Slashdot Mirror
Microsoft Windows Update and Network Bandwidth?
Brett Glass asks: "As we reviewed the cache statistics for our small ISP today, we noted that the traffic generated by Microsoft's Windows Update feature constituted 45% -- no, that's not a misprint -- of our total throughput. Because so many computers on the Internet run Windows, this massive resource drain occurs whenever Microsoft announces major security holes (as it did this week). The traffic could be greatly reduced, and service to users much improved, if the updates were cacheable at the ISP. But Microsoft has set up the service in such a way that the data can't be cached. (It's digitally signed, so inserting Trojans into the cache is virtually impossible; in any event, no more of an issue than intercepting the data stream.) Are others out there seeing the same pattern? How might Microsoft be convinced to make its updates cacheable, so as not to waste unthinkable amounts of bandwidth?"
Not being a windows user, how big are the windows updates and how often do they come?
Apple's own software updates are pretty big, although with a much smaller percentage of machines as macs they're not going to cause the same volume of problems. The last few I've seen have been around 40MB, with one topping out at 80, and most security updates (every 2 months perhaps) being 5-15MB
Wouldn't it be nice if you could set up a caching proxy to establish a verification process with the items being cached from that server - that way the server could perform checksum verification on the file and approve the copy for distribution.
It seems that it could be an easy implementation. The proxy requests the file verification in, an XML-RPC request is returned from the server to perform the checksum, the resulting data is sent via SOAP, and approval is given or denied, causing the cache to be used or flushed.
I don't know enough about it to say how difficult it would be to have the proxy determine if the service is available, though. It needs an acronym if it's going anywhere. How about Verify Cache Request (VCR)?
That what was all this school was for... to teach us how to solve our own problems. -- janeowit
Squid can't cache the updates. We've tested this. The URLs for the transfers (files come in as small GETs about 1 KB in size) aren't set up to allow caching.
My experience is that if you download a single update, such as the Media Player, IE, service packs etc, which can only be downloaded individually, then squid will cache it. If you select a few updates, such as grouping your critical updates, it wont do it.
;)
Looking at my squid logs, it appeared that there was a problem with WindowsUpdate issuing a 0 byte sized reply to the GET request (must be somthing to do with the activex control I guess, but never really bothered to look further into it). Squid seemed to choke on the 0 byte reply and obviously didnt cache the rest of the download.
Interestingly enough, MS's caching offering ISA appears to deal with it, but I suppose that they specifally coded it with a knowledge of how their activex control works and hence it knows whats following that 0 byte reply.
Disclaimer - I checked this all out when the new WindowsUpdate first came out and havent been arsed to look at it since then. I ended up just setting up a shitty old box as a SUS server and going that route. (The only benefit to being an MSDN partner being $0 cost for licensing as I justify it as being for testing purposes
"I'm tired of all this 'Aren't humanity great' bullshit. We're a virus with shoes" - Bill Hicks
I suspect that someone at Microsoft has been reading this discussion, which is good.
Most of the stuff that became cacheable, though, was for Windows XP. Windows 98 and Me updates (and we have a lot of users running 98 and Me) are still dragging the system down. I know, I know, you guys at Microsoft are trying to persuade Windows users to upgrade. But could you please not attempt to do this by making updates slower? We ISPs would appreciate it.