Windows 10 1607 Windows Update Change

For those of you who have started deploying 10 17, you might notice a in the behavior of the Windows agent for PCs that are configured to pull from WSUS.  Instead of pulling the updates from WSUS, PCs may start grabbing them from peers on your network, leveraging the for referrals to other PCs that have already obtained the content.  This change should generally help reduce the amount of network traffic being generated for both quality (monthly) updates and feature updates, offloading that traffic from the server.  It will add some additional traffic between each client PC and the Delivery Optimization service on the internet, as it has to talk to this internet-only service in order to get a list of peers.

If the agent can’t talk to the Delivery Optimization service (due to firewall or proxy configurations), or if there are no peers able to provide the content, it will then go ahead and grab the content from the server.

There is a new setting available if you want to disable this behavior, e.g. because you are already using for peer-to-peer sharing.  To do this, you need to set the “Download Mode” policy under “Computer Configuration –> Administrative Templates –> Components –> Delivery Optimization” to specify “Bypass” mode, which will result in the client always using BITS to transfer the content from WSUS (with jumping in to provide the peer-to-peer capabilities through its integration with BITS):

image291

Of course to set this policy, you need the latest files, which can be downloaded from https://www.microsoft.com/en-us/download/details.aspx?id=53430 and are also included in 10 17 and Windows Server 2016.  (The “Bypass” setting wasn’t available in previous versions.)  See https://support.microsoft.com/en-us/kb/3087759 for details on how to the central store with these latest files, if you are using a central store.

Source: https://blogs.technet.microsoft.com/mniehaus/2016/08/08/using-wsus-with-windows-10-1607/

Translate »
%d bloggers like this: