Enabling BranchCache in SCCM Quickly and Easily

Enabling BranchCache in SCCM Quickly and Easily, A few months ago, I posted on Twitter about my success with deploying BranchCache. That post sort of blew up, and somehow I ended up offering to write a blog post about it… I have seen a lot of blogs about setting up BranchCache, however, most of them end up using something outside of the built-in tools that ConfigMgr provides. This post will focus on setting up BranchCache using only the built-in solutions in ConfigMgr. BranchCache is very powerful and can be configured at a much deeper level than what ConfigMgr provides out of the box, however, I didn’t feel that I needed that level of configuration for my environment. I should also mention that this is literally my first blog post, so please, be gentle!

What is BranchCache?

BranchCache is a technology built-in to Windows since Windows 7 and Server 2008, it is a peer-to-peer technology designed to reduce the workload on distribution servers by allowing clients to share content between themselves. BranchCache is a very powerful technology with many options. But what really motivated me to set it up in my environment was how simple it is to turn on in ConfigMgr. Again, BranchCache has many more advanced settings and options than what I mention here. But those are not required to have a BranchCache setup that significantly reduces the load on your distribution points and network infrastructure.

PeerCache?

Before getting into how to configure BranchCache, a few quick words on similar technology, PeerCache. However, PeerCache is an SCCM (not Windows) technology that functions in a similar way to BranchCache. However, there are a few differences:

PeerCache uses the SCCM content store for its content on the client machine
PeerCache content is free to be shared outside the client’s subnet (but won’t cross to different Boundary Groups)
Also, PeerCache requires the client to be reachable by its FQDN
PeerCache works in an SCCM distributed WinPE with little to no extra configuration
PeerCache SuperPeers should be carefully selected to ensure the best results

I am not going to go over the configuration of PeerCache in this article, the targeting of SuperPeers and other options makes it a bit more cumbersome to set up. However, both BranchCache and PeerCache can be set up at the same time and having both enabled can lead to even fewer downloads coming from your distribution points and less traffic over the WAN.

How to enable BranchCache using SCCM

Also, Enabling BranchCache in an SCCM Environment is easy, and consists of 2 main steps: Enabling it on the Distribution Points, and enabling it for clients.

Enabling BranchCache on Distribution Points

First, you will want to enable BranchCache on at least one distribution point. I started with turning it on for just one distribution point in my environment. After seeing good results, I enabled it on the rest of the Distribution Points. To enable the BranchCache setting on a distribution point, you can do the following:

Open up the ConfigMgr Console
Head to the “Administration” tab and click “Distribution Points”
Right-click and select “Properties” on the Distribution Point where you want BranchCache enabled
In the “General” tab, check the box for “Enable and configure BranchCache for this distribution point”. Then click “Apply” and “OK”

Enabling BranchCache on ConfigMgr Clients

Once BranchCache is enabled on at least one Distribution Point, you can turn it on for your ConfigMgr clients.

The easiest way to configure BranchCache for your clients is through Client Device Settings. Because we are configuring BranchCache through Client Settings. The configuration can be rolled out as quickly or slowly as you want. For my environment, I tested a small subset of systems before rolling it out everywhere. Within a week of rolling out BranchCache everywhere, I was seeing huge amounts of data being shared through BranchCache. If you have concerns about congestion from Wi-Fi devices sharing their content. (I received a few questions on this. But have not seen any issues myself.) You can exclude, for example, all laptops from the collection that BranchCache is enabled on.

To turn on BranchCache for your clients, do the following:

Head to the “Administration“ tab in the ConfigMgr Console
Open “Client Settings” and either right-click and select “Properties” for the appropriate Client Settings. You want to modify or create a new set of Client Settings. (I started by creating a new set of settings, and eventually moved the BranchCache configuration to the Default Settings)
Put a check on the “Client Cache Settings”, then navigate to the “Client Cache Settings” page that appears.
Set the following settings on the “Client Cache Settings” page:
1. Configure BranchCache – Yes
2. Enable BranchCache – Yes
3. Maximum BranchCache cache size (percentage of a disk) – 10 is the default, choose whatever amount is good for your environment.
4. If you want other Client settings to manage the cache size. Make sure to set “Configure Client Cache Size to “No” here
5. Click OK to accept these settings
Right-click the client settings you just created and select “Deploy”
Choose the device collection to deploy these settings to
You are done! Now it is time to watch the data savings!

How to tell if BranchCache is working?

The easiest way to check that BranchCache is actually working is right in the ConfigMgr Console! Head to “Monitoring” -> “Distribution Status” -> “Client Data Sources”. From there you can see where clients are downloading from based on Boundary Group. After BranchCache was enabled in my environment. I simply checked this page daily to see how well things were working out.

Note: You may have to turn on the “Client Peer Cache” feature in “Administration” -> “Updates and Servicing” -> “Features” in order for the Client Data Sources dashboard to show up (Thanks to Bert in the comments for pointing this out!).

