At 3am that morning, a server alert went off like crazy. I was cursing while climbing up to check the logs, and found that the business was being flushed by 200Gbps of DDoS traffic. Fortunately, the high-defense CDN used at that time is billed by bandwidth, which if the traffic billing, the next day the financial estimates can take a knife to block my office door - after all, the attack generated by the garbage traffic will be counted in the bill.
After so many years of helping customers to do security programs, the most often asked is: “high defense CDN in the end should choose to pay by traffic or bandwidth?” This question is like asking whether you should fight with a shield or a spear, depending entirely on whether you are facing archers or heavy cavalry.
Let's burst a bubble.Don't expect one billing method to save you money in every scenario. I've seen too many teams blindly choose the so-called “most cost-effective” option, only to have their budgets blown up by unexpected traffic, or burn money on unused bandwidth capacity.
Bandwidth billing (bandwidth reservation) is frankly an unlimited monthly subscription. You buy the width of the channel, no matter how much data actually run, pay a fixed amount of money every month. It's like renting a two-way eight-lane road, even if there's only one bike running on it, and paying a penny for it.
Traffic billing, on the other hand, is based on actual data usage, with 1GB of usage counting as 1GB of money, more like utilities for everyday use. This model sounds fair, right? But the devil is in the details - malicious traffic generated by unexpected attacks will also be counted in the bill, which is a stealth bomb that can double your bill a hundred times.
I ran into a pitfall last year when helping an e-commerce company with a migration. They originally used CDN5's bandwidth billing, with a fixed 6,000 RMB package of 200Mbps bandwidth per month. During the promotion period, the peak value often rushed to 180Mbps, and the usual baseline traffic was only about 50Mbps. A provider desperately trying to promote per-flow billing, saying that it can save 40% cost. As a result of a CC attack during a rush purchase activity, the day's traffic bill directly soared to 23,000 - the massive requests generated by the attack were all counted as valid traffic.
The biggest advantage of bandwidth billing is a manageable budget. Regardless of whether it's normal users or attackers coming, the monthly cost is locked at the upper limit. For projects with stable business and predictable traffic, this model can give you a full sense of security. But the downside is also obvious: low resource utilization is burning money for nothing.
Real-world testing has found that bandwidth billing is usually more cost-effective when business traffic reaches 60% or more of the bandwidth cap. If your traffic curve has been hovering at the low end for a long time, then you really need to consider a new way of thinking. In addition, note that some vendors of bandwidth billing there is a “95 peak” mechanism - according to the monthly peak bandwidth billing instead of a fixed value, this pit we will talk about.
Now look at traffic billing. This model is best suited for scenarios where traffic fluctuates a lot, such as sudden hotspots in new media, game version updates, and periods of promotional activity. The cost is extremely low when the traffic is usually low, so you don't have to worry about paying for idle resources. But never underestimate the killing power of sudden traffic, remember to always set a monthly consumption cap!
I usually advise customers to set up two lines of defense in the console: traffic warning thresholds and automatic service suspension mechanisms. Use CDN07's API to make an automation script that automatically switches to cleaning mode when there is a sudden increase in abnormal traffic:
Now let's talk about the vendors“ ”tricks". Some vendors' bandwidth billing may seem cheap, but they actually calculate 95th percentile bandwidth. This means that they sample the bandwidth every 5 minutes, remove the highest 51 TP3T peaks, and charge for the highest remaining value. Sound fair? When you're being attacked, that 5% peak could be exactly the attack traffic, resulting in both being attacked and paying for the attack.
Comparison of the mainstream vendors of the billing model, 08Host in this piece of work is more generous - triggered during the attack protection, cleaning traffic is not counted in the billing data. Some vendors say “free protection”, the actual cleaning traffic are counted in the bill, and when you find the bill has gone up.
What to choose? Look at these key indicators:
Traffic stability: If the business traffic curve is smooth like a heartbeat graph, bandwidth billing is more cost-effective. If it goes up and down like a roller coaster, traffic billing may be more appropriate
Security Requirement: Bandwidth billing is a better levee for businesses that face high frequency of DDoS attacks. Realize that attack traffic can be several orders of magnitude higher than normal business traffic
Cost control: traffic billing must be capped monthly! Many vendors don't turn this feature on by default and are waiting for you to blow up your bill!
Business type: video, downloads and other high-traffic services are more suitable for bandwidth billing, APIs, web pages and other small-traffic services can be considered for traffic billing
To give a reference data: among the projects we handled last year, the proportion of gaming customers choosing bandwidth billing amounted to 78%, while more tools SaaS customers (64%) chose traffic billing. E-commerce platforms are polarized - daily traffic billing and temporary upgrade to bandwidth billing during big promotions.
Hybrid billing is the real flavor of the plan. Nowadays, smart people play this way: basic traffic is billed as traffic, and at the same time, a bandwidth capping insurance is purchased. When the monthly traffic exceeds a certain threshold, it is automatically billed according to the bandwidth billing model.CDN5 and 08Host both provide this flexible program, but unfortunately many users do not even know that you can talk about it.
Finally dump a dry table to compare the core differences between the two models:
bandwidth billingBudget:Budget Controllability ⭐️⭐️⭐️⭐️⭐️|Surge Traffic Protection ⭐️⭐️⭐️⭐️⭐️|Cost Effectiveness ⭐️⭐️⭐️|Flexibility ⭐️⭐️
flow rate billingBudget:Budget Controllability ⭐️⭐️|Surge Traffic Protection ⭐️⭐️|Cost Effectiveness ⭐️⭐️⭐️⭐️|Flexibility ⭐️⭐️⭐️⭐️⭐️
If you're really stuck, I'll teach you an old-fashioned way: connect to two providers at the same time, one with bandwidth billing as the main line, and the other with traffic billing as a spare tire. Through the DNS to do intelligent resolution, usually the traffic to go to the main line, when the unexpected automatically downgraded to the standby line. Although connecting to one more vendor increases the complexity, this trouble is really nothing compared to being hammered by the sky-high bill at one time.
These days even the CDN have to “prevent teammates”, some providers of billing strategies than the attack traffic is even more terrible. I remember the last time I saw a forum post, a company was brushed 700TB of garbage traffic, according to the flow of billing directly owed downtime, business paralyzed for two days - this loss can be more expensive than the bandwidth charges.
Ultimately choosing is like buying insurance, you can't wait until something goes wrong to regret not buying the right one. Analyze your business traffic patterns well, do a stress test to simulate extreme scenarios, and see which billing method is better at keeping both your heart and wallet beating smoothly.
