(I have also posted this question on Stack Exchange - Server Fault)
I work for a PK-12 public school district in the USA, in a very rural area with a large number of low-income families, and where many rural families only have 0.5 to 1.5 megabit DSL. In some cases people have no other low-cost Internet access option other than the obsolete 56k dialup modem, or going to a small and heavily overtaxed public library for Internet access.
Our district network is only 100 megabit, and when a single Windows 10 computer wants to install a large multi-gigabyte feature update, it can manage to download at 90+ megabit, and bring the rest of our Internet usage to a near-standstill.
I would like to set up a public Microsoft peer-to-peer update cache for these unmanaged public Windows 10 devices which are brought into our district by students and families, so that they can update their personal equipment without killing our Internet connection.
There does not appear to be any official way to set up a global/master p2p Windows update cache, with hundreds of gigs of disk space reserved for update retention, and with hundreds of days of update retention time. Microsoft provides zero documentation for how peer to peer updates work, and there is no graphical interface available to monitor p2p connections, or downloading from neighbor devices.
Can this be done? I am having a hard time determining if this is possible, what with Microsoft's lack of detailed documentation of how any of this really works.
Apparently Windows Update clients will only download p2p updates from their local subnet. If my district network has multiple subnets for client devices, is it possible to install multiple NICs or configure multiple VLANs to a single computer, so that its p2p update cache spans and shares updates across the many public client subnets simultaneously?
I am fine with setting up a Windows 10 Education or 2016 Server virtual machine that runs 24x7 with 250 gigs of disk space dedicated to caching every update that Microsoft issues for the next two years, so that public devices brought into the district for updating, will never use the Internet for Windows Update downloads.
Also if I can get a master public p2p update cache figured out for myself, I will also build one for our small public library, so that they too don't have their limited Internet bandwidth being constantly eaten alive by patron Windows devices brought to the library for updates.
Apparently from what I can determine, only managed devices registered with WSUS / SCCM are able to use an organization's internal managed update services, so there apparently is no way for Windows devices owned by students and families to access a managed windows update cache.
I feel your pain. I also live and work in an area with poor Internet connectivity.
Your school district needs a WSUS server for its own internal use. This then gives you some capability to schedule when updates to the server will occur. It also allows you to throttle server bandwidth usage by BITS based on a schedule.
You could then setup another server in a public subnet that uses WSUSOffline to pull updates from your WSUS server. You could then make the "Client" folder publicly accessible with instructions how to run the UpdateInstaller from that folder to install updates on whomever you trust with that info.
One drawback to this method is the requirement for 2 full stores of M$ updates. I would allocate at least 1TB for both machines just for updates.
A second drawback will be the amount of administrative time spent managing both servers. It "ain't" cheap maintaining a Microsoft environment.