CODEWITHSUNDEEP
network-programminggoogle-cloud-platform
Robin Verlangen
Robin Verlangen

Reputation: 41

How does Google cloud compute the egress vs ingress traffic?

Consider doing a cURL request from an instance in Google to google.com (for sake of the question consider this to be "outside of Google" on the internet), what part of this is ingress and what part is egress?

Is it correct to say that the egress is the request headers (<200 bytes) and the ingress is the response (~ 12KB) ? 

$ curl -s -vvv https://www.google.com/ | wc 
* About to connect() to www.google.com port 443 (#0)
*   Trying 74.125.206.105... connected
* Connected to www.google.com (74.125.206.105) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*   subject: CN=www.google.com,O=Google Inc,L=Mountain View,ST=California,C=US
*   start date: Sep 13 17:20:01 2017 GMT
*   expire date: Dec 06 17:10:00 2017 GMT
*   common name: www.google.com
*   issuer: CN=Google Internet Authority G2,O=Google Inc,C=US
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: www.google.com
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: Tue, 26 Sep 2017 09:47:57 GMT
< Expires: -1
< Cache-Control: private, max-age=0
< Content-Type: text/html; charset=ISO-8859-1
< P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info."
< Server: gws
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Set-Cookie: NID=113=ITmvqo09PzgCHeccVSmo52IKmjA6qTqn-0rts6_KYoZl_xqF7zmOpTC3Gsn0SbpyR6QCYPAPp14NYbvNWq1y6aY6Qwpjvxqf0DGG5h2wrgKXEu4zU4pDtjmUeWRRbaok; expires=Wed, 28-Mar-2018 09:47:57 GMT; path=/; domain=.google.com; HttpOnly
< Accept-Ranges: none
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< 
{ [data not shown]
* Connection #0 to host www.google.com left intact
* Closing connection #0
      6     350   12868

Or does this work differently and is the entire request (headers + response) counted on your billing since it's "initiated" from the internal towards external?

Upvotes: 4

Views: 1932

Answers (1)

David
David

Reputation: 9721

You are basically correct that the Request is egress and the Response is ingress.

Ingress/Egress is defined and measured at the IP level. This means it's just counting the size of packets that leave your VM to give the egress volume. It doesn't know anything about HTTP - it doesn't even know that the response packets are part of the same connection as the request - it's just adding up packet sizes.

This does mean there is one slight complication: TCP uses "acknowledgement" packets to communicate that packets arrived correctly. Outbound acknowledgements - which are in response to ingress data - still count towards the billing. This means a very large response will still generate some billed egress traffic from the acknowledgement packets, however this is typically a small fraction of the response itself.

Upvotes: 3

Related Questions