Windows Server - WSUS & Akamai Technologies?

Asked By Al on 18-Feb-09 04:07 PM
Using WSUS 2 as part of SBS2k3 R2 - over the past few months we have seen a
massive uplift in the volume of data being transferred over our internet
connection, and having installed a new router this week i was checking
various settings inc the NAT connections list.  A bit of investigation
revealled a connection to 81.52.134.158 which appears to be within Akamai's
IP lists - I then reviewed the ISA Server's daily report and amazingly it
was regularly showing as the highest volume internet connection, but only 1
distinct user.
Can anyone confirm what Akamai's purpose is - if indeed as I think it is
linked to WSUS - but more particularly why it is causing these data
volumes - my suspicion is that our router blocks certain http traffic (based
on type eg .exe files) and that Akamai gets a "refusal" to accept its
payload & instead of accepting this takes and bombards us from each of its
many servers mirrors to see if we will accept from a different server! - if
this is the case, the answer may be for me to unblock particular file
extensions (iif I knew which WSUS files used!), but the only strange thing
is that WSUS is set for 1am & according to it, it stoped an hour later this
morning, yet the Akamai IP continued connecting right through the day!!
(I've meantime got rid of it by setting the IP as a blocked address in the
firewall so it does not even get to connect to us, never mind attemot to
download!)
Can anyone with more technical knowledge than I have, give some input - and
perhaps more to the point of anyone has contacts at Alamai, can they get
them to alter the frequency at which they persist in trying to connect when
they fail at the first shot!
Thanks




Harry Johnston [MVP] replied on 18-Feb-09 07:08 PM
To the best of my knowledge: Akamai provides download services to third parties,
including Microsoft.  Both Windows Update and WSUS probably download content
from Akamai rather than directly from Microsoft.  Akamai has servers in and/or
network links to many ISPs, and can figure out which ones are closest to you,
resulting in much higher download speeds.


More likely your WSUS server is repeatedly attempting to download content that
is being blocked.  Have you checked the status of your WSUS server?  Are there
files still waiting to be downloaded?


Any and all.  It should be possible instead to exclude just your WSUS server
from having downloads blocked.


I'm not sure what you mean by "WSUS is set for 1am" but I'd guess that's your
synchronization time.  When synchronization stops it does not mean that content
downloads are complete.


The connections should be going from your WSUS server to Akamai, not the other
way around.  Are you sure you're reading the logs correctly?

Harry.