mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 05:17:22 +00:00
ef1c69b439
* smb adds * smb adds * formatting * private preview and support content * edit removed and dep * Fix blocking issues * Acro-fix * 24H2 CSP Updates * Fix link * fix link in dep page * edit * edit index file * syntax-fix-24h2 * ltsc-edits * ltsc-edits * lichris-docs-1 * Acrolinx improvements * refresh for maxado-8631996 * update link for maxado-8631993 * additional edits, acrolinx * ltsc-tw * contentsource-8914508 * contentsource-8914508 * Updates for 1 October release * Set stale debug to false * update gp link for 24h2 * additional changes * Changes to updates, acrolinx changes * fixes broken links * Fixed alignment issues * updates from Rafal * fixed acrolinx * so many link fixes * added release notes and troubleshoot content * updates * Update security-compliance-toolkit-10.md Added Windows 11 24H2 * Update get-support-for-security-baselines.md Updated for Windows 11 24H2 * bump date * bump date * fix pde comment * fixing broken link * Fix broken redirections * fix to rel link * reset head, fix link * add cli to deploy, add script to cli * removing "mcce" * edits to create page * Update default and global release policies OS version and dates to latest release values * emoved e from mcce and other changes * updated example script * added important notice to update page * more update page changes * clarified how proxy configuration is used * anonymizing variables in example script * revise example script * acrolinx fixes to update page * changes to other pages and content in overview page * Update broken link Update broken link * Update windows-sandbox-configure-using-wsb-file.md Update `HostFolder` value description in `MappedFolder`, specifying that the path could be absolute or relative, not only absolute as, instead, is for the `SandboxFolder` value. * Remove bad link Removed bad link. There is already a second link referring to content so no need to replace the link. * docfx update for security book * Correct TOC entry changing Windows 10 to Windows * Update whats-new-do.md - Vpn to VPN - Minor improvements * Updated date for freshness reporting * Add EOS callout Fix some obvious Acrolinx issues * Fixed typo added clarity * Update mcc-ent-deploy-to-windows.md * Update .openpublishing.redirection.windows-deployment.json * Update .openpublishing.redirection.windows-deployment.json * Update policy-csp-localpoliciessecurityoptions.md * Correct indentation and spacing * Acrolinx: "Enteprise" * Update mcc-ent-edu-overview.md * refresh * Remove redirection and final bits of store-for-business store-for-business, AKA /microsoft-store/, is retired, and the content is archived in officearchive-pr. This archival was for ADO task 9268422. * added support content and other changes * fixed tabs * fixed tabs * Updated device reg policy and group information * Update delivery-optimization-endpoints.md Added a line item in MCC table for Outlook *res.cdn.office.net requirement * freshness review * Fix broken links * Minor change * content for faq * changes to landing page * more content to faqs * pencil edit * add copilot exps link * edits and ren cli file temporarily * ren file back and edit toc to lowercase * edit * edit * edit * Update windows-autopatch-configure-network.md Adding a new network endpoint required for the service 'device.autopatch.microsoft.com' @tiaraquan * Clarify some points and remove data that is confusing to customers. * fix syntax * Sentence correction * Update windows/deployment/do/waas-delivery-optimization-faq.yml Co-authored-by: Meghan Stewart <33289333+mestew@users.noreply.github.com> * Update windows/deployment/do/waas-delivery-optimization-faq.yml Co-authored-by: Meghan Stewart <33289333+mestew@users.noreply.github.com> * moved shortcuts under policy settings article --------- Co-authored-by: Alma Jenks <v-alje@microsoft.com> Co-authored-by: Meghan Stewart <33289333+mestew@users.noreply.github.com> Co-authored-by: Stacyrch140 <102548089+Stacyrch140@users.noreply.github.com> Co-authored-by: Nidhi Doshi <77081571+doshnid@users.noreply.github.com> Co-authored-by: Gary Moore <5432776+garycentric@users.noreply.github.com> Co-authored-by: Vinay Pamnani (from Dev Box) <vinpa@microsoft.com> Co-authored-by: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Co-authored-by: Aaron Czechowski <aczechowski@users.noreply.github.com> Co-authored-by: Aditi Srivastava <133841950+aditisrivastava07@users.noreply.github.com> Co-authored-by: Daniel H. Brown <32883970+DHB-MSFT@users.noreply.github.com> Co-authored-by: David Strome <21028455+dstrome@users.noreply.github.com> Co-authored-by: Padma Jayaraman <v-padmaj@microsoft.com> Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Co-authored-by: Rebecca Agiewich <16087112+rjagiewich@users.noreply.github.com> Co-authored-by: