Seth says that he is seeing this download going to his akamai servers,
that makes it a much harder nut to crack...
On 04/17/2017 11:17 AM, Wireless Administrator wrote:
Paul,
The IP addresses used by Microsoft for windows updates are a moving
target but there are relatively easy ways to get this situation under
control . Give this a try:
� Use a packet trace tool to Identify the host names used for
windows update.
� Current Mikrotik Router OS supports address Lists using
Dynamic Names. (Cool feature that allows you to use host name and OS
updates address list with current IPs)
� Create simple Queue(s) to control traffic.
� Use time of day on Queue if you prefer.
Game over, you�re the winner �..
Steve
*From:*Af [mailto:[email protected]] *On Behalf Of *Paul McCall
*Sent:* Monday, April 17, 2017 11:16 AM
*To:* [email protected]
*Subject:* [AFMUG] Windows 10 Updates running wild
What are you guys doing to control Windows 10 update from downloading
updates whenever it wants to? Windows used to have a setting for when
it would download and install, and now that setting (IF have you have
access to the Group Policy editor - some Win versions supposedly don')
only allows defining when it will INSTALL the updates and not when it
downloads them. You can make the update process manual I think through
settings, but customers won't ever update then, introducing other
issues. So, that isnt a great workaround. You can also set an
interface to �metered� which means it won�t DL until it gets an
unmetered connection but that won�t help either.
Today 3 customers (plus my PC) were killing an AP, all connected to
Microsoft presumably downloading updates as mine was from that IP. That
is what my PC was doing when I caught the problem. All customers and
myself were connected to the same MS IP address.
Even if customers had access to GPEDIT, and if it had that ability,
talking customers through that would have been a not fun job for tech
support for all the Win10 devices out there now. Supposedly, not all
versions of Win 10 have access to GPEDIT easily. GPEDIT does have a
setting for maximum DL for updates which helps but that would only slow
things down for a loooong time to get updaes. Much better to have it do
full updates after midnight.
Was wondering if there was something that could be defined at the
customers CPE Mikrotik (in place at 95% of our customers) or at the
tower Mikrotik.
There has to be some solution.
Paul McCall, President
PDMNet, Inc. / Florida Broadband, Inc.
658 Old Dixie Highway
Vero Beach, FL 32962
772-564-6800
[email protected] <mailto:[email protected]>
www.pdmnet.com <http://www.pdmnet.com>
www.floridabroadband.com <http://www.floridabroadband.com>
