BigFix Relays allow an N-tier hierarchy to be created for the transmission of information from the BigFix Clients to the BigFix Server in the BigFix Enterprise. Following are Frequently Asked Questions about BigFix Relays.
What do BigFix Relays do?
- BigFix Relays "relay" information to and from the BigFix Client and another BigFix Relay or the BigFix Server.
- BigFix Relays enable BigFix Clients to gather the latest information about new Fixlet messages, new actions, or new downloads.
- BigFix Relays enable BigFix Clients to pass status messages to the BigFix Server including action results, retrieved properties, and relevant Fixlet messages.
- BigFix Relays enable BigFix Clients to register their last known IP address so they can be "pinged" later if there is new information to gather.
- BigFix Relays enable BigFix Clients to download patches and other files.
Do I need to find/buy a separate dedicated computer to be a BigFix Relay?
- No! BigFix Relays are specially designed to work on shared systems.
- Any BigFix Client (on a supported BigFix Relay OS) can be a BigFix Relay.
- Most customers will deploy BigFix fully without purchasing a single BigFix Relay (even the largest deployments with over 3000 BigFix Relays).
- It is very common to deploy the BigFix Relay on server computers that already exist in the enterprise infrastructure. AV distribution servers, file servers, print servers, Active Directory servers, and more are all commonly used as BigFix Relays. Server computers make a good choice because servers tend to exist in the same places you want to place a BigFix Relay and they are rarely turned off; however, a server class computer is not a requirement of a BigFix Relay.
- A BigFix Relay uses minimal computer resources and is idle most of the time and it is designed to have minimal impact on a computer so there are no conflicts with other applications/services running on the same computer.
- BigFix Relays do not need server-class fault-tolerant hardware because the nature of the BigFix architecture makes the system fault-tolerant (because BigFix Clients will automatically fail-over to other near-by BigFix Relays in the event of a problem).
- BigFix Relays can also be deployed on standard desktop computers with no problems. Examples from current customers include BigFix Relays on secretarys' computers, kiosk computers in retail stores, IT administrators' computers, and deprecated old desktop hardware that would have been thrown away but instead were used as BigFix Relays.
- BigFix Relays require no additional 3rd party software (e.g., SQL Server, IIS, and other applications are not required for the BigFix Relay).
Why use BigFix Relays?
- Bandwidth Savings - Often the BigFix Clients are not in the same geographic location as the BigFix Server, and often the different locations are connected by thin network pipes. By downloading from a BigFix Relay instead of the main BigFix Server, the information about the action and -- more importantly -- any files associated with the actions only need to be transferred across the thin pipe one time to the BigFix Relay instead of one time per BigFix Client. The BigFix Relay then distributes the information over the LAN to the BigFix Clients. The result is a substantial bandwidth savings. Without BigFix Relays, it would often be impossible to administer remote computers because of the bandwidth limitations.
- BigFix Server Scaling - The BigFix Server has a database and a webserver and is the central communication piece of the whole system. A single computer can only accept so many inbound connections from BigFix Clients, BigFix Consoles, etc. Without using BigFix Relays, even a very powerful computer could easily be overwhelmed by only a few thousand BigFix Clients. By using BigFix Relays, you effectively distribute the load from the BigFix Server to the BigFix Relays allowing for the BigFix Server to scale to handle much more BigFix Clients, use less expensive hardware, and be more efficient.
How do BigFix Relays work?
- BigFix Relays are BigFix Clients that are running two extra services (BESGather and BESRelay).
- BigFix Relays act as a mini BigFix-specific webserver.
- BigFix Clients connect using standard HTTP on the specified port number (default 52311).
- BigFix Clients will request downloads, the latest Fixlet sites, and the latest action sites from the BigFix Relay.
- If the BigFix Relay does not have the latest information, it gets the data from another BigFix Relay or from the BigFix Server.
- BigFix Clients will send action results and retrieved property reports to the BigFix Relay, which will bundle and compress them and send them to another BigFix Relay or to the BigFix Server (the bundling and compression also saves network bandwidth).
- BigFix Relays will cache downloaded files so that it will not have to re-download the files if they are needed later. BigFix Relays (default cache size is 1 GB, but is configurable) use a least-recently-used (LRU) cache replacement scheme for when the cache fills up.
How do you administer BigFix Relays?
- Installing BigFix Relays is done by using an "Install BigFix Relay" task in the BigFix Console to designate a BigFix Client as a relay.
- To uninstall the BigFix Relay, you simply run the "Uninstall BigFix Relay" task in the BigFix Console.
- BigFix Clients can be told which BigFix Relay to point to by using the BigFix Console to set a BigFix Client (or groups of BigFix Clients based on properties like subnet, location, etc.) to use a primary and secondary relay.
