Network bandwidth is the maximum amount of data that can be transferred over a network in a specific period of time. In most cases, the period of time is 1 second. Higher network bandwidth allows the transfer of a larger amount of data in the same period of time. Network bandwidth is classified into public bandwidth and internal bandwidth.
Public bandwidth
Public bandwidth is used to transfer data between Elastic Compute Service (ECS) instances and the Internet. Public bandwidth is classified into outbound public bandwidth and inbound public bandwidth. Outbound public bandwidth is used for traffic from ECS instances to the Internet. Inbound public bandwidth is used for traffic from the Internet to ECS instances. You are charged for outbound public bandwidth. The maximum inbound public bandwidth varies based on the outbound public bandwidth: If the outbound public bandwidth is less than or equal to 10 Mbit/s, the inbound public bandwidth is capped at 10 Mbit/s. If the outbound public bandwidth is greater than 10 Mbit/s, the inbound public bandwidth is equal to the outbound public bandwidth. If the outbound public bandwidth is greater than 1 Gbit/s, distributed throttling is automatically enabled. The maximum bandwidth value that you specify is evenly allocated to multiple ECS instances. For each ECS instance, public bandwidth for single-flow traffic is limited to the specified maximum bandwidth value divided by the number of instances, and public bandwidth for multi-flow traffic is limited to the specified maximum bandwidth value.
You can enable public bandwidth for an ECS instance by assigning a public IP address to the instance when you create the instance. For more information, see Best practices for configuring public bandwidth. Alternatively, you can enable public bandwidth for an ECS instance by associating an elastic IP address (EIP) with the instance after you create the instance. For more information, see Associate an EIP with an instance. You can use Anycast EIPs to improve Internet access quality based on the stable Border Gateway Protocol (BGP) lines and the global transmission network of Alibaba Cloud. For more information about Anycast EIPs, see What is Anycast EIP? You can assign an IPv6 address to an ECS instance and enable IPv6 public bandwidth for the instance. For more information, see Step 3: Enable IPv6 public bandwidth for a Windows instance or Step 3: Enable IPv6 public bandwidth for a Linux instance.
Bandwidth billing
Public bandwidth supports the pay-by-bandwidth and pay-by-traffic metering methods. For more information, see Public bandwidth. To share and reuse network bandwidth within a region, create an Internet Shared Bandwidth instance in the region. For information about EIP bandwidth plans, see What is an Internet Shared Bandwidth? You can associate EIPs in the same region with the Internet Shared Bandwidth instance. This way, you can reuse network bandwidth in the Internet Shared Bandwidth instance and reduce costs. You can apply data transfer plans to the IPv4 data transfer of eligible resources to reduce costs for your public bandwidth usage. Eligible resources include the public IP addresses, EIPs, Classic Load Balancer (CLB) instances, and Internet Shared Bandwidth instances that use the pay-by-traffic (also known as pay-by-data-transfer) metering method. You cannot apply data transfer plans to EIPs of BGP (Multi-ISP) Pro. For more information about data transfer plans, see What is a data transfer plan?
Bandwidth security
By default, Alibaba Cloud Security Center provides a DDoS mitigation capacity for each ECS instance free of charge. The mitigation capacity varies based on the instance type and can be up to 5 Gbit/s. For more information, see View the thresholds that trigger blackhole filtering in Anti-DDoS Origin Basic.
After you activate Anti-DDoS Origin Basic, Alibaba Cloud Security Center monitors inbound traffic to ECS instances in real time. When an ultra-large amount of traffic or suspicious traffic such as DDoS attack traffic is detected, Security Center redirects traffic from the intended paths to a scrubbing device. The scrubbing device identifies and removes malicious traffic, and then returns legitimate traffic. Then, the legitimate traffic is forwarded to ECS instances by using the intended paths. For more information, see What is Anti-DDoS Origin?
When an ECS instance is under a DDoS attack, you can defend against the attack at the earliest opportunity based on the pushed event. For more information, see Instance security events.
Limits
Starting from November 27, 2020, the maximum bandwidth value that is available for new ECS instances or updated ECS instances vary based on the throttling policies of your account. To apply for an increase in bandwidth quotas, submit a ticket.
