From 58e6522f1b5b246874dfd83a515ec5bcda58faed Mon Sep 17 00:00:00 2001
From: Narkis Engler <41025789+narkissit@users.noreply.github.com>
Date: Wed, 27 Mar 2024 10:21:59 -0700
Subject: [PATCH 1/2] update FAQ questions about ports

Updated for accuracy.
---
 windows/deployment/do/waas-delivery-optimization-faq.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/do/waas-delivery-optimization-faq.yml b/windows/deployment/do/waas-delivery-optimization-faq.yml
index 73a6691166..3501f7bb90 100644
--- a/windows/deployment/do/waas-delivery-optimization-faq.yml
+++ b/windows/deployment/do/waas-delivery-optimization-faq.yml
@@ -77,11 +77,12 @@ sections:
     questions:
       - question: Which ports does Delivery Optimization use?
         answer: | 
-          Delivery Optimization listens on port 7680 for requests from other peers by using TCP/IP. The service registers and opens this port on the device. The port must be set to accept inbound traffic through your firewall. If you don't allow inbound traffic over port 7680, you can't use the peer-to-peer functionality of Delivery Optimization. However, devices can still successfully download by using HTTP or HTTPS traffic over port 80 (such as for default Windows Update data).
+          Delivery Optimization listens on port 7680 for requests from other peers by using TCP/IP. The service registers and opens this port on the device. The port must be set to accept inbound and outbound TCP traffic through your firewall. If you don't allow traffic over port 7680, you can't use the peer-to-peer functionality of Delivery Optimization. However, devices can still successfully download updates by using HTTP over port 80 (or HTTPS over port 443 where applicable).
 
-          Delivery Optimization uses Teredo to create peer groups, which include devices across NATs (or any form of internal subnet that uses gateways or firewalls between subnets). To enable this scenario, you must allow inbound TCP/IP traffic over port 3544. Look for a "NAT traversal" setting in your firewall to set this up.
+          If you set the "Download Mode" policy to "Group (2)", Teredo will be used by Delivery Optimization to connect to peer devices across NATs. You must allow inbound and outbound UDP traffic over port 3544. Look for a "NAT traversal" setting in your firewall to set this up.
 
-          Delivery Optimization also communicates with its cloud service by using HTTP/HTTPS over port 80.
+          Delivery Optimization also communicates with its cloud service by using HTTPS over port 443.
+          
       - question: What are the requirements if I use a proxy?
         answer: |
           For Delivery Optimization to successfully use the proxy, you should set up the proxy by using Windows proxy settings or Internet Explorer proxy settings. For details see [Using a proxy with Delivery Optimization](../do/delivery-optimization-proxy.md). Most content downloaded with Delivery Optimization uses byte range requests. Make sure your proxy allows byte range requests. For more information, see [Proxy requirements for Windows Update](/windows/deployment/update/windows-update-troubleshooting).

From 6e5480be7e27dda72c14e27cc9a4c87f8e3d2af4 Mon Sep 17 00:00:00 2001
From: Narkis Engler <41025789+narkissit@users.noreply.github.com>
Date: Wed, 27 Mar 2024 18:04:04 -0700
Subject: [PATCH 2/2] Teredo also used in "Internet" download mode

---
 windows/deployment/do/waas-delivery-optimization-faq.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/do/waas-delivery-optimization-faq.yml b/windows/deployment/do/waas-delivery-optimization-faq.yml
index 3501f7bb90..2113295426 100644
--- a/windows/deployment/do/waas-delivery-optimization-faq.yml
+++ b/windows/deployment/do/waas-delivery-optimization-faq.yml
@@ -79,7 +79,7 @@ sections:
         answer: | 
           Delivery Optimization listens on port 7680 for requests from other peers by using TCP/IP. The service registers and opens this port on the device. The port must be set to accept inbound and outbound TCP traffic through your firewall. If you don't allow traffic over port 7680, you can't use the peer-to-peer functionality of Delivery Optimization. However, devices can still successfully download updates by using HTTP over port 80 (or HTTPS over port 443 where applicable).
 
-          If you set the "Download Mode" policy to "Group (2)", Teredo will be used by Delivery Optimization to connect to peer devices across NATs. You must allow inbound and outbound UDP traffic over port 3544. Look for a "NAT traversal" setting in your firewall to set this up.
+          If you set the "Download Mode" policy to "Group (2)" or "Internet (3)", Teredo will be used by Delivery Optimization to connect to peer devices across NATs. You must allow inbound and outbound UDP traffic over port 3544. Look for a "NAT traversal" setting in your firewall to set this up.
 
           Delivery Optimization also communicates with its cloud service by using HTTPS over port 443.