Paul, The IP addresses used by Microsoft for windows updates are a moving target but there are relatively easy ways to get this situation under control . Give this a try:
. Use a packet trace tool to Identify the host names used for windows update. . Current Mikrotik Router OS supports address Lists using Dynamic Names. (Cool feature that allows you to use host name and OS updates address list with current IPs) . Create simple Queue(s) to control traffic. . Use time of day on Queue if you prefer. Game over, you're the winner ... Steve From: Af [mailto:af-boun...@afmug.com] On Behalf Of Paul McCall Sent: Monday, April 17, 2017 11:16 AM To: af@afmug.com Subject: [AFMUG] Windows 10 Updates running wild What are you guys doing to control Windows 10 update from downloading updates whenever it wants to? Windows used to have a setting for when it would download and install, and now that setting (IF have you have access to the Group Policy editor - some Win versions supposedly don') only allows defining when it will INSTALL the updates and not when it downloads them. You can make the update process manual I think through settings, but customers won't ever update then, introducing other issues. So, that isnt a great workaround. You can also set an interface to "metered" which means it won't DL until it gets an unmetered connection but that won't help either. Today 3 customers (plus my PC) were killing an AP, all connected to Microsoft presumably downloading updates as mine was from that IP. That is what my PC was doing when I caught the problem. All customers and myself were connected to the same MS IP address. Even if customers had access to GPEDIT, and if it had that ability, talking customers through that would have been a not fun job for tech support for all the Win10 devices out there now. Supposedly, not all versions of Win 10 have access to GPEDIT easily. GPEDIT does have a setting for maximum DL for updates which helps but that would only slow things down for a loooong time to get updaes. Much better to have it do full updates after midnight. Was wondering if there was something that could be defined at the customers CPE Mikrotik (in place at 95% of our customers) or at the tower Mikrotik. There has to be some solution. Paul McCall, President PDMNet, Inc. / Florida Broadband, Inc. 658 Old Dixie Highway Vero Beach, FL 32962 772-564-6800 pa...@pdmnet.net www.pdmnet.com www.floridabroadband.com