Rick Munck <33725928+jmunck@users.noreply.github.com> Co-authored-by: Tanaka <Huios@users.noreply.github.com> Co-authored-by: Tiara Quan <95256667+tiaraquan@users.noreply.github.com> Co-authored-by: Frank Rojas <45807133+frankroj@users.noreply.github.com> Co-authored-by: Davide Piccinini <davide.piccinini.95@gmail.com> Co-authored-by: Phil Garcia <phil@thinkedge.com> Co-authored-by: Learn Build Service GitHub App <Learn Build Service LearnBuild@microsoft.com> Co-authored-by: tiaraquan <tiaraquan@microsoft.com> Co-authored-by: Caitlin Hart <caithart@microsoft.com> Co-authored-by: Harman Thind <63820404+hathin@users.noreply.github.com> Co-authored-by: [cmknox] <[cmknox@gmail.com]> Co-authored-by: Carmen Forsmann <cmforsmann@live.com>
182 lines
17 KiB
YAML
182 lines
17 KiB
YAML
### YamlMime:FAQ
|
|
metadata:
|
|
title: Delivery Optimization Frequently Asked Questions
|
|
description: List of frequently asked questions for Delivery Optimization.
|
|
ms.service: windows-client
|
|
ms.subservice: itpro-updates
|
|
ms.topic: faq
|
|
author: cmknox
|
|
ms.author: carmenf
|
|
manager: aaroncz
|
|
ms.reviewer: mstewart
|
|
ms.collection:
|
|
- highpri
|
|
- tier3
|
|
appliesto:
|
|
- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
|
|
- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
|
|
- ✅ <a href=https://learn.microsoft.com/en-us/windows/release-health/windows-server-release-info target=_blank>Windows Server 2019, and later</a>
|
|
- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-delivery-optimization target=_blank>Delivery Optimization</a>
|
|
ms.date: 10/15/2024
|
|
title: Frequently Asked Questions about Delivery Optimization
|
|
summary: |
|
|
This article answers frequently asked questions about Delivery Optimization.
|
|
|
|
**General questions**:
|
|
|
|
- [What Delivery Optimization settings are available?](#what-delivery-optimization-settings-are-available)
|
|
- [Does Delivery Optimization work with WSUS?](#does-delivery-optimization-work-with-wsus)
|
|
- [How are downloads initiated by Delivery Optimization?](#how-are-downloads-initiated-by-delivery-optimization)
|
|
- [Delivery Optimization is downloading Windows content on my devices directly from an IP Address, is it expected?](#delivery-optimization-is-downloading-windows-content-on-my-devices-directly-from-an-ip-address--is-it-expected)
|
|
- [How do I turn off Delivery Optimization?](#how-do-i-turn-off-delivery-optimization)
|
|
- [My download is failing with error code 0x80d03002, how do I fix it?](#my-download-is-failing-with-error-code-0x80d03002--how-do-i-fix-it)
|
|
|
|
**Network related configuration questions**:
|
|
|
|
- [Which ports does Delivery Optimization use?](#which-ports-does-delivery-optimization-use)
|
|
- [What are the requirements if I use a proxy?](#what-are-the-requirements-if-i-use-a-proxy)
|
|
- [What hostnames should I allow through my firewall to support Delivery Optimization?](#what-hostnames-should-i-allow-through-my-firewall-to-support-delivery-optimization)
|
|
- [My firewall requires IP addresses and can't process FQDNs. How do I configure it to download content with Delivery Optimization?How do I configure it to download content with Delivery Optimization?](#my-firewall-requires-ip-addresses-and-can-t-process-fqdns--how-do-i-configure-it-to-download-content-with-delivery-optimization)
|
|
- [What is the recommended configuration for Delivery Optimization used with cloud proxies?](#what-is-the-recommended-configuration-for-delivery-optimization-used-with-cloud-proxies)
|
|
|
|
**Peer-to-peer related questions**:
|
|
|
|
- [How does Delivery Optimization determine which content is available for peering?](#how-does-delivery-optimization-determine-which-content-is-available-for-peering)
|
|
- [Where does Delivery Optimization get content from first?](#where-does-delivery-optimization-get-content-from-first)
|
|
- [Does Delivery Optimization use multicast?](#does-delivery-optimization-use-multicast)
|
|
- [How does Delivery Optimization deal with congestion on the router from peer-to-peer activity on the LAN?](#how-does-delivery-optimization-deal-with-congestion-on-the-router-from-peer-to-peer-activity-on-the-lan)
|
|
- [How does Delivery Optimization handle VPNs?](#how-does-delivery-optimization-handle-vpns)
|
|
- [How does Delivery Optimization handle networks where a public IP address is used in place of a private IP address?](#how-does-delivery-optimization-handle-networks-where-a-public-ip-address-is-used-in-place-of-a-private-ip-address)
|
|
|
|
**Device resources questions**:
|
|
- [Delivery Optimization is using device resources and I can't tell why?](#delivery-optimization-is-using-device-resources-and-i-can-t-tell-why)
|
|
|
|
sections:
|
|
- name: General questions
|
|
questions:
|
|
- question: What Delivery Optimization settings are available?
