Multiple Domain Controllers in a site with a RODC

Generally a RODC is designed for sites where physical security is an issue, so placing a RWDC in the same site may not be ideal. But there are situations where it would work. For example, a logical site might span two physical locations that are very well connected (one secure, one not secure) and administrators only require the RODC at the less safe location.

The graphic below is a summary of what local replication (intra-site) will occur.

If local replication of a partition is not possible the partition will need to be replicated from another site. This might duplicate replication traffic that would have otherwise been optimised by Active Directory replication smarts. For example, two read only DC’s in a site both have to download the same changes because they cannot talk to each other.