How can I throttle the bandwidth consumed by Windows Automatic Updates?

13

2

We have many Windows XP computers sharing one connection to the internet. These machines are set to download all available automatic updates and then prompt the user to install them.

Whenever Patch Tuesday rolls around, our internet usage pegs out, and remains that way for most of the day, and sometimes into the following Wednesday. This hurts!

I still want the machines to start to download the updates as soon as they are available, but if it takes until Thursday or Friday before the last updates are downloaded, that's still better than the latency and dropped connections we are seeing now as a result of the internet connection bottleneck.

What can I do to throttle back how rapidly each machine downloads the updates, while still having them all start the download process as soon as the updates are available? I have no desire to run a WSUS server. Also, the internet connection is more than enough, whenever there are no updates to download.

eleven81

Posted 2009-12-17T20:09:14.317

Reputation: 12 423

Related: Stopping all automatic updates windows 10

– galacticninja – 2016-09-14T07:59:41.523

Answers

4

Traffic Shaper XP is a perfect fit.

Features:

  • Speed limiting for bandwidth-intensive applications and protocols
  • Flexible address and port filtering
  • Acknowledgement prioritization to speed up congested links
  • Real-time traffic monitoring and stream statistics

Traffic Shaper XP is freeware

John T

Posted 2009-12-17T20:09:14.317

Reputation: 149 037

a fit maybe, not a perfect one though, as the free version can only throttle the bandwidth on a computer, automated bandwidth distribution os not an option. and when it comes to paid software, i'd say NetLimiter is the better option. – None – 2009-12-17T20:48:08.357

"What can I do to throttle back how rapidly each machine downloads the updates, while still having them all start the download process as soon as the updates are available?" I think it's fully capable of what he's after. – John T – 2009-12-17T20:52:30.657

10

Seems like you should really consider installing a WSUS server. Then only one machine downloads the updates -- all the clients go to it. Free and reasonably easy to setup. All the machines don't need to be in a domain, either (although that certainly simplifies setup).

In the meantime, you can also look at throttling BITS via this Technet article.

Chris_K

Posted 2009-12-17T20:09:14.317

Reputation: 7 943

1(Yes, I know you don't want to do a WSUS server, but it is such an obvious solution!) ;-) – Chris_K – 2009-12-17T20:34:38.463

+1 for BITS throttling. I was going to suggest this Technet article: http://blogs.technet.com/tmintner/archive/2006/04/12/425112.aspx

– JMD – 2009-12-17T20:38:10.513

The bonus is that BITS settings can be manipulated via Group Policy, so if you have that in place (you do mention "many" boxes") you could adjust these settings from one place. – JMD – 2009-12-17T20:39:47.577

The only downside is that BITS will throttle all applications on the machine, not just the WSUS updates. – John T – 2009-12-17T20:44:44.930

+1 for WSUS, it's made specifically for your use case – Christopher Edwards – 2009-12-17T21:20:42.190

+1 again, once you get it up and running WSUS is a dream – micmcg – 2009-12-18T00:46:42.367

1

Its a bit of an ugly hack but i tend to use this Offline update on a network share as a poor man's WSUS server, especially for getting fresh installs up to speed. Tie that in with a sceduled task, and turn off automatic updates, and it should do

Journeyman Geek

Posted 2009-12-17T20:09:14.317

Reputation: 119 122

0

I agree the WSUS offline update is the best bet. WSUS server is a waste of time, effort, energy, and money. Use an existing workstation you want to use as the 'update file server' and use WSUS offline to create a shared folder in which all the other machines point to. You can use the task scheduler on the client machines to have the updates run on the following day or Patch Tuesday evening, after all the updates have been downloaded to the update file server.

This might be considered a hack by some, but is the best option by far. One should not be required to purchase another server just to patch all the security holes Microsoft has already charged us for.

Jon

Posted 2009-12-17T20:09:14.317

Reputation: 1