Windows 10, Delivery Optimisation and BranchCache

Delivery Optimisation is a Windows 10 feature which, when enabled, essentially creates a peer-to-peer ‘network’ of sorts where each peer can cache downloaded Windows 10 updates locally on their hard drive. The idea is to conserve bandwidth by allowing Windows 10 devices to send and receive updates from one another on the same network without having to download it from WSUS or Windows Update. This, of course, is especially useful in slow network or metered environments.

The introduction of this feature doesn’t affect you if you’re using SCCM Software Update Point (SUP) for patch management and Windows 10 servicing. Delivery Optimisation only kicks in when the Windows Update agent contacts Windows Update (via Internet) or WSUS. By contrast, with SUP the updates are downloaded to the SUP server and then delivered to the PC which is where the Windows Update agent installs them from.

Delivery Optimisation is enabled by default on 1511 and 1607 though it’s configured differently depending on the Windows 10 edition. Enterprise, Enterprise LTSB and Education editions are configured to only use PCs on the corporate network as peers (LAN mode). Pro and Home editions default to using peers from the Internet (Internet mode).

There’s a Group Policy setting called “Download Mode” (in Computer Configuration > Administrative Templates > Windows Components > Delivery Optimization) which you use to configure Delivery Optimisation “modes” (referred to in the above paragraph). Here is a table showing you what download modes are available to you and the functionality it provides when set: 

Download mode option Functionality when set
HTTP Only (0) This setting disables peer content sharing but still allows Delivery Optimization to download content from Windows Update servers or WSUS servers.
LAN (1 – Default) This enables peer sharing on the same network
Group (2) When group mode is set, the group is automatically selected based on the device’s Active Directory Domain Services (AD DS) site (Windows 10, version 1607) or the domain the device is authenticated to (Windows 10, version 1511). In group mode, peering occurs across internal subnets, between devices that belong to the same group, including devices in remote offices. You can use the GroupID option to create your own custom group independently of domains and AD DS sites. Group download mode is the recommended option for most organizations looking to achieve the best bandwidth optimization with Delivery Optimization.
Internet (3) Enable Internet peer sources for Delivery Optimization.
Simple (99) Simple mode disables the use of Delivery Optimization cloud services completely (for offline environments). Delivery Optimization switches to this mode automatically when the Delivery Optimization cloud services are unavailable or unreachable. (Not available in Windows 10 1511)
Bypass (100) Bypass Delivery Optimization and use BITS, instead. For example, select this mode so that clients can use BranchCache. (Not available in Windows 10 1511)

The “Http only”, “Simple” and “Bypass” modes disables Delivery Optimisation whereas “LAN”, “Group” and “Internet” modes enable a Windows 10 PC for receiving and sending content to and from peers. Note that the “Bypass” and “Simple” modes are not available in Windows 10 1511.

BranchCache is another feature that optimizes bandwidth where cached contents are made available to devices on the network upon request. BranchCache essentially works in two modes – Hosted Cache mode (with a local server in “branch” offices acting as a source of cached content) and Distributed Cache mode (peer-to-peer sharing). BranchCache can be used with WSUS and SCCM only and is available on Windows 10 Enterprise, Education and LTSB editions. While Delivery Optimisation is unique to Windows 10, BranchCache certainly is not; it was introduced in Windows Server 2008 R2 and Windows 7 and is available on all Windows server and client versions since then. This section of my post, however, deals with BranchCache for Windows 10.

It’s important to note that BranchCache and Delivery Optimisation do not work in tandem (it’s one or the other). With Delivery Optimisation enabled by default on Windows 10 you need to configure it correctly to use BranchCache instead. If you want to “opt out” from Delivery Optimisation because you prefer to use WSUS and BranchCache for your Windows 10 updates then the modes described in the above table you want to configure is “Http only” and “Bypass”. Note that “Bypass” mode is not available on Windows 10 1511 (it was introduced in 1607), which means if you have both 1511 and 1607 on your network you’ll need to create two GPOs to target both.

If you want to use BranchCache with SCCM then bear in mind that BranchCache only works in “distributed cache” mode with SCCM.

I think I’ll wrap it up here. I’ll write a more in-depth post on using BranchCache with SCCM soon.

Advertisements

6 thoughts on “Windows 10, Delivery Optimisation and BranchCache

    • “Simple” mode is only available in Windows 10 1607. If you configure simple mode on 1607 it will disable DO and use WSUS as normal.

      For Windows 10 1511 you need to configure “Http only” to disable DO and use WSUS as normal.

      If you’re using BranchCache with WSUS then configure “Bypass” on 1607 and “Http only” on 1511.

      • Thanks for clarification.
        Yes, I thought since I’m asking about “Simple” it’s automatically presumed it’s build 1607.
        In a hypothetical situation where no BranchCache is needed nor used would “Simple” be better option to set in GPO then “Bypass”? (reasoning behind this would be that MS certainly want’s to phase out BITS so I guess “Simple” does the trick according to MS new philosophy regarding update method and mechanism)

      • I would set it to “Http only” in this situation. That is the only setting which according to Microsoft’s documentation disables DO. By contrast “Simple” only says it disables DO cloud services (for all we know DO could still be enabled in this mode, it’s just that “cloud services” will be disabled).

        I do think we need more clarification on the “Simple” mode. It’s still early days so hopefully we’ll learn more.

      • We don’t have enough details about new options and in depth analysis of “Simple” mode indeed.
        The main reason I was discussing the preferred method was the fact that even though I have GPO set to “Http only” and use WSUS I notice client PCs do contact cloud services and akamai technologies IPs and consume bandwidth and I have GPOs that disable windows store and Cortana so the only possible suspect was DO cloud or something related to updates. I have switched to “Bypass” to monitor a bit more but I would rather eliminate BITS now that even Microsoft is abandoning it so that’s why I was wondering about “Simple” mode. After I finish with “Bypass” mode monitoring I’ll probably test “Simple” mode and report the results.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s