MSEndpointMgr

Enhancing Delivery Optimization with 1E Nomad

When does Configuration Manager use Delivery Optimization?

For years, Configuration Manager admins have had BranchCache, Peer Cache and third-party solutions like 1E Nomad at their disposal to provide peer-to-peer content distribution that enables Configuration Manager to operate with a fraction of the infrastructure while still protecting valuable bandwidth. For over 5 years now, we’ve been living with Windows 10 that has its own built in peer-to-peer tech – Delivery Optimization (DO).

While DO is being adopted across the Microsoft Modern Management platforms to obtain content from Microsoft Update, Microsoft Store and Intune, there has been very little in the way of integration with Configuration Manager for content acquisition. I recall hearing at Microsoft Ignite in 2017 that DO for Configuration Manager content was ‘coming soon’, but to date, the integration with CM has focused on configuration DO settings through CM (such as using CM Boundary Groups to define DO Groups, or configuring a DP to act as a DO Connected Cache).

It wasn’t until Configuration Manager 1910 that DO could be used to acquire content required by CM, and that is limited to Software Updates. In this blog, I’ll share how that process works, and also show how 1E Nomad can enhance this functionality.

It’s all about deltas

When Microsoft were experimenting with Express File Updates (abandoned from Windows 10 1809), the CM client implemented an approach to downloading required byte-ranges from the source rather than the entire software update file. When you enable delta downloads for Software Updates (as shown below), Delivery Optimization is going to get involved…

When this option is enabled, the CM client starts listening on the specified port for requests, as can be seen in the DeltaDownload.log on the client:

It also updates the UpdateServiceUrlAlternate setting in the Windows Update policy locally on the device, which can be seen in the registry:

The flow

Once these changes are in place, this is what happens when CM needs to download a software update. In my example here I used the update 2021-01 Servicing Stack Update for Windows 10 Version 1909 (KB4598479). I downloaded the content so it was available on the CM DP. No peers on the local network had previously cached the content. I initiated the installation through Software Center.

  1. Configuration Manager instructs the Windows Update agent to get the content for the update. This can be seen in the Windows Update log (exported using the PowerShell cmdlet Get-WindowsUpdateLog)
  1. The Windows Update agent passes the request to Delivery Optimization, which in turn queries the DO cloud service to determine if any peers have the content. If not, (as in my example), then DO requests and downloads the content from the alternate URL, which is in fact the CM client, which has been patiently listening for these requests.

    The relevant activity in the dosvc log is highlighted below (again, I used PowerShell, this time Get-DeliveryOptimizationLog | Set-Content <output file> to get the DOSVC log into a readable form).
  1. You can also see this activity in the Delivery Optimization status output below
  1. The CM client then invokes ContentTransferManager to download the content from the DP. In my example, I have Nomad installed, so ContentTransfer asks Nomad to download the content, which it does from the DP.
  1. All this time, Delivery Optimization believes it is getting the content from the HTTP Source on the Internet, but in fact it is getting it from the CM client via Nomad. The end result is that the content now exists in the Nomad cache and the DO cache.

So why is that useful?

Well, Delivery Optimization can be quite aggressive when it comes to deleting content from its cache. It can also be quite unpredictable, so when other clients requires this update later they may not be successful in getting it from local peers using DO, and the CM Client (ContentTransferManager) would download the content from the DP (or possibly from Microsoft Update over the Internet if you have configured the deployment to download from Microsoft Update if the content is not available on a DP).

But as the content is also in the Nomad cache on peers and ContentTransferManager invokes Nomad to get the content, Nomad can fulfil those requests from peers that DO is unable to, preventing downloads over the WAN.

This has been a sponsored post on behalf of 1E.

(2008)

MSEndpointMgr

Add comment

Sponsors