Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Avoiding Vultr Bandwidth Overages
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Avoiding Vultr Bandwidth Overages

daviddavid Member
in General

I've had my Vultr vps for almost a full month now. When I posted before, the issue of bandwidth overages came up. There was some confusion, but after looking into it, this is the way I think it works.

First, only outbound traffic is charged. A monthly allocation of 2 TB is given at the beginning of the month for use with all of your servers. If you only have 1, then all 2 TB is available right away for the vps on the 1st of the month (UTC time).

The allocation that's included with the vps plan, in my case 1 TB for the $6 high frequency plan, accumulates in hourly chunks. So that by the end of the month (or the 28th), you'll finally have the full 1 TB added to the 2 TB.

That $6 plan also includes 1 vCPU (3ghz+), 1 GB memory, 32 GB NVMe. It is noticeably faster than the regular $5 plan and includes more disk space.

It would be nice if there were an option to shut down the vps if bandwidth is exceeded. I think there used to be, but they removed it.

What I've done to avoid overages, is install vnstat, and write a script that runs every 5 minutes to check for overages. If it goes over, port 80 and port 443 are blocked. When it's under the limit again, the ports are unblocked.

If there's any interest in the script, let me know. There is good functionality within vnstat to check the usage vs. monthly limit. For example:

# --alert output exit type condition limit unit
# output   0=No output       1=Always output   2=If exceeds estimate          3=If exceeds limit
# exit     0=Always Exit 0   1=Always Exit 1   2=Exit 1 if exceeds estimate   3=Exit 1 if exceeds limit
  vnstat -i enp1s0 --alert 0 3 m tx $(echo "${MONTHLYLIMIT}") GB

Also, here are some of the bandwidth-related graphs and information from the Vultr account, so you can see how it's working.

Thanked by 2JasonM atomi

Comments

  • mailcheapmailcheap Member, Host Rep

    I'm curious as to what your use is considering it does use all the B/W allocation but you can still afford to close down service for a varying amount of days each month.

    Pavin.

    Thanked by 1PineappleM
  • daviddavid Member
    edited February 26

    I use the vps for personal websites, personal vpn, email, asterisk (voip). My bandwidth use is normally under 300 GB per month. I put this bandwidth monitoring in place, just in case something happens and my websites get really popular all of the sudden, or whatever.

    I hope I'll notice it before it exceeds the bandwidth and make plans to upgrade the vps, or perhaps get a second vps with unlimited bandwidth to move some of the static content to.

    But, if the bandwidth is exceeded, I'd rather close the ports while I deal with it than face some huge bandwidth overage charge.

    I also have a script that runs once an hour that uses vnstat's estimates, so if it estimates bandwidth will be exceeded based on traffic, it should email me. If the ports are closed, the first script sends a DM to my cell phone, so I'll hopefully be aware right away.

    Thanked by 1mailcheap
  • lowenduser1lowenduser1 Member

    Avoiding Vultr Bandwidth Overages

    Avoid Vultr B)

    I don't see why anyone would agree with such BW limits without options for auto-shutdown or some kind of throttle without costs. Beside the asshole attitude of making profit of over usages, it's not of this era to offer single digit terabyte traffic. I don't think Vultr is special enough to act so special.

    There should be plenty of such auto shutdown scripts floating around on Github. Why reinvent the wheel. My solution so far has been avoiding crap offers and not even research such scripts

    Thanked by 1rm_
  • daviddavid Member

    I don't mind writing the scripts myself. I already have my own scripts that do monitoring, checking logs, updating the firewall in cases of abuse, etc. When I've tried other packages, they seem lacking to me, and don't do what I want.

    As far as Vultr, I'm specifically looking for the best connectivity to my home, and it's the best I've found so far (Tokyo). I'm open to something else, but it should also be an established service and not some fly-by-night outfit.

    Thanked by 1trungkien
  • trungkientrungkien Member

    @david said:
    I don't mind writing the scripts myself. I already have my own scripts that do monitoring, checking logs, updating the firewall in cases of abuse, etc. When I've tried other packages, they seem lacking to me, and don't do what I want.

    As far as Vultr, I'm specifically looking for the best connectivity to my home, and it's the best I've found so far (Tokyo). I'm open to something else, but it should also be an established service and not some fly-by-night outfit.

    I am using more than 10 VPS from Vultr as well. I am not running out of bw at the moment. However, I am working on a code to move DNS records to a different VPS if the current VPS is out of bandwidth.
    If possible, could you share your code? Your working code would be a great reference for my case.
    Thank you

  • fluffernutterfluffernutter Member

    Vultr traffic to Cloudflare is free, do you keep this in mind while doing traffic calculations? You're allowed to push an infinite amount from vultr -> cloudflare, so if your sites are behind CF then the traffic used doesn't really matter.

