Amos Jeffries wrote:
That 403 is Squid or something upstream blocking the requests. So the
speed of calls is likely due to badly programed retries.
----
Not squid -- I kept wondering why it would keep hammering month
after month on an adddr that supposedly doesn't work -- unless it
really does, and the other end is programmed to return a 403 so it
looks like no information is being transfered, but the exact contents
could vary -- I just haven't been interested enough to find out.
You could block this in Squid with:
acl SQM dstdomain sqm.microsoft.com
http_access deny SQM
and prevent logging of its requests with
access_log none SQM
But neither of those will help with the bandwidth consumption between
Squid and the problem box. Likely only finding out the cause of the
call-home and killing it will do that.
---
Will try the aboves Thanks!
These may help with that latter:
Will check them out, but it's the out-of-domain bandwidth that is
scarce. Inside, it's on a 1G switched network, so it's not
really noticeable.