|
|
answer: |
|
|
There are many different Delivery Optimization [settings](waas-delivery-optimization-reference.md) available. These settings allow you to effectively manage how Delivery Optimization is used within your environment with controls on bandwidth, time of day, etc.
|
|
- question: Does Delivery Optimization work with WSUS?
|
|
answer: |
|
|
Yes. Devices obtain the update payloads from the WSUS server, but must also have an internet connection as they communicate with the Delivery Optimization cloud service for coordination.
|
|
- question: How are downloads initiated by Delivery Optimization?
|
|
answer: |
|
|
Delivery Optimization only starts when an application or service that's integrated with Delivery Optimization starts a download. For example, the Microsoft Edge browser. For more information about Delivery Optimization callers, see [Types of download content supported by Delivery Optimization](waas-delivery-optimization.md#types-of-download-content-supported-by-delivery-optimization).
|
|
- question: Delivery Optimization is downloading Windows content on my devices directly from an IP address, is it expected?
|
|
answer: |
|
|
When Delivery Optimization downloads from a [Microsoft Connected Cache](waas-microsoft-connected-cache.md) server that is hosted by your internet service provider, the download will be pulled directly from the IP address of that server. If the Microsoft Connected cache isn't available, the download will fall back seamlessly to the CDN instead. Delivery Optimization Peers are used in parallel if available.
|
|
- question: How do I turn off Delivery Optimization?
|
|
answer: |
|
|
Delivery Optimization is an HTTP downloader used by most content providers from Microsoft. When a device is configured to use Delivery Optimization peering (on by default), it does so with the HTTP downloader capabilities to optimize bandwidth usage.
|
|
If you'd like to disable peer-to-peer capabilities of Delivery Optimization, change the Delivery Optimization [Download mode](waas-delivery-optimization-reference.md#download-mode) setting to '0', which will disable peer-to-peer and provide hash checks. [Download mode](waas-delivery-optimization-reference.md#download-mode) set to '99' should only be used when the device is offline and doesn't have internet access.
|
|
Don't set **Download mode** to '100' (Bypass), which can cause some content to fail to download with error code 0x80d03002. Starting in Windows 11, Download mode '100' is deprecated.
|
|
|
|
> [!NOTE]
|
|
> Disabling Delivery Optimization won't prevent content from downloading to your devices. If you're looking to pause updates, you need to set policies for the relevant components such as Windows Update, Windows Store or Microsoft Edge browser. If you're looking to reduce the load on your network, look into using Delivery Optimization Peer-to-Peer, Microsoft Connected Cache or apply the [network throttling policies](waas-delivery-optimization-reference.md#maximum-download-bandwidth) available for Delivery Optimization.
|
|
|
|
- question: My download is failing with error code 0x80d03002, how do I fix it?
|
|
answer: |
|
|
If you set the DownloadMode policy to '100' (Bypass) some content downloads that require Delivery Optimization may fail with error code 0x80d03002.
|
|
If you intend to disable peer-to-peer capabilities of Delivery Optimization, change the Delivery Optimization [Download mode](waas-delivery-optimization-reference.md#download-mode) setting to '0', which will disable peer-to-peer and provide hash checks. [Download mode](waas-delivery-optimization-reference.md#download-mode) set to '99' should only be used when the device is offline and doesn't have internet access.
