Caching Proxy Server for Windows Updates

If more than one PC is downloading a big Windows Update or Software Package, the WAN connection will be overloaded. Solution

Setup a Cachine Proxy

  • Install on a NAS like QNAP, Synologie or a Linux VM
  • Don't use the build in Squid Proxy from the NAS since you need special caching settings

Squid config

https://wiki.squid-cache.org/SquidFaq/WindowsUpdate

range_offset_limit 200 MB windowsupdate
maximum_object_size 200 MB
quick_abort_min -1

refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims

Configure Per Site Proxy Settings in Patchall

Setup IP Plan for each site (Network + Netmask) Add Configuration paramter to each IP subnet where a Caching Proxy has been installed:

  • Name: PROXY
  • Value: ip or fqdn of the Proxy

You can setup the Subnet Plan hierarchically (increase subnet mask). Patchall is trying to find the proxy settings with the highest subnet bitmask. e.g. if you have a 10.0.0.0/8 network with Proxy=A and 10.1.1.0/24 with Proxy=B, a client with ip=10.1.1.111 will use Proxy B, a client with 10.99.99.99 will use Proxy A.

If a proxy has been found:

  • WuInstall: /proxyaddress PROXYVALUE will be added
  • Aria2c: --all-proxy PROXYVALUE will be added