Connection Bandwidth Metering?

Matthew Seaman m.seaman at
Sun Aug 8 18:57:07 UTC 2010

On 08/08/2010 19:04:18, Chris Telting wrote:
> I have my own Virtual Private Server (VPS) and was wondering what is the
> most straightforward to meter my own connection?

It depends on exactly what type of VPS you have.  If it's a Xen domU
host, or running under VMWare or VirtualBox, then it should be fairly
simple to access the byte counters kept by the network interfaces --
SNMP is the obvious way to do it -- or you can use firewall rules to
match various different types of traffic and keep counters that way.

Then you'll need to run a cron job that grabs this data and saves it
away at regular intervals -- every 5 minutes is fairly typical.

You can then calculate the average bandwidth usage for a 5 minute
sampling period by working out the difference between two adjacent
samples (ie. no of bytes sent/received during that 5 minutes) and then
multiply by 8 / (5 * 60) to get the result in bits/s

You'll have to work out how to deal with missing samples, with the
counters rolling over and with counters being set to zero at reboot,
puls storing a reasonable number of samples for doing your calculations
in an efficient way; all of which suggests that simply using one of the
available graphing programs would probably save you a deal of effort.

If your VPS is more like a FreeBSD jail, then you may need the
cooperation of whoever controls the host system to produce appropriate

> I would like to email notices to myself of excessive bandwidth usage as
> well as take steps that limit a DOS attack or Slashdot effect on the
> webserver.  I would also like the metering to be persistent as possible
> across reboots.  Not really looking for full logging or to do graphs
> yet, just want the current metered bandwidth.

What counts as 'excessive'? Bandwidth usage tends by it's nature to be
pretty bursty.  A common billing method is to calculate the 95%
percentile rate over a month -- ie. order the per-5minute bandwidth
samples from largest to smallest, discard the top 5% and then charge you
for the next highest value.  Use 1Mb/s for 4.999% of the time, and
20kb/s the rest, and you'll only be charged for 20kb/s.  Use 1Mb/s for
5.001% of the time, and you'll be charged for 1Mb/s for the whole month.

Very tricky to put together an alerting system that behaves
intelligently under such conditions, and that doesn't send you hundreds
of false alarms

However, you can use QoS bandwidth shaping to prevent your ever using up
too much bandwidth.  See dummynet(4) {use with ipfw} or altq(4) {use
with pf}.  These work to some extent by delaying traffic so that
instantaneous bandwidth usage stays within some preset bounds.  You can
also arrange to reserve bandwidth for other services than your
webserver, which helps with the Slashdot effect.



Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP:     Ramsgate
JID: matthew at               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list