- Newest
- Most votes
- Most comments
Hi Marco, I've been poking at this a little bit more. I started a fresh EC2 instance, installed Apache, and put a CloudFront distribution in front of it. Even with an open SSH connection from my laptop my NetworkIn
and NetworkOut
topped out at a few hundred Bps unless I actually loaded a page from the webserver. You're seeing between 10 and 100 times that on your instance, so there's clearly something else happening here.
I think we can rule out anything hitting the public Internet, because that would have a Usage Type of DataTransfer-[In or Out]-Bytes
. Your instance is hitting something else in eu-central-1, but it doesn't necessarily have to be something in your account. For instance you might have some software installed that's sending telemetry data to an instance owned by the vendor. You haven't mentioned what AMI you're using, if you're using something from the Marketplace it could be something preinstalled without you realizing it. Maybe you're using your elastic IP address in a config file when you could be using localhost
instead, or hitting the public endpoint for some other AWS service. Any of these could conceivably get tallied against PublicIP-[In or Out]
while staying in the same region.
I would suggest running a network monitoring application on your instance and see what's doing all the talking. There's a wide variety of programs like that, it depends on your OS and personal preference. I used iftop
while experimenting (not an endorsement) and found it pretty easy to use. With the amount of traffic your CloudWatch graph is showing some likely candidates should jump out at you.
It's not CloudFront. It is likely your instance has a Public IP associated that incur charges within the same AZ.
IPv4: Data transferred "in" to and "out" from public or Elastic IPv4 address is charged at $0.01/GB in each direction.
Agreed, the amount of traffic Marco is describing is well within CloudFront's free tier (1 TB/mo from edge locations; origin to edge is always free). The usage type would also include
CloudFront
, which these do not.Yes, my EC2 instance has a public IP address. However, I added security groups that only allow incoming requests from CloudFront. Everything else is blocked. What kind of traffic do you have in mind when I tell you that I don't have any other services in any other region or AZ.
DataTransfer-Regional-Bytes
refers generally to traffic between availability zones within the same region. This is billed on a per-region basis (Frankfurt in your case), and the sum of this usage across all regions deducts from that 1 GB free tier. This blog post [1] may help shed some light on how these costs are classified and what's driving them. You may also want to look into using cost allocation tags [2] to help make clear what resources are driving specific costs.
[2] https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html
Thank you. I have read the first link you provided before. However I only have a single EC2 instance. Nothing else is in that region or in any of the AZs. So there is no traffic between services in different AZs. The issue must be with CloudFront. Maybe the traffic from and to CloudFront counts towards these regional bytes.
I have the same issue and current suggestions didn't work for me.
I've configured vpc, subnet, internet gateway, ... It utilizes MongoDB Obviously, I'm using Elastic IP and it is a production version. should I reconsider using Elastic IP and check whenever my public ip changed, replace it in route 53 records?
Relevant content
- asked a year ago
- asked a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
Thanks a lot for your effort. This information has helped a lot. I used
iftop
and saw traffic between the instance and 3 ip addresses on port 27017 but the same region. This is the default MongoDB port. My app connects to a free tier managed database (by MongoDB). I think this solves the mystery. MongoDB must host their db in the same region but probably in a different AZ, so this traffic counts towards the regional traffic. Is this really intended by AWS? I thought only traffic within the region between my services would count.Happy to hear you've worked out what this traffic was from. To the best of my knowledge AWS makes no distinction of who owns what in this scenario, only that there's traffic moving between AZs using the public IP.
I am having the exact same Issue. In my case I don't have any Instance Up Or Running. I not even Have And Service Or Resources being used by me. But Still received a Email stating 85% usage 1.0 GB are always free per month as part of AWS Free Usage Tier (Global-DataTransfer-Regional-Bytes). Even Though I terminated my instances 3 days Before the email received. I used the instance for Serving Ubuntu. Installed some node & nvm