Content Distribution View in the SCCM Console

If you want to ensure the client setting is set on your clients. The following command run in an admin PowerShell session on a client will be able to tell you that:

Get-WmiObject -Namespace root\ccm\policy\machine -class ccm_superpeerclientconfig

—

Andrew Jimenez

Twitter: @AndrewJimenez_

#SCCM BranchCache ConfigMgr P2P recent6

13 comments

Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Chris says:
April 8, 2019 at 4:25 pm
Nicely written and worded article! I will start testing this in my environment as well over the next few weeks.
Raj says:
April 10, 2019 at 9:50 pm
Good article.
Some observations and comparisons in –
https://www.anoopcnair.com/sccm-bandwidth-optimization-branch-cache-peerdo/
Bert Vangeel says:
April 11, 2019 at 10:14 am
I have BranchCache enabled on all my DP’s and clients, but the dashboard mentioned in the blog isn’t there.
The only things visible in Monitoring > Distribution Status are Content Status, DP Group Status and DP Configuration Status.
Peer caching is not enabled in my environment. I’m on CB 1902.
Reading here https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/monitor-content-you-have-distributed#client-data-sources-dashboard
“Client Peer Cache and the Client Data Sources dashboard were first introduced in version 1610 as pre-release features. Beginning with version 1710, these features are no longer pre-release features. You must enable Client Peer Cache before the Client Data Sources dashboard becomes visible in the console. s it possible that this will only become visible when Peer Caching feature is enabled”
I guess this is an important one, as only with BranchCache and no Peer cache, there will be no dashboard.
Do keep up blogging, it’s what makes SCCM Admins smarter by checking what and how everyone is using it, so we can learn from each other.
Thanks!
- Andrew Jimenez says:
  April 11, 2019 at 2:30 pm
  Thanks! That is a great catch. In that case I would definitely turn on the PeerCache feature to have the dashboard show up. The dashboard is super helpful with getting a good overview of peering in your environment.
  - Bert Vangeel says:
    April 11, 2019 at 2:37 pm
    Can I turn PeerCache on just to see the dashboard? Are there Client settings to be created at the same time, or can I leave client settings disabled for the time being.
    Not sure yet how to get that one working effectively without disrupting the LAN and WAN. I’d rather know all at once before doing things I can’t turn back.
    - Andrew Jimenez says:
      April 11, 2019 at 2:47 pm
      Yes, you can turn the feature on, but not deploy the client settings for PeerCache. I would just double check default client settings before and after turning on the feature to ensure that the setting “Enable Configuration Manager client in full OS to share content” is set to “No”. Then you should be all set, and still have the dashboard 🙂
JCC_FL says:
June 7, 2019 at 6:19 pm
Is it possible to have a Peer Cache Source machines serve clients in on a different subnet? Microsoft documentation says you can do this by ensuring the subnets are in the same boundary group. However, I’ve do this and the clients are still not detecting the Peer Cache Source machine on the other subnet. Thanks!
- Andrew Jimenez says:
  June 20, 2019 at 2:29 pm
  Interesting… In my environment, my boundary groups are all split by subnet, so I have not actually tested that. However, I would check the options tab on the Boundary Groups and ensure that Peer Downloads is checked, and the option “During peer downloads, only use peers within the same subnet” is unchecked.
Andy Cippico says:
September 17, 2019 at 7:23 am
Yes, BranchCache worked really well in our environment until we discovered that it grabbed port 80 for listening. Anyone with a local web service immediately got trampled on. It also seems that once turned on, you can’t stop the BranchCache service unless you set it to Disabled. This is even after turning it off in the SCCM Client Cache configuration. Currently trying to figure out how to ‘remediate’ 500 clients.
- Mela says:
  February 11, 2020 at 12:57 pm
  Same issue, do you find it out?
  - Andrew Jimenez says:
    February 28, 2020 at 2:50 pm
    If you want to configure the BranchCache port, I would recommend 2Pint’s CI found here: https://2pintsoftware.com/download/branchcache-tuner-ci-configmgr/
SubCha says:
May 9, 2021 at 5:10 pm
Hi Andrew,
Thanks for this neat and crispy writeup. We are using BranchCache in SCCM (distributed cache mode) only. All dps in the environment, available in large sites are branch cache enabled. The BC client setting has been deployed to all clients, but we can’t get it to work. All configurations has been done as per Microsoft documentation. Even though BC has been enabled on the clients, even Windows Firewall policy updated. The Branch Cache content cache size remains zero and the clients keep going to DPs configured as content source for their respective Boundary groups and not to the peers hosting content. So my question.
1. Did you need any additional GPO like below – Hash Publication for BranchCache” on the file server(s) found in Administrative templates > Policies > Network > Lanman ServeR?
2. Make any changes at the boundary group level?
- Andrew Jimenez says:
  August 26, 2021 at 3:57 am
  I’ll be honest, it has been a long time since I’ve touched BranchCache, I’ve switched jobs since writing this post as well. However, when I did the basic BranchCache setup I do not remember making any GPO or boundary group changes to make things work.
  I will say, if you are having issues, the 2Pint BranchCache CI is super helpful for making sure all the client settings are in place: https://2pintsoftware.com/download/branchcache-tuner-ci-configmgr/