- BigFix Clients can also be set to automatically find their closest BigFix Relays based upon network hops.
- BigFix Relays can be manually set to create a hierarchy or the BigFix Relays can establish a hierarchy automatically.
How does the BigFix Client/BigFix Relay Auto Selection work?
- BigFix Clients will choose their closest BigFix Relay by periodically "pinging" each BigFix Relay to determine which relay is the closest based upon the number of network hops. The default BigFix Relay selection period is 6 hours and is configurable.
- Each BigFix Client will make a list of their closest BigFix Relays. If they cannot reach their closest BigFix Relay because it is off or down, they will try the second closest, and so on.
- If a BigFix Client cannot find any BigFix Relays or they are all down, the BigFix Client will connect directly with the main BigFix Server.
- If more than one BigFix Relays are the same distance away from a BigFix Client, the BigFix Client will randomly choose amongst them.
What are the system requirements to be a BigFix Relay?
Hardware Requirements
- Minimum CPU: Pentium 2, 400 Mhz
- Minimum RAM: 128 MB
- Minimum Free HD Space: 2 GB
- Internet Explorer 4.01 or higher is required for proxy authentication
Software Requirements
- Windows NT SP6a/2000/XP/2003 (x86/x64) -- BigFix 4.1+
- Windows Vista (x86/x64) -- BigFix 7.0+
- Windows Server 2008 (x86/x64) -- BigFix 7.0.9+
- Windows Server 2008 Core (x86/x64) -- BigFix 7.2.1.357+
- Windows Server 2008 R2 -- BigFix 8.0+
- Windows Server 2008 R2 Core -- BigFix 8.0+
- Windows 7 (x86/x64) -- BigFix 8.0+
- Solaris 10 (x86/SPARC) -- BigFix 8.0+
- RHEL 4 (x86/x64) -- BigFix 8.0+
- RHEL 5 (x86/x64) -- BigFix 8.0+
- RHEL 6 (x86/x64) -- BigFix 8.2+
- SUSE 11 (x86/x64) -- BigFix 8.2+
- AIX 5.3 -- BigFix 8.2+
- AIX 6.1 -- BigFix 8.1+
- AIX 7.1 -- BigFix 8.2+
Recommendations
- BigFix Relays should be computers that are likely to be powered on all the time.
- BigFix Relays can be desktop computers that are generally in use by a user, but this configuration is not recommended because the BigFix Relay will add additional load to the system which might bother a user.
- File servers, print servers, domain controllers, SMS servers, application servers, etc. are all very good candidates for BigFix Relays because they are generally already deployed in the appropriate locations, they are server-class computers, and they can generally easily handle the minimal additional load from the BigFix Relays.
- It is recommended that you have at least one BigFix Relay per 500-1000 BigFix Clients (you normally deploy BigFix Relays on shared computers that already exist in your current infrastructure). A BigFix Relay accepts many incoming connections and often distributes large files so even a powerful computer will get overwhelmed quickly by more than a few thousand BigFix Clients (because of bandwidth limitations). If there are more than a thousand computers in a particular location, simply choose another BigFix Client to become a BigFix Relay and the BigFix Clients will distribute themselves equally among different BigFix Relays (if auto-selection is enabled).
- If you have several levels of BigFix Relays in a hierarchy, you will need more powerful computers towards the top of the hierarchy than towards the bottom. The exact specifications of the BigFix Relay computers depends heavily on the specifics of each network. Contact your support technician for information for your particular deployment.
- When using top-level relays, it is recommended to have one top-level relay per 500-1000 child relays and directly reporting agents.
- The following table shows some examples of computers that are top-level BigFix Relays and how many computers they can support (sum of all of the computers reporting to them plus all computers reporting to BigFix Relays lower in the hierarchy).
Top Level BigFix Relay Requirements *
| System Specs | Supported BigFix Clients (for child relays) |
| Dual 2.8 Ghz P4, 2 GB RAM | 100,000 |
| Dual 2.0 Ghz P4, 2 GB RAM | 70,000 |
| Dual 1.8 Ghz P4, 1 GB RAM | 30,000 |
| Dual 1.4 Ghz P4, 512 MB RAM | 20,000 |
| 2.4 Ghz P4, 512 MB RAM | 15,000 |
| 1.3 Ghz PIII, 256 MB RAM | 10,000 |
* These numbers are for "Top Level BigFix Relays" only. In general a BigFix Relay is recommended per 500-1000 BigFix Clients for bandwidth reasons.
Note: These are just examples for reference, contact your BigFix support technician for more information on requirements for your network.
Do you have a "best practices" list for maintaining a healthy BigFix Relay deployment?
Yes. Please see the BigFix Relay Health page for more information.