Question
What to do if I receive a notification from Advanced Monitoring about critical bandwidth utilization:
Advanced Monitoring
[Alerting] Interface "eth0" throughput
The bandwidth utilization status is critical!
The current value is X.XX packets/sec.
Answer
The notification informs the Plesk administrator that the bandwidth utilization over one of the server network interfaces exceeds the threshold values configured in Advanced Monitoring > Settings > Thresholds >Â Network.
There are two possible situations for this to appear:
- The bandwidth load is expected but the threshold is set too low.
- The bandwidth load is unexpected and requires additional investigation.
How to investigate:
-
Get the bandwidth utilization threshold values for alerts at Advanced Monitoring > Settings > Thresholds > Network.
-
Estimate the current bandwidth utilization using utilities:
For Linux: lsof, iftop, netstat
For Windows: TaskManager, Resource Monitor, other 3rd-party solutions for analyzing the network traffic, for example, Wireshark.
-
Use the gathered data for further analysis:
-
If the bandwidth load is expected define the optimal values that are above average and are not considered to be critical. Adjust thresholds at Advanced Monitoring > Settings > Thresholds.
-
If the bandwidth load is expected but it causes server performance issues consider increasing the server network bandwidth, for example, if the server is virtual and the bandwidth is managed on a virtualization node side.
-
If the bandwidth load is unexpected perform your own investigation to find the cause of the high network traffic and bandwidth utilization. Refer to the open sources for suggestions. Check for articles with known issues and solutions in our Knowledge Base.
- Pay attention to the long network activity spikes.
- If there is unexpected incoming network traffic the server might be under some kind of attack.
- If there is unexpected outgoing network traffic the server might be the source of spam, it can be hacked or infected with a virus and used as a source for attacks on other servers.
- Use the build-in Windows Firewall (Win + R > firewall.cpl), the Linux iptables firewall utility, and Plesk extensions to control the traffic from/to particular IP addresses and subnets.
-