    Thanked by 3trungkien martheen PineappleM
  • daviddavid Member

    @trungkien said: I am using more than 10 VPS from Vultr as well. I am not running out of bw at the moment. However, I am working on a code to move DNS records to a different VPS if the current VPS is out of bandwidth.
    If possible, could you share your code? Your working code would be a great reference for my case.
    Thank you

    Sure, here's the script. It requires vnstat and "bc". If your server isn't on UTC time, you'll need to explicitly setup vnstat to use UTC ("UseUTC 1" in /etc/vnstat.conf). I had to remove and add again the interfaces to vnstat and restart the service a few times to get it to use the UTC setting (check vnstat -h to make sure).

    The firewall code will vary depending on what you're using and your setup. I use iptables and ip6tables. Normally, I have this included to open the ports.

    iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT

    To drop traffic from port 80 and 443, I remove those ACCEPTS, and add DROPS above the RELATED,ESTABLISHED line.

    iptables -A INPUT -p tcp -m tcp --dport 80 -j DROP
iptables -A INPUT -p tcp -m tcp --dport 443 -j DROP
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

    I do similarly for ip6tables.

    #!/bin/bash
#
# check-vnstat.sh
# Check bandwidth usage using vnstat.
# If bandwidth usage has been exceeded, block port 80 and 443.
# If bandwidth usage is OK again, unblock port 80 and 443.
# Should be run as cron job, so an email will be sent with the
# output.

VNSTATPID=`pidof vnstatd`

if [ ! -z "${VNSTATPID}" ]
then

  BLOCKFILE="/root/utils/Drop-Traffic.txt"
  DAY=$(date -u +%d)
  DAY=$((${DAY}-1))
  if [ ${DAY} -gt 28 ]
  then
    DAY=28
  fi
  DAILYLIMIT="36"
  STARTINGLIMIT="2048"
  MONTHLYLIMIT=$(echo "${STARTINGLIMIT} + (${DAY} * ${DAILYLIMIT})" | bc)

# --alert output exit type condition limit unit
# output   0=No output       1=Always output   2=If exceeds estimate          3=If exceeds limit
# exit     0=Always Exit 0   1=Always Exit 1   2=Exit 1 if exceeds estimate   3=Exit 1 if exceeds limit
  vnstat -i enp1s0 --alert 0 3 m tx $(echo "${MONTHLYLIMIT}") GB

  if [ $? -eq 1 ]
  then
    if [ ! -f ${BLOCKFILE} ]
    then
      MSG="Bandwidth limit (${MONTHLYLIMIT} GB) exceeded, dropping traffic for port 80 and 443."
      echo "${MSG}"

      # RUN SCRIPTS TO BLOCK PORT 80 AND 443 HERE

      date > ${BLOCKFILE}
    fi
  else
    if [ -f ${BLOCKFILE} ]
    then
      MSG="Bandwidth limit (${MONTHLYLIMIT} GB) OK, unblocking traffic for port 80 and 443."
      echo "${MSG}"

      # RUN SCRIPTS TO UNBLOCK PORT 80 AND 443 HERE

      rm -f ${BLOCKFILE}
    fi
  fi

fi
    Thanked by 1trungkien
  • daviddavid Member

    You'll want to adjust the DAILYLIMIT as needed. It accumulates bandwidth daily instead of hourly. If you have more than one server, it may be more complicated since the STARTINGLIMIT is shared.

    Thanked by 1trungkien
  • daviddavid Member

    @fluffernutter said:
    Vultr traffic to Cloudflare is free, do you keep this in mind while doing traffic calculations? You're allowed to push an infinite amount from vultr -> cloudflare, so if your sites are behind CF then the traffic used doesn't really matter.

    I'm not using Cloudflare. I've thought about it in the past, but so far, I'd prefer to avoid it. It seems like I'm constantly getting "Verify you are human" from Cloudflare when I visit various websites, sometimes with captchas. It's a pain, and doesn't reflect well on the website, in my opinion. Sometimes, I don't bother with those websites and just leave.

    Thanked by 2rm_ trungkien
  • ailiceailice Member

    Something was probably worth to mention is support time answer, Vultr support was really quick for mostly time, and to be credit. My first journey to managed server was painless thanks to them, they also do installation custom ubuntu for me back in days.

  • trungkientrungkien Member

    @david said:
    You'll want to adjust the DAILYLIMIT as needed. It accumulates bandwidth daily instead of hourly. If you have more than one server, it may be more complicated since the STARTINGLIMIT is shared.

    @david said:

    @fluffernutter said:
    Vultr traffic to Cloudflare is free, do you keep this in mind while doing traffic calculations? You're allowed to push an infinite amount from vultr -> cloudflare, so if your sites are behind CF then the traffic used doesn't really matter.

