1

Sudden increase in outgoing traffic

view story
linux-howto

http://serverfault.com – My server is witnessing a sudden increase in traffic. Consistently there is a 200mb outgoing traffic every hour. This is not my web traffic. I am running centos OS and completely new to server administration. Can some one help me to figure out what is causing the traffic. I tried all possible netstat lsof etc. But couldnt really figure out what is causing this. Since my bandwidth is limited this is causing a real headache. Any help on this front will be useful. (HowTos)

u85500's picture
Submitted by u85500 on 09/24/2012

Stories similar to Sudden increase in outgoing traffic

I run a web server (Debian Squeeze on a VPS), and the graphs provided by the hosting company show consistently that around twice as much traffic is incoming to the server compared to the outgoing traffic.

I'm using a virtual Ubuntu Server (on Amazon EC2) and I want to connect to a PPTP VPN server to route outgoing traffic through this connection. To do this, I specify the following two options:

defaultroute replacedefaultroute

This works - but the moment the tunnel to route the traffic is established, my SSH connection to the server is broken and I can't reconnect.

My server has recieved sudden increase in the (read) web traffic, requesting many map image tiles, and apache cannot handle it.

Apache cannot even handle the redirections!

DNS traffic 18 weeks 2 days ago

Hi All,

I have just started learning Lunix; I hope you can help me to block unwanted DNS traffic.

I have big spikes of traffic few times a day. The duration is from few minutes to two hours.

Incoming traffic is 1 mbps, outgoing is 3mbps

Using my friend's script I was able to get some logs.

I've got a cheap VPS running Ubuntu 12.04 that I sometimes proxy web traffic through via SSH when I don't trust the network I'm on. I'd like to have a closer look at some of that traffic on occasion.

I understand that somebody would want to block incoming traffic as a general rule except for public resources. And I also understand that you could want to block all outgoing traffic except for certain external services.

But is there any serious security risk if I allow incoming traffic that represents responses to previous outgoing traffic, e.g. HTTP requests?

I have a weird problem with traffic here. My server is connected via 100mbit to a netgear switch. Now sometimes when I look at the traffic on the server using iptraf it reports in excess of 16000kbytes/s, that is 16 MB/s on a 100mbit line.

Do anyone have a recommended program that will help me restrict outgoing traffic on my Ubuntu Server to 50KB/sec per IP?

I have found alternatives, but they seem to only work on etc HTTP (port 80) and so on(I think Squid only work with HTTP), I want a program that restricts all forms of outgoing traffic on all ports to max 50KB/sec per IP.

I am looking at VoIP providers and many of them have a part of their TOS that says they don't allow "non-IP originated traffic."

Excerpt from TOS:

You shall only send to [DELETED COMPANY NAME] network traffic which is originated via Internet protocol (“IP”).