|
|
Don't set **Download mode** to '100' (Bypass), which can cause some content to fail to download. Starting in Windows 11, Download mode '100' is deprecated.
|
|
|
|
- name: Network related configuration questions
|
|
questions:
|
|
- question: Which ports does Delivery Optimization use?
|
|
answer: |
|
|
Delivery Optimization listens on port 7680 for requests from other peers by using TCP/IP. The service registers and opens this port on the device. The port must be set to accept inbound and outbound TCP traffic through your firewall. If you don't allow traffic over port 7680, you can't use the peer-to-peer functionality of Delivery Optimization. However, devices can still successfully download updates by using HTTP over port 80 (or HTTPS over port 443 where applicable).
|
|
|
|
If you set the "Download Mode" policy to "Group (2)" or "Internet (3)", Teredo will be used by Delivery Optimization to connect to peer devices across NATs. You must allow inbound and outbound UDP traffic over port 3544. Look for a "NAT traversal" setting in your firewall to set this up.
|
|
|
|
Delivery Optimization also communicates with its cloud service by using HTTPS over port 443.
|
|
|
|
- question: What are the requirements if I use a proxy?
|
|
answer: |
|
|
For Delivery Optimization to successfully use the proxy, you should set up the proxy by using Windows proxy settings or Internet Explorer proxy settings. For details see [Using a proxy with Delivery Optimization](../do/delivery-optimization-proxy.md). Most content downloaded with Delivery Optimization uses byte range requests. Make sure your proxy allows byte range requests. For more information, see [Proxy requirements for Windows Update](/windows/deployment/update/windows-update-troubleshooting).
|
|
- question: What hostnames should I allow through my firewall to support Delivery Optimization?
|
|
answer: |
|
|
**For communication between clients and the Delivery Optimization cloud service**:
|
|
|
|
- `*.prod.do.dsp.mp.microsoft.com`
|
|
|
|
**For Delivery Optimization metadata**:
|
|
|
|
- `*.dl.delivery.mp.microsoft.com`
|
|
|
|
- `*.windowsupdate.com`
|
|
|
|
**For group peers across multiple NATs (Teredo)**:
|
|
|
|
- `win1910.ipv6.microsoft.com`
|
|
|
|
For more information, see [Endpoints for Delivery Optimization and Microsoft Connected Cache](../do/delivery-optimization-endpoints.md) for a list of all content endpoints needed.
|
|
- question: My firewall requires IP addresses and can't process FQDNs. How do I configure it to download content with Delivery Optimization?
|
|
answer: |
|
|
Microsoft content, such as Windows updates, are hosted and delivered globally via Content Delivery Networks (CDNs) and [Microsoft Connected Cache](waas-microsoft-connected-cache.md) (MCC) servers, which are hosted within Internet Service Provider (ISP) networks.
|
|
The network of CDNs and MCCs allows Microsoft to reach the scale required to meet the demand of the Windows user base. Given this delivery infrastructure changes dynamically, providing an exhaustive list of IPs and keeping it up to date isn't feasible.
|
|
- question: What is the recommended configuration for Delivery Optimization used with cloud proxies?
|
|
answer: |
|
|
The recommended configuration for Delivery Optimization peer-to-peer to work most efficiently along with cloud proxy solutions (for example, Zscaler) is to allow traffic to the Delivery Optimization services to go directly to the internet and not through the cloud proxy.
|
|
At a minimum, the following FQDN that is used for communication between clients and the Delivery Optimization service should be allowed with direct internet access and bypass the cloud proxy service:
|
|
|
|
- `*.prod.do.dsp.mp.microsoft.com`
|
|
|
|
If allowing direct internet access isn't an option, try using Group Download Mode '2' to define the peering group. [Learn more](waas-delivery-optimization-reference.md#select-the-source-of-group-ids) about using Group Download mode.
|
|
|
|
- name: Peer-to-Peer related questions
|
|
questions:
|
|
- question: How does Delivery Optimization determine which content is available for peering?
|
|
answer: |
|
|
Delivery Optimization uses the cache content on the device to determine what's available for peering. For the upload source device, there's a limited number (4) of slots for cached content that's available for peering at a given time. Delivery Optimization contains logic that rotates the cached content in those slots.
|
|
- question: Where does Delivery Optimization get content from first?
