topic Re: Windows Update Delivery Optimization PORT 7680 in General Topics

Windows Update Delivery Optimization PORT 7680

r1der — Wed, 23 Dec 2020 17:32:09 GMT

Researching around, I didn't find much about sk166899 or port 7680 with what others were doing with this traffic.
I don't believe its affecting CPU, VPN, etc, like how it is in the SK, but I noticed a lot of these logs are being blocked by our firewall due to the cleanup rule.
A lot of the traffic go to non-pingable IP addresses (e.g. 10.0.0.105 and 10.0.0.246) , so I'm not seeing it being effective anyhow.

I'm thinking about creating a group policy to block it, but was wondering what is the general consensus on these traffic/update, or what do you do in your organization about these?

Re: Windows Update Delivery Optimization PORT 7680

r1der — Thu, 24 Dec 2020 18:28:23 GMT

Bump, just curious if anyone perhaps just makes a rule to not log these or are you actually turning them off in GPO?

Re: Windows Update Delivery Optimization PORT 7680

Chris_Atkinson — Sun, 27 Dec 2020 06:48:56 GMT

Reminds me of the perils of AD sites & services not being set correctly and the resultant update traffic crushing WAN links back in the day...

Re: Windows Update Delivery Optimization PORT 7680

r1der — Wed, 03 Feb 2021 23:15:51 GMT

Found the fix for this. Its not an issue with CP, but it can be an issue if you start to see a large amount of firewall logs for this port from domain computers.

Setting Delivery Optimization with GPO seemed to be the fix here. Set download mode to Group (2), Source of group ID (1 -ad site), seemed to do the trick.

I no longer am seeing traffic on port 7680 coming from workstations to the firewall, after placing them in the group policy.