Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Managing Device-Upgrade Bandwidth Use?

Posted by timothy on from the selective-enforcement dept.

First time accepted submitter wallydallas writes "I'm close to a solution, but I wonder how other people block their many devices and operating systems from updating in working hours. For example: I'm the IT guy who blocks iPads from updating when school is in session because we are in a rural location. 3mbps is the best WAN we can buy. Devices can update after hours just fine. We do this with our router (DDWRT) by blocking MESU.APPLE.COM. Many guests bring in Windows 7 laptops, and I want to welcome them, but not their updates. How can I block updates on Android Phones and Linux Laptops? I have a 4G device at home, and I'd like to apply the same tricks 24 hours a day so that I don't use up the bandwith from my vendor. And my many home visitors should have their updates blocked."

5 of 159 comments (clear)

  1. For Windows by jones_supa · · Score: 5, Informative

    For Windows, you could try blocking the addresses listed in the Microsoft Knowledge Base article 818018.

  2. Pfsense by bhenson · · Score: 5, Informative

    Use PFsense and use the package squidguard(or dansguardian) and use the software downloads list.

  3. Don't block it, QoS it. by phizi0n · · Score: 5, Interesting

    There's no reason to avoid using your bandwidth when you can use QoS to deprioritize it so that they can still update any time the bandwidth is available. Most any linux router can do this with tc and iptables, or sometimes with less configurability through their GUI's.

    At home you have control over the devices and can just disable them from automatically updating.

  4. Re:3Mbps?!?? by The_Wilschon · · Score: 5, Funny

    Wasn't 3 Mbps "high-speed" ten years ago?

    --
    SIGSEGV caught, terminating

    wait... not that kind of sig.
  5. Consider caching instead by nemesisrocks · · Score: 5, Informative

    Since you're in such a remote area, your visitors very likely also have slow connections at home too. Why not cache the updates instead? You'll be contributing towards a safer, more secure internet.

    The first person who downloads them would cause a drain on the network, but at least all future attempts would be served up from your cache. You could even have a spare machine downloading the updates overnight, pre-populating the cache for your visitors, to reduce the burden updates cause during the day.

    I've used the instructions here with great success on Squid: http://wiki.squid-cache.org/SquidFaq/WindowsUpdate

    Apparently Apple iOS updates can be cached too, e.g.: http://lkrms.org/caching-ios-updates-on-a-squid-proxy-server/