question

RakeshKumar-5488 avatar image
0 Votes"
RakeshKumar-5488 asked RitaHu-MSFT edited

Regarding WSUS server Update Issue & High bandwidth utilization

Hi All,

We are facing a strange issue with our WSUS server. we are using a WSUS server in our Organization and all the microsoft patch we push to client through WSUS server only. We are using GPO for WSUS configuration in Client Pcs .

Recently we have faced an incident in which our entire network bandwidth got choked ( 100 % ) 200 MB utilized.

As we checked our Proxy log we found that many of clients connected with following Microsoft URL and used most of the bandwidth.

We blocked all these URL temp and then Utilization got reduced from 200 MB to 30-35 MB.



http://dl.delivery.mp.microsoft.com
http://2.tlu.dl.delivery.mp.microsoft.com
http://3.tlu.dl.delivery.mp.microsoft.com
http://7.tlu.dl.delivery.mp.microsoft.com
So can anyone suggest what are the uses of these URLs . If we push update from WSUS server only than why client are communicating directly with Microsoft site for any kind of update ?

Thanks in Advance
Rakesh Kumar



windows-serverwindows-server-update-services
image.png (72.4 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@RakeshKumar-5488
Is there any updates of the case? Whether the issue has been resolved or not?

Please don't hesitate to inform me if there are any questions. Please try to mark the answer if the below solution is helpful.

Thanks for your time and have a nice day.

Regards,
Rita

0 Votes 0 ·
RitaHu-MSFT avatar image
0 Votes"
RitaHu-MSFT answered RitaHu-MSFT edited

@RakeshKumar-5488
Thanks for your posting on Q&A.

According to this link, the WSUS will connect to the belowb links to get the required update files:
http://windowsupdate.microsoft.com

http://*.windowsupdate.microsoft.com

https://*.windowsupdate.microsoft.com

http://*.update.microsoft.com

https://*.update.microsoft.com

http://*.windowsupdate.com

http://download.windowsupdate.com

https://download.microsoft.com

http://*.download.windowsupdate.com

http://wustat.windows.com

http://ntservicepack.microsoft.com

http://go.microsoft.com

http://dl.delivery.mp.microsoft.com

https://dl.delivery.mp.microsoft.com

Also we could apply the below policy to prevent the clients from scanning updates from the Internet:
116099-2.png

Please review this link and apply the above policy for the clients. Hope the above will be helpful.

Please keep us in touch if your have any quetions.

Regards,
Rita


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


2.png (147.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RakeshKumar-5488 avatar image
0 Votes"
RakeshKumar-5488 answered RitaHu-MSFT edited

Hi Rita,

Thanks for your reply.!

I will try this and let you know.

Also i would like to add one more point that in Apr I have make a new GPO to install optional component installation Policy so that user can install language pack directly without going to WSUS. Basically after joining domain our client not able to download the language pack so I created this policy.

But I am not sure if this may be one of the reason client getting connect with Microsoft site for patch update also.

![116182-image.png][1]

https://www.stephenwagner.com/2018/10/08/enable-windows-update-features-on-demand-and-turn-windows-features-on-or-off-in-wsus-environments/



image.png (313.2 KiB)
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Yes, it seems you tick the option and the clients will try to get the required files from the Windows Update. I found a related link just for your reference:
https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/configure-a-windows-repair-source

Hope the above will be helpful.

0 Votes 0 ·

Hi I have just found one more issue in our WSUS server.

As I checked our WSUS server it showing some of client Pcs IP as Proxy device IPs. But some clients are showing actual IP address.

Also since I block those 4 Microsoft URLs all client Pcs which showing proxy IP address are not communicating with WSUS server.
So I think this might be the cause of Bandwidth high utilization

Can you help me how to fix it. I have attached snapshot for same.

118579-image.png


1 Vote 1 ·
image.png (25.9 KiB)

@RakeshKumar-5488
Thanks for your reply.

It seems that there are two issues which are totally different. We recommend to post one issue in one post. Please help to solve the first issue first and then I suggest to open a new post in this forum. We will discuss the issue further in the new post.

Thanks for your understanding and cooperation.

Regards,
Rita

0 Votes 0 ·