Talking tech since 2003
data transfer Linux overages vnstat

How To: Monitor and Control Your Linux Server Bandwidth

by Mike Mansell 3 min read

For a while now I have been using a large and well-known host for a personal VPS (virtual private server) that I ran a few Linux-based daemons (BitlBee, ZNC, a light web server for PHP, etc.) on.  While I never had a single issue with my host, I recently came to the realization that for what I was actually using in terms of memory and bandwidth my VPS was indeed overkill.  With this in mind, I looked at a few VPS hosts and couldn’t find anyone (reputable) that offered a package for what I actually used.

Then it hit me.  I had already been using RackSpace Cloud Files to host screenshots, so I opted to try the sister “Cloud Servers” product.  I was happy to learn that their servers had several levels that fit my needs and budget.  However, unlike my previous host, RackSpace bills based on bandwidth utilization on top of computing usage.  For many this type of scalability is useful, but I began to worry about the potential of incurring high costs in the event that my server experienced some sort of denial-of-service (DoS) attack.

If you think about it, this can happen with any server.  Even if a company gives you a pre-defined bandwidth usage limit, going over said limit could lead to costly overage fees.  With this in mind, I went scouring the web trying to find a solution to better monitor and manage my bandwidth so that I could at least keep an eye on my utilization so that I could predict my charges.

As it turns out, there’s a nice utility out there known as “vnstat”, which allows you to monitor your network usage (both incoming and outgoing traffic).  This amazing find just so happened to be in the Debian repository, so installing it was simply a matter of using apt-get to install it as root.

apt-get install vnstat

After installing it, using it was as simply as running the following command;

vnstat -u -i eth0

What this command does is run the vnstat application, forcing it to update the database for the network port (or create said database if it doesn’t already exist) and tells it what network interface we will be using; in most cases being eth0.  From there, we can view the network statistics whenever we want simply by running “vnstat” from our terminal.  In doing so we’ll get an output like the one below.

It is important to note, though, that vnstat updates in five-minute increments, meaning that your result may be a tad off.

While this was all fine and dandy, I didn’t want constantly SSH in multiple-times per day to keep up with my bandwidth usage.  And what if someone tried to DoS my server while I was asleep?  For this reason I opted to create a small script (located on the BestTechie Forums) to keep track of vnstat updates and take an appropriate action whenever I exceeded a pre-set bandwidth threshold.  Written in bash, this script simply requires that you set the maximum number of megabytes that you want to consume in bandwidth, and edit the command that is run when the bandwidth is exceeded.  This script requires GNU “screen” (standard in any Linux distribution repository) in order to run in the background, but the script can be executed and run just like any regular script without having to be launched in screen.

chmod +x script.sh
./script.sh

In my situation, I have an IPTables file that I use to block access to unnecessary services when my bandwidth is being over-used.  However it might be easier to simply shutdown services (e.g. “/etc/init.d/httpd stop”).  Either way, you will probably want to run this script as root so that it can do its job if and when the time comes.

Read more posts by this author

Mike Mansell

The link has been copied!
You've successfully subscribed to BestTechie
Welcome back! You've successfully signed in.
Great! You've successfully signed up.
Your link has expired
Success! Your account is fully activated, you now have access to all content.