BranchCache Overview

BranchCache™ is designed to reduce WAN link utilization and improve application responsiveness for branch office workers who access content from servers in remote locations. Branch office client computers use a locally maintained cache of data to reduce traffic over a WAN link. The cache can be distributed across client computers (Distributed Cache mode) or can be housed on a server in the branch (Hosted Cache mode).

BranchCache is designed to prevent unauthorized access to content. Content is encrypted when transferred between peers or between clients and the hosted cache server. Content can only be decrypted using the identifiers provided by the content server in the main office. The content server will only provide identifiers to authorized clients. BranchCache supports the optimization of downloads over end-to-end secure transports such as HTTPS and IPsec.

BranchCache only optimizes traffic flows between Windows Server 2008 R2 servers and Windows 7 clients. The BranchCache feature is an optional component on Windows Server 2008 R2 and must be installed and enabled before BranchCache can be used. To optimize SMB traffic, the file server role must be enabled. BranchCache is installed on Windows 7 client computers by default, but IT administrators must enable BranchCache and create firewall rules to enable traffic between client computers.

Distributed Cache mode

If client computers are configured to use Distributed Cache mode, the cached content is distributed among client computers on the branch office network. No infrastructure or services are required in the branch office beyond client computers running Windows 7.

Figure 1   Distributed cache mode

  1. Client 1 issues a request for a file on a BranchCache-enabled server in headquarters. This request can be transmitted over any of the BranchCache-enabled protocols (HTTP, SMB, or BITS). The client indicates to the server that it is BranchCache capable, using fields, messages, or headers that are already part of the BranchCache-enabled protocol.

    The server responds, and transmits a set of identifiers that describe the chunks of content the client wants to download. These identifiers are transmitted by using the BranchCache-enabled protocol.

  2. Client 1 searches locally for computer that has already downloaded and cached the content. This search is conducted by using the BranchCache discovery protocol (which, in turn, uses WS-Discovery), which is a multicast protocol sent over UDP. Client 1 is the first computer in the branch to download this piece of content, so it does not receive any responses.

  3. Client 1 issues another request to the server in headquarters by using the BranchCache-enabled protocol (HTTP, SMB, or BITS). This request is not marked as BranchCache capable. The server responds with the requested data. The client then adds this data to its local cache.

  4. Client 2 issues a request for the same content that Client 1 downloaded earlier. Client 2 receives identifiers describing the content from the server in headquarters.

  5. Client 2 uses the BranchCache discovery protocol to search for the content. Client 1 receives this request, finds the requested content in its local cache, and sends a response to Client 2.

  6. Client 2 requests the content from Client 1 by using the BranchCache retrieval protocol (which, in turn, uses HTTP). Client 1 transmits the content to Client 2, protecting it with the BranchCache encryption scheme. Client 2 verifies the data against the identifiers downloaded from the server in headquarters.

Hosted Cache mode

In hosted cache mode, cached content is maintained on a computer running Windows Server 2008 R2 on the branch office network.

Figure 2   Hosted cache mode

  1. Client 1 issues a request to a BranchCache-enabled server in headquarters. This request can be transmitted over any of the BranchCache-enabled protocols (HTTP, SMB, BITS). The client indicates to the server that it is BranchCache capable, using fields, messages, or headers that are already part of the BranchCache-enabled protocol.

    The server responds, and transmits a set of identifiers that describe the chunks of content that the client wants to download. These identifiers are transmitted by using the BranchCache-enabled protocol.

  2. Client 1 requests the content from the hosted cache in the branch by using the BranchCache retrieval protocol [MS-PCCRD] (uses HTTP, TCP, source port: ephemeral, destination port: 80 by default). The hosted cache response informs Client 1 that the target data is not available.

  3. Client 1 issues another request to the server in headquarters by using the BranchCache-enabled protocol (HTTP, SMB, BITS). This request is not marked BranchCache capable. The server responds with the requested data.

  4. Client 1 advertizes the newly downloaded content to the Hosted Cache server by using the BranchCache hosted cache protocol [MS-PCHC]. This protocol is carried in HTTPS (TCP, source port: ephemeral, destination port: 443 by default).

  5. The Hosted Cache server connects to the client and downloads the recently advertized content by using the BranchCache retrieval protocol [MS-PCCRD] (which, in turn, uses HTTP, TCP, source port: ephemeral, destination port: 80 by default).

  6. Client 2 issues a request for the same content that Client 1 downloaded earlier. Client 2 receives identifiers describing the content from the server in headquarters.

  7. Client 2 requests the content from the hosted cache in the branch by using the BranchCache retrieval protocol [MS-PCCRD] (which, in turn, uses HTTP, TCP, source port: ephemeral, destination port: 80 by default). The hosted cache responds with the data. Client 2 verifies the data by using the identifiers downloaded from the server in headquarters.

If a client computer cannot locate content on the Hosted Cache server, it returns to the server in the main office and requests a download.

Hosted Cache mode and Distributed Cache mode are mutually exclusive. A client computer can be configured to use only a single caching mode at one time.