Re: [squid-users] Windows Update mirroring

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 16 Apr 2004 18:49:32 +0200 (CEST)

On Fri, 16 Apr 2004, Sampei wrote:

> Although I tried several times mirroring Microsoft Windows Update using free
> software I did not the solution; I looked at in Squid ML archives and other
> documentations on web but resolving nothing.

You can not easily mirror Windows Update, but you can cache it and have
clients redirected to the cache.

The host names used by Windows Update must be accessible by the clients.
The host names does not really need to point to Microsoft, but may point
to accelerators.

If you want your clients to go to another hostname then there is a product
you can buy from Microsoft for setting up a "Windows Update" style
distribution server. Don't remember what it is called but you can find it
in another thread about Windows Update some weeks ago..

> When I access , for instance, to 10.1.1.2 my browser correctly point to
> v4.windowsupdate.microsoft.com but after few minutes I can see this error:
> no route to host.

By browser or Squid?

What address does the client attempt to contact? (use netstat on the
client)

> I noted that using a simple Squid (to go out in Internet) acting as
> cache-server (no configured as accelerator) and I set my browser to use it,
> I have no problem to run W.U. and download patches.

Good.

> I'm able to understand the "difference" about how they works and if there
> is difference how MS W.U. takes care answers toward Squid and Squid
> Accelerator.

The difference is that the Windows Update function knows it's servers, so
even if you request a specific server in the browser the Windows Update
will try to use the server names it thinks it should have, so for this to
work the client needs to know that for the Windows Update domains it
should talk to your accelerator, not Microsoft. This you can configure in
your internal DNS to have the Microsoft Update domains redirected to your
accelerator, just make sure your Squid is using a real DNS without this
"pollution".

Regards
Henrik
Received on Fri Apr 16 2004 - 10:49:34 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT