Please note even if you place another DP in DMZ exposed to internet (technically possible but MS may not support the scenario) you really cant control this traffic bcoz you do not have boundaries to configure and restrict the traffic between both the DPs .

    Are you expecting your 13K devices always online over internet and connecting to IBCM DP with concurrent sessions ? If you have those many concurrent connections happening then you have issue / limitation here.

    Personally I do not think you will have 13K concurrent connections towards IBCM DP. With 4K support on existing DP you should be still good i believe.

    Having said this, recommendation is to move towards cloud services .. plan for CMG

    Best answer
    0
    2020-06-02T16:40:52+05:30

    I don’t have answer to that question… I don’t think this is related to sccm as such.. isn’t it ?

    I think same client certs can be used .. but server cert should be unique for the server isn’t it ?

    https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/network/pki-certificate-requirements

    0
    2020-06-02T16:22:46+05:30

    IBCM DP – it depends the hardware of the DP server.
    Otherwise you need to build additional DP, MP, and SUP in your DMZ zone to cater additional load 13k clients

    If you ask me I build additional servers

      1
      2020-06-02T16:34:35+05:30

      Thanks, but i have one query can i use same SSL certificate for additional SCCM IBCM server (which will setup in DMZ zone) – internet source client coming via SSL 443 – in external DNS entry will – (means round robin) ? is it possible – communication will happen on both server simultaneously ? is this possible

      or we need to use h/w load bal /n/w bal for round robin?

      please share any ref articles if you have ? additional setup ?

      Thanks,
      Dinesh

Leave an answer

Sorry, you do not have permission to answer to this question .