3

I have been running about 20 servers in Google Cloud Platform.

This month which is only 7days passed, I have charged $546.76 for the "Google Compute Network Internet Egress from APAC to China 2,471.65 GB" suddenly. And it still has been increasing.

At first, I have NOT provided like webserver or any service to china as publish, most likely VM Instances work as cron or crawler server.

And also I have checked network "Egress", which means output I think, every our servers in Google Cloud Platform, but I couldn't find any output like so huge traffic 2,471.65 GB. So this huge amount output traffic is very strange to me.

So I would like to know
1, What is this charged for traffic? Am I getting attack from china ?
2, How can I make sure which server to send many traffic to china ?
3, Do I have to pay for google full charge even if such an unexpected traffic fee ?

Thanks.

k16
  • 481
  • 2
  • 6
  • 18
  • 1
    Perhaps they were trying to ddos you? – Joel Jul 08 '15 at 00:40
  • hmmm, the servers are still working and there are nothing high load AVG server. so only Egress data has been increasing. And also I can't find huge network traffic both input and output. – k16 Jul 08 '15 at 03:17
  • Does this answer your question? [What does 'Compute Engine Network Internet Egress' mean to Google Cloud?](https://stackoverflow.com/questions/27627630/what-does-compute-engine-network-internet-egress-mean-to-google-cloud) – Channa Jul 03 '20 at 15:56

1 Answers1

4

See my previous answer on this topic for details.

  1. You're being charged because you're sending traffic to China, perhaps in response to requests that users in China are sending to your server. Whether it's an attack or not is up to you to figure out, based on your service's typical usage patterns, and more importantly, logs from your server.

  2. If you don't want to send any traffic to China, set your firewall rules to drop such traffic rather than respond with 404 or other error page: remember, any response traffic counts as "egress" and charged at standard egress rates.

  3. Yes, because Google provided you the service of sending traffic to China, hence, Google had already paid its fees to send this traffic on your behalf. If you want to dispute this charge, see the support site and follow the links for billing.

Community
  • 1
  • 1
Misha Brukman
  • 12,938
  • 4
  • 61
  • 78
  • 1
    Thank you for your reply.I would like to stop sending to china at first, so could you elaborate how can I set the Drop firewall rules only to china ? Can I do that on the developers console ? @misha-brukman – k16 Jul 08 '15 at 02:37
  • 1
    @k16 I don't think that's a single-step process. You would have to know all IP ranges/blocks you want to block and then you can create [firewall rules](https://cloud.google.com/compute/docs/networking#addingafirewall) for those IP ranges/blocks. You can [search for Chinese IP blocks](https://www.google.com/search?q=list%20of%20chinese%20ip%20blocks&rct=j) to block but I don't know which are authoritative or correct; that's up to you. – Misha Brukman Jul 09 '15 at 02:19
  • I see. That's a general way. I thought there is a simple way on the GCP. Actually it hasn't solved yet, I couldn't find any logs on the servers and also on monitor in developer console. but thanks a lot. – k16 Jul 09 '15 at 08:13