How much intelligent is BITS...?

  • Thread starter Thread starter SammyBar
  • Start date Start date
S

SammyBar

Hi all,

I have WinXP workstations on remote branches that connect to the only WSUS
server by slow links (64Kbits/s). We configured XP workstations to restrict
the available bandwitdh by configuring BITS, restricting them to 10Kbits/s.
It was done by using gpedit. Anyway today morning when all the PCs where
connected on, the link to the branch became saturated anyway.
My question is the following: Suppouse I have 6 PCs on a remote branch with
64K link. Each PC has configured BITS to 10K max. If all they begin to
download security patches at the same time from WSUS, wich is the max
bandwidth that WSUS uses in total? 10Kb for all the PCs or 10Kb for each one
resulting 60Kb of total WSUS usage?

The question arises from the fact that when configuring BITS policies on a
PC, it is done on a PC basis, there is no knowledge of the network topology.
How much intelligent is BITS?

Thanks in advance
Sammy
 
BITS is not aware of the link between the offices. BITS can only say that
it will use up to "X"Kb set in the policy. With that being said and if
these workstations are being turned off/on daily, then what you describe is
expected as a 17-22 hour would have passed and they will start checking in
right near startup. In this particular case, is it possible to leave the
workstations on but logged off during the night? If the answer here is yes,
the site could set a policy to 0 for work hours and then use the 10Kb during
the offshift hours.

/neo
 
neo said:
BITS is not aware of the link between the offices. BITS can only say that
it will use up to "X"Kb set in the policy. With that being said and if
these workstations are being turned off/on daily, then what you describe
is
expected as a 17-22 hour would have passed and they will start checking in
right near startup. In this particular case, is it possible to leave the
workstations on but logged off during the night?
Click to expand...
The answer is not. Our branches normally get electricity shut off after
working hours. Our idea is to allow a minimum bandwidth to WSUS on working
hours to allow updates.
Our crisis comes from the fact that now we are changing OS on the branches
from Win98 to XP. Our tech team uses XP SP2 CD for the installation but how
to update these PCs to latest patches? We tried two approaches: Directly
from the Internet Windows Update site does not works because the branches
gain access to the internet through the same 64K access line. Then we
decided to use WSUS with the BITS service on. Then we had similar troubles
configuring maximum BITS pandwidth to 10K on each PC. So I deduce we should
configure bandwidth to 10Kbs / 6 PCs in order to allow a peak usage of 10Kbs
when all the PCs are updating at the same time.
Anyway the best solution would be Microsoft allowed to download all security
patches to one CD and apply them offline after installing the operating
system. Then configure PCs for WSUS to download monthly updates. But I can't
find how to collect all security patches on a CD for offline installation.
It is a must. If anybody knows how to do that, please tell me

Thanks for your hints
Sammy
 
My question is the following: Suppouse I have 6 PCs on a remote branch with
64K link. Each PC has configured BITS to 10K max. If all they begin to
download security patches at the same time from WSUS, wich is the max
bandwidth that WSUS uses in total? 10Kb for all the PCs or 10Kb for each one
resulting 60Kb of total WSUS usage?
Click to expand...

Each PC will use the 10kb you have configured for that PC, which will result
in an aggregate usage of 60kb/sec.

Note also that 64kb/sec is the /theoretical/ throughput of that WAN link. The
actual throughput will be about 80% of that, at best, so ... yeah ... 6 PC at
10kb/sec all downloading simutaneously will saturate the link, most likely.
The question arises from the fact that when configuring BITS policies on a
PC, it is done on a PC basis, there is no knowledge of the network topology.
How much intelligent is BITS?
Click to expand...

Neo's explanation is the answer to this. The key to succeeding with the
10kb/sec limitation is to make sure those six PCs are rotating their
detections around the clock. The only way to do this is to leave them powered
on, at least, through the work week.
 
SammyBar said:
(snip)
Anyway the best solution would be Microsoft allowed to download
all security patches to one CD and apply them offline after
installing the operating system. Then configure PCs for WSUS to
download monthly updates. But I can't find how to collect all
security patches on a CD for offline installation. It is a must.
If anybody knows how to do that, please tell me
Click to expand...
Hi,

You could download the updates and put them on e.g. a CD, and then
script the installations.

Some links that will help you get started:

A)
Windows Update Catalog
http://go.microsoft.com/fwlink/?LinkId=8973

HOW TO: Download Windows Updates and Drivers from the Windows
Update Catalog
http://support.microsoft.com/?kbid=323166

Web pages that lists all security updates post SP2 (the download links
on those Web sites are pointing to a Microsoft server):

Post-SP2 Critical Updates for WindowsXP
http://www.microscum.com/postsp2/

http://www.softwarepatch.com/windows/index.html

http://xpcreate.com/current.htm


B)
In the link below you will find a description of a hotfix installation
system by Rob Dunn:

Visual Basic Script Hotfix Installation System:
http://groups.google.com/[email protected]


C)
If you want to script the installs yourself, combine the information
at the sites referred to in A) and B) with the information in the
following links:

http://groups.google.com/groups?selm=s5gk74srdje.fsf@patl=users.sf.net

http://groups.google.com/[email protected]

How to Install Multiple Windows Updates or Hotfixes with Only One Reboot
http://support.microsoft.com/default.aspx?kbid=296861

Command-Line Switches For Windows Software Update Packages (1)
http://support.microsoft.com/default.aspx?kbid=262841

Command-Line Switches for Microsoft Software Update Packages (2)
http://support.microsoft.com/default.aspx?kbid=824687

New File Naming Schema for Microsoft Windows Software Update Packages
http://support.microsoft.com/default.aspx?kbid=816915
 
Another option would be to set up a hierarchy of WSUS servers, placing one
in each branch office. This way, the updates download once to each branch
office server, and then get disseminated to the workstations from there. If
you're going that route, to put a server in each branch office for this
purpose, you might as well make each of them DC's, and they'd be able to
push out policies/software/etc. faster.

Just another idea..

Ken
 
Back
Top