    I'm not using Cloudflare. I've thought about it in the past, but so far, I'd prefer to avoid it. It seems like I'm constantly getting "Verify you are human" from Cloudflare when I visit various websites, sometimes with captchas. It's a pain, and doesn't reflect well on the website, in my opinion. Sometimes, I don't bother with those websites and just leave.

    Thank you for sharing.
    Just my opinion: Instead of blocking port 80, maybe turning on Cloudflare when the VPS is out of bandwidth would be better for your user experience.
    For Cloudflare case, you may need to change security setting on your Cloudflare account to "Off" or "Essentially off" to bypass most of Capcha from Cloudflare for your users.

    Thanked by 1xms
  • JabJabJabJab Member
    edited February 26

    Idea is pretty nice, but your counter (vnstat) has nothing to do with Vultr counter and it's broken by design - you will have different numbers. You will get billed by Vultr counter, not yours

    Wasn't it easier to just query Vultr API? https://www.vultr.com/api/#tag/account/operation/get-account-bandwidth

    Thanked by 2raindog308 david
  • daviddavid Member

    What about vnstat is broken by design? I also considered using the API, but went this route for now. I'll check during the next full month if there's a significant difference, and if need be, I could try to switch it to use the API.

  • raindog308raindog308 Administrator, Veteran

    I would use the API. Using vnstat, you're analyzing data and making your own conclusions. Using the API, you're seeing which conclusions Vultr has come to, and those are the conclusions that matter. In other words, what the API reports is what matters because that's how you're going to be billed.

    Thanked by 5david fluffernutter Tingull trungkien PineappleM
  • daviddavid Member

    You're right. I rewrote the script to use the API.

    #!/bin/bash
#
# check-bandwidth.sh
# Check bandwidth usage using Vultr API.
# If bandwidth usage has been exceeded, block port 80 and 443.
# If bandwidth usage is OK again, unblock port 80 and 443.
# Should be run as cron job, so an email will be sent with the
# output.

blockfile="/root/utils/Drop-Traffic.txt"
allowance="5"
vultr_api_key="api-key-here"

apioutput=$(curl -4 -s "https://api.vultr.com/v2/account/bandwidth" -X GET -H "Authorization: Bearer ${vultr_api_key}")

if [ ! -z "${apioutput}" ]
then

  gb_out=$(echo ${apioutput} | jq '.bandwidth.currentMonthToDate.gb_out')
  freeBandwidthCredits=$(echo ${apioutput} | jq '.bandwidth.currentMonthToDate.freeBandwidthCredits')
  instanceBandwidthCredits=$(echo ${apioutput} | jq '.bandwidth.currentMonthToDate.instanceBandwidthCredits')
  purchasedBandwidthCredits=$(echo ${apioutput} | jq '.bandwidth.currentMonthToDate.purchasedBandwidthCredits')
  overage=$(echo ${apioutput} | jq '.bandwidth.currentMonthToDate.overage')
  overage_cost=$(echo ${apioutput} | jq '.bandwidth.currentMonthToDate.overage_cost')

  totalcredits=$(echo "${freeBandwidthCredits} + ${instanceBandwidthCredits} + ${purchasedBandwidthCredits}" | bc)
  creditsremaining=$(echo "${totalcredits} - ${gb_out}" | bc)

  if [ ${creditsremaining} -le ${allowance} ]
  then
    if [ ! -f ${blockfile} ]
    then
      MSG="BLOCKING - Bandwidth remaining=${creditsremaining} GB, Used=${gb_out} GB, Overage=${overage} GB, Overage Cost=${overage_cost}, dropping traffic for port 80 and 443."
      echo "${MSG}"

      # RUN SCRIPTS TO BLOCK PORT 80 AND 443 HERE

      date > ${blockfile}
    fi
  else
    if [ -f ${blockfile} ]
    then
      MSG="OK, UNBLOCKING - Bandwidth remaining=${creditsremaining} GB, Used=${gb_out} GB, Overage=${overage} GB, Overage Cost=${overage_cost}, unblocking traffic for port 80 and 443."
      echo "${MSG}"

      # RUN SCRIPTS TO UNBLOCK PORT 80 AND 443 HERE

      rm -f ${blockfile}
    fi
  fi

fi
    Thanked by 3David2020 trungkien mailcheap
  • raindog308raindog308 Administrator, Veteran

    The one I just wrote before coming back to this thread and seeing yours is rather similar :-)

    https://lowendbox.com/blog/check-your-vultr-bandwidth-before-this-happens-we-make-it-easy/

    Thanked by 4david David2020 trungkien mailcheap
Sign In or Register to comment.