Patch Management Group

 View Only
  • 1.  Package Servers and Branch Cache WAN optimization

    Posted Aug 04, 2016 04:51 AM

    Hi all,

    recently we are looking into using Branch Cache to optimize WAN traffic as Windows 10 patches are increasing in size and came across something which I don't feel was answered properly.

    http://www.symantec.com/connect/forums/can-ms-branch-cache-be-used-conjunction-package-server

    We started doing own tests. The test envrionment was prepared and we see branchcache being utilized when we use IE as the download method for IIS hosted files. When Symantec Agent downloads the same file it gets it from the package server not from the computer in the same subnet. There is no way Altiris agent would download the file from a cache of computer next to it. It goes to package server all the time and I don't know why.

     

    Wireshark:

    IE:

    HTTP    1022    GET /Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache/MST-OfficeProfessionalPlus-2007SP3-EN-1.0.exe HTTP/1.1 

    Agent: (same package, different file)

    HTTP    302    GET /Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache/Admin/fr-fr/cpao12.opa HTTP/1.1 

     

    On first look the requests seems to be the same. 

    I am confused why this does not work (unless MS excluded AexNSAgent.exe from BC usage :) )

    Anyone has any ideas? 



  • 2.  RE: Package Servers and Branch Cache WAN optimization

    Posted Aug 04, 2016 05:26 AM

    Looking deeper I see:

    Agent:

    Hypertext Transfer Protocol
        GET /Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache/Admin/fr-fr/cpao12.opa HTTP/1.1\r\n
        Host: PACKAGESERVER.domain.com:8013\r\n
        Cache-Control: max-age=0\r\n
        X-SMA-Version: 7.6.1655.14\r\n
        \r\n
        [Full request URI: http://PACKAGESERVER.domain.com:8013/Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache/Admin/fr-fr/cpao12.opa]
        [HTTP request 4/378]
        [Prev request in frame: 26]
        [Next request in frame: 104]

    IE:

    Hypertext Transfer Protocol
        GET /Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache/MST-OfficeProfessionalPlus-2007SP3-EN-1.0.exe HTTP/1.1\r\n
        Accept: image/gif, image/jpeg, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*\r\n
        Referer: http://PACKAGESERVER.domain.com:8013/Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache\r\n
        Accept-Language: en-US\r\n
        User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.2)\r\n
        Accept-Encoding: gzip, deflate, peerdist\r\n
        Host: PACKAGESERVER.domain.com:8013\r\n
        DNT: 1\r\n
        Connection: Keep-Alive\r\n
        X-P2P-PeerDist: Version=1.1\r\n
        X-P2P-PeerDistEx: MinContentInformation=1.0, MaxContentInformation=2.0\r\n

        \r\n
        [Full request URI: http://PACKAGESERVER.domain.com:8013/Altiris/PS/Share/pkggroup_%7B63dbbd7d-6845-47e1-b2a1-20a57828b901%7D/%7B5943FBAB-829D-4C88-A724-F8F25F3F2BA8%7D/cache/MST-OfficeProfessionalPlus-2007SP3-EN-1.0.exe]
        [HTTP request 1/1]
        [Response in frame: 479]

     

    Looks like the agent does not support branchcache!

     



  • 3.  RE: Package Servers and Branch Cache WAN optimization

    Posted Aug 04, 2016 12:33 PM

    Hmmm, I don't know much about BranchCache but I would have thought the whole point is that the client application doesn't see it and doesn't need to support it as such.

    Have you considered using thge Multicast options biult in to the Symantec Management Platform?



  • 4.  RE: Package Servers and Branch Cache WAN optimization

    Posted Aug 05, 2016 04:34 AM

    Ok, so it is confirmed that Agent is not sending in the GET message the X-P2P-PeerDist header, as a result BranchChache will not be used with that specific agent.

    If the values of MinContentInformation and MaxContentInformation do not fall within the range specified in section 2.2, the server MUST not generate and respond with a Content Information Data Structure, and MUST respond with another client-supported encoding as defined in [RFC2616]. If no X-P2P-PeerDistEx extension header was present, then the server MUST respond with a version 1.0 Content Information Data Structure.

    The MinContentInformation and MaxContentInformation  are available only in a X-P2P-PeerDist get and X-P2P-PeerDist response messages, they are not available in X-SMA-Version:  7.6.1655.14;