This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

A spike of Ergress to Google IPs causing +735% cost

Posted on 05-09-2022 11:14 AM
nutj
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello everyone -- GCP recently charges me +735% over a month due to `Network Internet Egress from Americas to Americas` (see screenshot1). I checks VPC Flow Logs and it shows tons of Ergress traffics to Google IPs (see screenshot2).

Can anyone let me know if this is expected or something is happening with my compute engine and how should I optimise this?

Here's an example of logs:

 

{
  "insertId": "166ere3f102dql",
  "jsonPayload": {
    "packets_sent": "64",
    "src_vpc": {
      "project_id": "XXX",
      "vpc_name": "default",
      "subnetwork_name": "default"
    },
    "dest_location": {
      "country": "usa",
      "continent": "America",
      "asn": 15169
    },
    "rtt_msec": "24",
    "connection": {
      "src_ip": "10.128.0.4",
      "dest_port": 57883,
      "protocol": 6,
      "dest_ip": "35.186.167.85",
      "src_port": 80
    },
    "start_time": "2022-04-23T11:42:34.601372634Z",
    "reporter": "SRC",
    "end_time": "2022-04-23T11:42:34.650633108Z",
    "src_instance": {
      "region": "us-central1",
      "project_id": "XXX",
      "zone": "us-central1-b",
      "vm_name": "XXX"
    },
    "bytes_sent": "31776"
  },
  "resource": {
    "type": "gce_subnetwork",
    "labels": {
      "subnetwork_name": "default",
      "location": "us-central1-b",
      "subnetwork_id": "XXX",
      "project_id": "XXX"
    }
  },
  "timestamp": "2022-04-23T11:42:38.911994851Z",
  "logName": "projects/XXX/logs/compute.googleapis.com%2Fvpc_flows",
  "receiveTimestamp": "2022-04-23T11:42:38.911994851Z"
}

 

Network Internet Egress from Americas to AmericasNetwork Internet Egress from Americas to Americas

Screenshot 2022-05-10 at 1.08.10 AM.png

0 1 424
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
ulisescasas
Staff
Reply posted on --/--/---- --:-- AM

Hello,

The logs you are seeing are normal,

VPC Flow Logs records a sample of network flows sent from and received by VM instances, including instances used as Google Kubernetes Engine nodes. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization. 

When you enable VPC Flow Logs, you enable it for all VMs in a subnet. However, you can cut down the amount of information written to logging.

Please see the attached Documentation links for VPC flow log overview.

https://cloud.google.com/vpc/docs/flow-logs

https://cloud.google.com/vpc/docs/using-flow-logs

Regards

Top Labels in this Space
Top Solution Authors
View all