The following throttling policies apply:
In each region, the total maximum bandwidth of all ECS instances that use the pay-by-traffic metering method cannot exceed 5 Gbit/s.
In each region, the total maximum bandwidth of all ECS instances that use the pay-by-bandwidth metering method cannot exceed 50 Gbit/s.
For more information, see Public bandwidth limits.
Internal bandwidth
Internal bandwidth is used to transfer data between ECS instances over the internal network in the same virtual private cloud (VPC) and region. ECS instances can be connected to ApsaraDB RDS instances, Server Load Balancer (SLB) instances, and Object Storage Service (OSS) buckets over the internal network. In-region data transfer over the internal network is free of charge. Internal bandwidth values vary based on instance types. For information about the internal bandwidth value that is supported by each instance type, see Overview of instance families. Internal bandwidth is allocated to each ECS instance. If multiple network interfaces are bound to an instance, the sum of the internal bandwidth that is used by the network interfaces cannot exceed the internal bandwidth of the instance.
Cross-zone internal bandwidth varies based on the bandwidth specifications of instance types. Network latency increases with distance between zones.
Internal bandwidth in a deployment set or across deployment sets also varies based on the bandwidth specifications of instance types.
When you use internal bandwidth, take note of the following items:
Physical network bandwidth is shared across instances. The network bandwidth of an instance may be influenced by the bandwidth usage of the other instances in the VPC. In most cases, however, the network bandwidth can reach the standard bandwidth provided by the instance type. For information about how to test network performance, see Best practices for testing network performance.
If your business may intermittently require a network bandwidth larger than the baseline bandwidth, you can select an instance type that supports burst bandwidth.Burst bandwidth Such instances accumulate credits when idle, and consume the credits when a bandwidth larger than the baseline is required. Burst bandwidth is limited. For more information, see Instance families.
If you want a 100 Gbit/s or higher internal bandwidth per instance, select an instance type that supports network card mappings and specify network card indexes to attach elastic network interfaces to different network cards at the underlying layer. This way, you can maximize bandwidth utilization. For information about network card mappings, see Basics.
Burst bandwidth
Some instance types that belong to sixth-generation or later instance families support network burst bandwidths. Burstable bandwidth delivers enhanced burst performance during sudden traffic spikes. For more information about burst network bandwidth, see Instance families.
How it works
Select instance types based on bandwidth usage
In this section, an instance that uses the ecs.g8i.large instance type is used to illustrate how you can leverage the combination of baseline bandwidth and burst bandwidth to meet your business requirements In the following figure, the blue line indicates the actual bandwidth usage, and the orange line indicates the credit balance. During the monitored period, a traffic burst that caused a peak bandwidth usage of 10 Gbit/s occurred. For the rest of the periods, the bandwidth usage is around 2 Gbit/s.
Most of the time, the business requires a bandwidth of less than 2 Gbit/s, which can be covered by the baseline bandwidth (2.5 Gbit/s) provided by the ecs.g8i.large instance type. In this case, you do not need to use an instance type with higher specifications, such as ecs.g8i.xlarge.
The actual peak bandwidth is 10 Gbit/s, which is below the 15 Gbit/s maximum burst bandwidth provided by ecs.g8i.large. In this case, you do not need to use an instance type with higher specifications, such as ecs.g8i.xlarge.
Within 1 minute after the traffic burst starts, the bandwidth usage surged to 10 Gbit/s and the credits are continuously consumed. At the 21st minute of the monitored period, the credit balance is used up, and the bandwidth is capped at the baseline bandwidth, which is 2.5 Gbit/s. If a performance limit is not acceptable, you may need to use an instance type with higher specifications, such as ecs.g8i.xlarge.
Monitor network bandwidth
You can use CloudMonitor to monitor network bandwidth.
References
For information about how to change the billing method of public bandwidth, see Change the billing method for network usage.
For information about how to change the public bandwidth of your instance, see Modify the bandwidth configurations of subscription instances and Modify the bandwidth configurations of pay-as-you-go instances.
For information about how to change the bandwidth and billing method of an EIP, see Modify the bandwidth of an EIP.