We also got hit, it was due to 37 patches revised on 2nd Sep 2014, all these 37 patches are in our active deployment with deadline passed last month. We are planning QoS at port 8053.
From: [email protected] [mailto:[email protected]] On Behalf Of Sherry Kissinger Sent: Wednesday, September 10, 2014 9:24 PM To: [email protected] Subject: Re: [mssms] RE: Unusually high outbound network traffic from WSUS today? We got slammed hard with the release of the patches on 9/2. Yesterday's releases didn't hurt---but that was likely because of all the changes we made to iis on our SUPs because of last week's slam. In case someone is interested: 1) changed memory allocated to IIS from 4gb to 20gb. (the servers, which are dedicated to only be SUP role and nothing else, have 32gb installed) 2) disabled "rapid fail" on the WSUS pool. Those changes seemed to get us over the spiral of doom we were experiencing. :) We had just done our WSUS cleanup the Friday before... so... bloated wsus from no cleanup being run wasn't considered to be a contributing factor. On Tuesday, September 9, 2014 3:47 PM, "Lindenfeld, Ivan" <[email protected]<mailto:[email protected]>> wrote: We have another issue THIS month (WSUSPOOL keeps abending) but last month we saw that traffic increase. I opened a case with Premier and they had me do the cleanup on WSUS…it had never been done in almost 2 years. Oops. Ivan Lindenfeld From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Jason Sandys Sent: Tuesday, September 09, 2014 4:25 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: Unusually high outbound network traffic from WSUS today? I can’t speak to the unusual activity except to say that’s happened before. As for the catalog download, no, there’s no way for it to be delivered except from WSUS. The transfer does use BITS however, so you can throttle it using BITS limiting. J From: mailto:[email protected] [mailto:[email protected]] On Behalf Of Miller, Todd Sent: Tuesday, September 9, 2014 2:39 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] Unusually high outbound network traffic from WSUS today? Did anyone else experience unusually high network utilization from WSUS/SUP today? I haven’t approved any patches yet so my high utilization must be from the patch definitions file. For some reason WSUS spiked outbound on the network today shortly after Noon and lasted for about 1 hour. Was there anything unusual about today’s patch catalog? It seemed like all of my 15,000 clients tried to download the 26.5Mb file from my WSUS server in a one hour window. I don’t think that has happened in previous months and I am not sure why it happened this month. I have my scan schedule set as a simple once a day schedule with no time specified. I thought that over time that should cause the clients to spread out. Can I throttle the catalog download? Can it be distributed by DPs instead of the catalog coming from that single WSUS server? Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. NOTICE: The information contained in this message is proprietary and/or confidential and may be privileged. If you are not the intended recipient of this communication, you are hereby notified to: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. THIS MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL, PROPRIETARY, AND MAY BE PRIVILEGED. If this message was misdirected, BlackRock, Inc. and its subsidiaries, ("BlackRock") does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BlackRock, unless the author is authorized by BlackRock to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BlackRock. Although BlackRock operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