|
|
answer: |
|
|
When Delivery Optimization client is configured to use peers and Microsoft Connected Cache (MCC), the client connects to both MCC and peers in parallel. There is no prioritization between the two. Once downloading starts in parallel, Delivery Optimization
|
|
will taper off requests to the HTTP source (CDN or MCC) when the peer connections are able to reach the target download speed. For background downloads, Delivery Optimization will drop HTTP connections if peers are meeting the minimum QoS speed. To manage delaying the default behavior
|
|
there are a collection of policies that can be used. For more information, see [Delivery Optimization delay policies](waas-delivery-optimization-reference.md#policies-to-prioritize-the-use-of-peer-to-peer-and-cache-server-sources).
|
|
- question: Does Delivery Optimization use multicast?
|
|
answer: |
|
|
No. It relies on the cloud service for peer discovery, resulting in a list of peers and their IP addresses. Client devices then connect to their peers to obtain download files over TCP/IP.
|
|
- question: How does Delivery Optimization deal with congestion on the router from peer-to-peer activity on the LAN?
|
|
answer: |
|
|
Starting in Windows 10, version 1903, Delivery Optimization uses LEDBAT to relieve such congestion. For more information, see this post on the [Networking Blog](https://techcommunity.microsoft.com/t5/Networking-Blog/Windows-Transport-converges-on-two-Congestion-Providers-Cubic/ba-p/339819).
|
|
- question: How does Delivery Optimization handle VPNs?
|
|
answer: |
|
|
Delivery Optimization attempts to identify VPNs by checking the network adapter type and details. A connection is treated as a VPN if the adapter description contains certain keywords, such as "VPN" or "secure."
|
|
|
|
If the connection is identified as a VPN, Delivery Optimization suspends uploads to other peers. However, you can allow uploads over a VPN by using the [Enable peer caching while the device connects via VPN](../do/waas-delivery-optimization-reference.md#enable-peer-caching-while-the-device-connects-via-vpn) policy.
|
|
|
|
If you have defined a boundary group in Microsoft Configuration Manager for VPN IP ranges, you can set the [DownloadMode](../do/waas-delivery-optimization-reference.md#download-mode) policy to 0 for that boundary group, to ensure that there's no peer-to-peer activity over the VPN. When the device isn't connected using a VPN, it can still use peer-to-peer with the default of LAN.
|
|
|
|
With split tunneling, make sure to allow direct access to these endpoints:
|
|
|
|
Delivery Optimization service endpoint:
|
|
|
|
- `https://*.prod.do.dsp.mp.microsoft.com`
|
|
|
|
Delivery Optimization metadata:
|
|
|
|
- `http://download.windowsupdate.com`
|
|
- `http://*.dl.delivery.mp.microsoft.com`
|
|
|
|
Windows Update and Microsoft Store backend services and Windows Update and Microsoft Store payloads
|
|
|
|
- `http://*.windowsupdate.com`
|
|
- `https://*.delivery.mp.microsoft.com`
|
|
- `https://*.update.microsoft.com`
|
|
- `https://tsfe.trafficshaping.dsp.mp.microsoft.com`
|
|
|
|
For more information about remote work if you're using Configuration Manager, see this post on the [Configuration Manager blog](https://techcommunity.microsoft.com/t5/configuration-manager-blog/managing-patch-tuesday-with-configuration-manager-in-a-remote/ba-p/1269444).
|
|
- question: How does Delivery Optimization handle networks where a public IP address is used in place of a private IP address?
|
|
answer: |
|
|
Starting with Windows 10, version 1903 or later, Delivery Optimization no longer restricts connections between LAN peers to those using private IP addresses. If you use public IP addresses instead of private IP addresses, you can use Delivery Optimization in LAN mode.
|
|
|
|
> [!NOTE]
|
|
> If you use public IP addresses instead of private in LAN mode, the bytes downloaded from or uploaded to LAN peers with public IP addresses might be reported as coming from Internet peers.
|
|
|
|
- name: Device resources questions
|
|
questions:
|
|
- question: Delivery Optimization is using device resources and I can't tell why?
|
|
answer: |
|
|
Delivery Optimization is used by most content providers from Microsoft. A complete list can be found [here](waas-delivery-optimization.md#types-of-download-content-supported-by-delivery-optimization). Often customers may not realize the vast application of Delivery Optimization and how it's used across different apps. Content providers have the option to run downloads in the foreground or background. It's good to check any apps running in the background to see what is running. Also note that depending on the app, closing the app may not necessarily stop the download.
|