Windows 10 1607 Windows Update Change

For those of you who have started deploying 17, you might notice a in the behavior of the Windows agent for PCs that are configured to pull from WSUS.  Instead of pulling the updates from WSUS, PCs may start grabbing them from peers on your network, leveraging the Delivery Optimization service for referrals to other PCs that have already obtained the content.  This should generally help reduce the amount of network traffic being generated for both quality (monthly) and feature updates, offloading that traffic from the server.  It will add some additional traffic between each client PC and the Delivery Optimization service on the internet, as it has to talk to this internet-only service in order to get a list of peers.

If the Windows agent can’t talk to the Delivery Optimization service (due to firewall or proxy configurations), or if there are no peers able to provide the content, it will then go ahead and grab the content from the server.

There is a new Policy setting available if you want to disable this behavior, e.g. because you are already using for peer-to-peer sharing.  To do this, you need to set the “Download Mode” policy under “Computer Configuration –> Administrative Templates –> Components –> Delivery Optimization” to specify “Bypass” mode, which will result in the client always using BITS to transfer the content from WSUS (with BranchCache jumping in to provide the peer-to-peer capabilities through its integration with BITS):


Of course to set this policy, you need the latest files, which can be downloaded from and are also included in 17 and Server 2016.  (The “Bypass” setting wasn’t available in previous versions.)  See for details on how to the Policy central store with these latest files, if you are using a central store.


Translate »
%d bloggers like this: