I asked Cloudflare Support this and was told to post on community site.
I would like an elaboration on the Load Balancer pricing.
I use the proxied (orange cloud) for DNS. My website gets 60 million requests per month. How much would that cost in usage, given that I’m using proxied (orange cloud). Also, please provide the metric you calculated that with so I can apply that to other scenarios if I need to. i.e. 10 cents per million or whatever the rate is.
Also, I have to deal with DDoS attacks nearly every day. If my usage is increased significantly by a DDoS attack, am I able to make a ticket to request the removal of that bad traffic usage; as was possible with rate limiting usage?
Lastly, how many different IP addresses can I add into the Load Balancer before I need to pay for additional origins. This website https://support.cloudflare.com/hc/en-us/articles/115005254367-Billing-for-Cloudflare-Load-Balancing states “2 origins per Cloudflare account, 5 origins per pool”, which is quite confusing for me. So what is the number of different IP addresses I can have? 2? 5? 10?
My understanding from this would be that you’d get 500,000 requests included so you’d pay for 59,500,000 requests which would be $59.50 at 50 cents per 500,000.
DDoS attacks should hopefully be mitigated before the load balancer. I don’t think there is anything published saying that you can get refunded for DDoS with Load Balancing so we can’t say for sure.
An origin can essentially be considered to be one IP / Server. So just on the $5 plan you’d get two but could pay for additional origins as extra. A pool is like a group of origins, it can contain anywhere from one to five origins.
I don’t think so. It seems that the usage is greatly reduced when using proxied (Orange Cloud), as I am. From https://support.cloudflare.com/hc/en-us/articles/115005254367-Billing-for-Cloudflare-Load-Balancing, “You can reduce the number of authoritative DNS queries by configuring your Load Balancer as “proxied” (orange cloud) for your HTTP(S) services, which will set the external DNS TTL to 5 minutes, maintain failover performance equivalent with very short DNS TTLs.” However I don’t see any mention of how much the reduction is.
Alright, it seems like this is just an unspoken rule. I know they remove bad traffic spikes from Rate limiting and Workers, despite there being no mention of that in their docs. So the same likely goes for Load Balancer.
It’s not, I believe. I’m running sites with load balancing the same way and billable queries are approximately unique visitors x 10. Most visitors have very short sessions, so they’re certainly not getting 10 DNS queries each.
It feels like “queries” is some internal query that counts all requests that aren’t hitting the cache, so essentially page views x 1.1 for first requests to static files.
That’s how I understood it as well. At least for the sites I manage, in reality it’s closer to requests than DNS queries though. This holds over multiple sites on multiple accounts. It’s not much of a problem for me, because it’s still worth it ($10 instead of $1), but that’s my experience with it.
They don’t mention how much it will reduce your DNS queries by because it depends. The edge cache TTL is set to 5 minutes when orange clouded which means every user’s DNS queries will be cached for 5 minutes. Note that some browsers might make multiple DNS queries per visit (requesting A & AAAA record types for example). If you already have DNS on Cloudflare you can look at your DNS analytics to see how many DNS queries happen for your site, if not I would check with your current DNS provider to see if they have any analytics about how many queries happen. This will help you judge how much it would cost.
I looked at the DNS analytics and it seems I get 300 queries consistently per minute.
So, I did (300 queries per minute) * (1400 minutes in a day) = 432,000 queries per day
Then (432,000 queries per day) * (30 day Cloudflare billing window) = 12,960,000 queries per month
After that, (12,960,000 queries per month) / (500,000 query usage unit) = 25.92
And 25.92 * 0.5 usage price = (12.96 - 0.5 for the first 500k free queries) = $12.46 monthly usage
Does that sound right, $12.46 monthly usage to match the image of DNS analytics I sent above?
Also, what do you think about this? I find it odd that it says more origins per pool than per Cloudflare account. So, do you think the default subscription without paying for additional servers includes 2 servers or more?
This is… itdepends . DDoS traffic has a cost and CF isn’t obligated to refund it, however, they might, under some scenarios, lift the bill for you (or ask you to pay for it and refund the DDoS amount as account credits).
If attacks are a major concern for you, I’d step up the security before enabling any product that can potentially drain your budget.
Alright, thanks for the advice. I have firewall rules configured quite well which stops 90% of attacks. Occasionally I’ll have someone who’s very determined DDoS my site and match all the characteristics of a legitimate API request. In the past I’ve been given refunds for spikes in Rate Limiting traffic when I made a ticket. I’ve heard the same thing happening to Cloudflare Workers customers as well. It’s not written in the docs though if you ask it seems to mostly work. Not a huge problem even if not, since it happens so infrequently.