WSUS & Akamai Technologies?

Discussion in 'Update Services' started by Al, Feb 18, 2009.

  1. Al

    Al Guest

    Using WSUS 2 as part of SBS2k3 R2 - over the past few months we have seen a
    massive uplift in the volume of data being transferred over our internet
    connection, and having installed a new router this week i was checking
    various settings inc the NAT connections list. A bit of investigation
    revealled a connection to which appears to be within Akamai's
    IP lists - I then reviewed the ISA Server's daily report and amazingly it
    was regularly showing as the highest volume internet connection, but only 1
    distinct user.
    Can anyone confirm what Akamai's purpose is - if indeed as I think it is
    linked to WSUS - but more particularly why it is causing these data
    volumes - my suspicion is that our router blocks certain http traffic (based
    on type eg .exe files) and that Akamai gets a "refusal" to accept its
    payload & instead of accepting this takes and bombards us from each of its
    many servers mirrors to see if we will accept from a different server! - if
    this is the case, the answer may be for me to unblock particular file
    extensions (iif I knew which WSUS files used!), but the only strange thing
    is that WSUS is set for 1am & according to it, it stoped an hour later this
    morning, yet the Akamai IP continued connecting right through the day!!
    (I've meantime got rid of it by setting the IP as a blocked address in the
    firewall so it does not even get to connect to us, never mind attemot to
    Can anyone with more technical knowledge than I have, give some input - and
    perhaps more to the point of anyone has contacts at Alamai, can they get
    them to alter the frequency at which they persist in trying to connect when
    they fail at the first shot!
    Al, Feb 18, 2009
  2. To the best of my knowledge: Akamai provides download services to third parties,
    including Microsoft. Both Windows Update and WSUS probably download content
    from Akamai rather than directly from Microsoft. Akamai has servers in and/or
    network links to many ISPs, and can figure out which ones are closest to you,
    resulting in much higher download speeds.
    More likely your WSUS server is repeatedly attempting to download content that
    is being blocked. Have you checked the status of your WSUS server? Are there
    files still waiting to be downloaded?
    Any and all. It should be possible instead to exclude just your WSUS server
    from having downloads blocked.
    I'm not sure what you mean by "WSUS is set for 1am" but I'd guess that's your
    synchronization time. When synchronization stops it does not mean that content
    downloads are complete.
    The connections should be going from your WSUS server to Akamai, not the other
    way around. Are you sure you're reading the logs correctly?

    Harry Johnston [MVP], Feb 19, 2009
