ZPM FastPath Best Practices

This article contains information and Best Practices for FastPath, a feature in Update Server 6.3 and above.

Applies To: Update Server 6.3 and above

Introduction

In large network environments or environments with many computers, caching proxies such as the PatchLink Distribution Point (PDP) may be leveraged to assist in conserving WAN/LAN bandwidth during mass deployments through PatchLink Update. When an agent is configured to utilize a PDP, deployments sent to an agent will be cached by the PDP. This allows other agents to be given the cached payload from the PDP instead of the Storage repository on the Update Server, saving bandwidth between the PDP and the Update Server.

FastPath is a feature within Update Server 6.3 and above that allows an administrator to assign PDPs to specific groups of agents through a policy instead of assigning a proxy manually through the Update Agent Control Panel or during the installation of the agent. It is designed to provide backup caching proxies in case of a failure of the primary PDP.

The term FastPath is derived from the way the agent determines its proxy configuration using the fastest route to the Update Server -- it does not take into account the bandwidth available using that path, however. This FastPath Validation occurs based on the FastPath Communication Interval that is configured within Update Server.

Best Practices

1. The agent will only change FastPath servers if A) the assigned PDP is unable to be reached during the FastPath Communication Interval or B) the next FastPath Validation results in a faster route through another PDP. If the PDP goes down between FastPath Communication intervals, the agent will fall offline. Therefore, the FastPath Communication Interval is recommended to be set to a value that is within tolerance of your offline agent policy. Having this value set too low (1-30 minutes) may cause undesirable effects on the agent, since the PatchLink Update Service is restarted each time FastPath Validation occurs. Values between 4 hours and 1 day are recommended.
2. FastPath is designed to provide backup PDPs/caching proxies to a group of agents automatically. Because the PDPs do not share cache directories between each other, it is not recommended to exceed more than 2-3 servers per policy/group, since the bandwidth-conserving potential of a caching proxy is lost.
3. It is recommended to assign FastPath servers to groups based on their location (e.g., East Coast Servers; LAN Computers; Remote Office 10, etc.). Assigning FastPath servers to groups that are unable to reach them is inefficient and may cause undesirable effects if the primary PDPs were to fall offline.
4. It is often tempting to assign many dozens of PDPs to groups of computers that travel (e.g., laptops). For users that travel and are on slow WAN/VPN connections to the Update Server, it is recommended that Bandwidth Throttling be used instead.

1. If the agent is unable to reach any PDP within its FastPath policy, the agent will change the Proxy value in the Agent Control Panel to LOCALHOST until the next FastPath Communication Interval is reached and a PDP becomes available. Furthermore, the IP address of the agent in the Update Server interface will appear as 0.0.0.0.
2. In Update Server 6.3, the FastPath Communication Interval is applied globally, so agents with no FastPath policy will run FastPath Validation. This behavior was changed in Update Server 6.4 so that FastPath Communication Interval is set within individual policy sets.
3. In Update Server 6.3, FastPath Validation does not occur immediately on the Update Agent. Instead, Validation occurs when the first FastPath Communication Interval is reached (e.g., 3 hours). This behavior was changed in Update Agent 6.4 so that FastPath Validation occurs immediately upon receiving the FastPath policy set.

1. Update Agent receives FastPath Communication Interval and FastPath Routes policy information during agent communication.
2. Update Agent begins FastPath Validation (Update Agent 6.3 will wait until the first FastPath Communication Interval is reached, as described above).
3. Update Agent opens a socket connection to Update Server through the first FastPath Route. The time taken to reach Update Server is recorded. If Update Server or the PDP is not reachable, Update Agent removes the FastPath Route from its list of candidates until next FastPath Validation.
4. Update Agent continues through the remaining FastPath Routes.
5. Update Agent finishes socket connections and compares times, configuring the proxy tab of Update Agent Control Panel for the route with the fastest recorded time.
6. Update Agent restarts the PatchLink Update service.