locked
How to throttle Windows Updates in BITS 4.0 RRS feed

  • Question

  • Hi,

    We are trying to solve a problem related to limiting the "Windows Update" traffic between Windows Clients and Internet Windows Update servers:

    We have a WSUS infra setup like this:

    Master server which is used for for approving patches, and managing computer groups. We don't store patches on that server, and clients are configured to download patches from the internet.

    We have around 20 sites all sites are pointing "Intranet Update Server" to our master server.

    The issue we are having is that in some cases, when we do a patch approval cycle, some remote sites with many users and insufficient internet bandwidth get lousy internet access performance.

    We have identified the cause of this issue to be the large amounts of data that need to be downloaded by Windows Update.

    The solution we are looking for is a way to limit Windows Update Traffic, so my mind jumped immediately to BITS.

    I dug around the BITS features, and found the Peer Caching feature.

    However as I read in Technet, BITS 3.0 has some peer caching capabilities.

    With BITS 4.0 this has been removed, and the only caching available is via BranchCache.

    I've read this thread(link), and the OP is almost in the same situation as me, only he was trying to setup a branchcache server, and the clients would make use of that feature, when downloading from his internal WSUS.

    So what are my options in terms of improving BITS bandwidth usage? Limit BITS download traffic during daytime hours?

    p.s. Before someone says "Why don't you just setup a replica servers in each branch?" - we have no resources for this, and this doesn't play nice with many of our roaming users that go from location to location. Then we'll be moving our bandwidth problem from the Internet lines to the MPLS/Leased lines - which are far more costly.

    thank you,

    ionut

    Thursday, November 13, 2014 1:29 PM

Answers

  • I dug around the BITS features, and found the Peer Caching feature.

    However as I read in Technet, BITS 3.0 has some peer caching capabilities.

    With BITS 4.0 this has been removed, and the only caching available is via BranchCache.

    BranchCache is not an appropriate solution for your scenario, as it requires a WS2008R2 or later server to act as the server-based cache. 

    However, do not be confused by the fact that BranchCache and Peer Caching are enabled in the same way on a client system. PeerCaching is an appropriate solution for these sites.

    So what are my options in terms of improving BITS bandwidth usage?

    The starting place is to limit the background throughput utilization available to BITS. Almost certainly you're saturating the Internet link because each client is evaluating "available bandwidth" at the NIC, which even on a busy network would still be 10+mbit/sec for each system.

    The policies needed for this purpose are documented in the WSUS Technical Reference Guide: Improve WSUS Download Performance with BITS. As described in the section "BITS bandwidth limitations", you'll need to set the policy "Limit the maximum network bandwidth for BITS background transfers".

    But also in that section is the guidance on how to implement PeerCaching, which if all of your systems are BITS 3.0 capable, would be the best solution. In that case only *one* system downloads from Microsoft (it'll be the first one to detect the availability of a new update, so you cannot predict or control this action), and the rest will get the needed files via LAN connections. Of course, you'll still want to limit the bandwidth utilization on the Internet link, and it will still need to be configured for ALL systems, but it will be exponentially less utilization with PeerCaching than with everybody-for-themselves.


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Friday, November 14, 2014 12:32 AM