When you transfer data using OSS, traffic is generated. OSS calculates traffic fees based on the actual amount of data transferred. The main types of traffic include inbound traffic, outbound traffic, origin traffic, and cross-region replication traffic.
Pricing
This topic describes the billable items and their corresponding billing methods. For more information about the pricing of billable items, see OSS Pricing.
Billable items
For the following billable items, requests that return a 4xx or 5xx status code do not incur traffic fees.
Inbound traffic
Billable item | Billable item code | Billing rule | Billable |
Inbound traffic over Internet | Not applicable | Traffic generated when you upload files by calling API operations such as PutObject through an Internet Endpoint (for example, oss-cn-hangzhou.aliyuncs.com) or a transfer acceleration Endpoint (for example, oss-accelerate.aliyuncs.com). Note When you use a transfer acceleration Endpoint to upload data to a bucket, transfer acceleration fees are also incurred. | No |
Inbound traffic over internal network | Not applicable | Traffic generated when you upload files by calling API operations such as PutObject through an internal Endpoint (for example, oss-cn-hangzhou-internal.aliyuncs.com). | No |
Outbound traffic
Billable item | Billable item code | Billing rule | Billable |
Outbound traffic over Internet | NetworkOut | Traffic generated when you access, download, or preview files, or perform image processing operations by calling the GetObject API operation through an Internet Endpoint (for example, oss-cn-hangzhou.aliyuncs.com) or a transfer acceleration Endpoint (for example, oss-accelerate.aliyuncs.com). Note When you request OSS resources using a transfer acceleration Endpoint, transfer acceleration fees are also incurred. Outbound traffic over Internet fees = Outbound traffic over Internet (GB) × Price per GB | Yes |
Outbound traffic over internal network | Not applicable | Traffic generated when you access, download, or preview files, or perform image processing operations by calling the GetObject API operation through an internal Endpoint (for example, oss-cn-hangzhou-internal.aliyuncs.com). | No |
Origin traffic
Billable item | Billable item code | Billing rule | Billable |
Origin traffic | CdnOut | Outbound traffic generated when OSS transfers requested resources to CDN cache nodes. Origin traffic fees = Origin traffic (GB) × Price per GB | Yes |
Cross-region replication traffic
Billable item | Billable item code | Billing rule | Billable |
Cross-region replication traffic | ReplicationDatasize | Outbound traffic generated when you use the cross-region replication feature to synchronously replicate data from a source bucket to a destination bucket. Cross-region replication traffic fees = Cross-region replication traffic (GB) × Price per GB | Yes |
Payment methods
Selection guide
The following table describes the features and applicable scenarios of different payment methods. You can use this information to select a suitable payment method and reduce your traffic costs.
Billing method | Description | Features | Scenarios |
Pay-as-you-go | Pay-as-you-go is the default billing method for all billable items. You are charged for the actual usage of each billable item after you use the resources. | Outbound data traffic fluctuates significantly and is difficult to predict. | A startup is developing a new mobile application. The number of users and the amount of traffic are expected to increase significantly during the promotion period, but the specific growth rate and scale are difficult to predict. |
Outbound data transfer plan | This is a resource plan for the outbound traffic over Internet billable item. When your bill is settled, usage is first deducted from the resource plan. You must purchase the plan before you use it. | Outbound data traffic is relatively stable and predictable. | A large e-commerce website that has a stable and large amount of daily Internet access and downloads. |
Support
The following table describes the supported billing methods for each billable item:
Billable item | Pay-as-you-go | Resource plan |
Outbound traffic over Internet | √ | |
Origin traffic | √ | × |
Cross-region replication traffic | √ | × |
FAQ
How do I handle an unexpected increase in outbound traffic over the Internet?
If you experience a sudden and abnormal increase in outbound traffic over the Internet for your bucket, you can use the following methods to troubleshoot the issue.
Identify the traffic abnormality.
If real-time log query is enabled for the bucket
Log on to the OSS console.
In the left-side navigation pane, click Buckets. On the Buckets page, find and click the desired bucket.
In the navigation pane on the left, choose .
On the Real-time Log Query tab, enter the following query statement to query the most frequently accessed files and their corresponding hot-spot IP addresses in examplebucket. The results are sorted by the number of access requests, and the top 5 records are returned.
* and __topic__: oss_access_log and bucket: examplebucket | SELECT client_ip AS ip_address, request_uri AS file_path, COUNT(*) AS access_count, SUM(content_length_out) AS total_bytes_sent FROM log WHERE http_status = 200 GROUP BY request_uri, client_ip ORDER BY access_count DESC LIMIT 5;The following figure shows the query result.
If real-time log query is not enabled for the bucket
Log on to the OSS console.
In the left-side navigation pane, click Buckets. On the Buckets page, find and click the desired bucket.
In the navigation pane on the left, choose Data Usage > Ranking Statistics, and then click the Referer/IP Address Rankings tab to view the top 10 referers/IP addresses.
In the navigation pane on the left, choose Data Usage > Object Access Statistics to view the names of frequently accessed files and the outbound traffic that they generate.
Determine whether the traffic is abnormal.
If you find that certain IP addresses frequently request specific objects, this may indicate malicious behavior. Proceed to Step 3 to check the relevant configurations.
If you find that multiple IP addresses are accessing different objects, the content may be widely distributed, such as through social media. Proceed to Step 4 to configure CDN to accelerate access to OSS.
Check the relevant configurations.
Configuration item
Threat description
Solution
The bucket ACL is set to public-read or public-read-write.
Anyone, including anonymous visitors, can read the files in the bucket. This generates a large amount of outbound data transfer fees.
Set the bucket ACL to private. After you set the ACL to private, all requests without a signature or permission fail.
For more information, see Bucket ACL.
The ACL of a frequently accessed file is set to public-read or public-read-write.
Anyone, including anonymous visitors, can read the file. This generates a large amount of outbound data transfer fees.
Set the object ACL to private. For more information, see Object ACL.
After you complete this configuration, users can access the file only using a signed URL within the specified validity period.
The bucket policy does not restrict the IP addresses that are allowed to access the bucket.
If IP addresses from unknown sources frequently request specific objects, a large amount of outbound data transfer fees are generated.
Use a bucket policy to block access from the hot-spot IP addresses of unknown sources that you found in Step 1.
For more information, see Use a bucket policy to grant permissions to access OSS.
Referer hotlink protection is not configured to prevent other websites from referencing OSS files.
Other websites can directly reference the URLs of your OSS files, such as images and videos, and shift the traffic load to your OSS. This causes a surge in your OSS outbound traffic and results in high bandwidth fees.
Configure a Referer blacklist to restrict access from the malicious referers that you found in Step 1. You can also configure a Referer whitelist to prevent your OSS resources from being used by others. For more information, see Configure hotlink protection.
Configure CDN to accelerate access to OSS.
If you confirm that the surge in outbound traffic is caused by content delivery, you can use CDN to distribute static resources such as images, videos, and documents in OSS. This reduces OSS outbound traffic fees and improves the resource loading speed. For more information, see Accelerate access to OSS using CDN.
References
To query hourly metering data for OSS, see Analyze hourly OSS data.
To view the fee details of this billable item, see Query bills.