How does IFN measure usage on Burstable Internet service?

Burstable Internet is a method of measuring bandwidth based on peak utilization. It also allows usage to exceed a specified threshold for brief periods of time without the financial penalty of purchasing a higher access speed.

IFN uses a five minute sampling and 95% percentile method when calculating usage.

The 95th percentile is a widely used mathematical calculation to evaluate sustained utilization of a network connection. Bandwidth is measured (or sampled) from the switch or router and recorded in a log file. This is done every 5 minutes. At the end of the month, the samples are sorted from highest to lowest, and the top 5% (which equal to approximately 36 hours of a 30-day billing cycle) of data is thrown away. The next highest measurement becomes the billable utilization for the month.


The sampling interval, or how often samples are taken, is an important  factor in percentile calculation. A percentile is calculated on a set of data points. Every data point represents the average bandwidth used during the sampling interval (e.g., five minutes) and is calculated as the number of bits transferred throughout the interval divided by the duration of the interval (e.g., 300 seconds). The resulting value represents the average utilization rate for a single sampling interval and is expressed as bits per second.

How does IFN work with or support BGP Communities?

BGP Communities are a way for a customer to “Tag an IP Prefix” with a certain value that IFN’s Internet routers will then act upon.  The following is a list of the BGP communities that our BGP customers may use.  From a syntax stand-point, IFN does not provide any example configurations.  Depending on the customer router being deployed, syntax will vary.

IFN BGP Communities

IFN has in place a mechanism that will allow BGP customers to stop DDOS traffic from entering their network through an IP “black hole” process.   The requirements for turning on black-hole filtering are as follows:

  1. You must know the target address of the DDOS attack.  In other words, you need the IP address on your network that is the target of the attack.
  2. You may only black-hole an /32 host prefix.  This is to protect the customer from inadvertently black-holing a large part of their network.  The IFN will ignore any black-hole requests for prefixes smaller than /32s.
  3. The /32 prefix must be sent to IFN with the BGP Community of 32703:60000.
  4. Once  this community is sent, traffic for the /32 will immediately be dropped on the IFN core network.
  5. To withdrawal the black-hole request you simply remove the 32703:60000 community attribute from the prefix.

Other Communities of interest:

Community Description
32703:30001 Prepend IFN’s AS (32703) to all upstream peers ONE time.
32703:30002 Prepend IFN’s AS (32703) to all upstream peers TWO times.
32703:30003 Prepend IFN’s AS (32703) to all upstream peers THREE times.
32703:30101 Prepend IFN’s AS (32703) to Level3 ONE time.
32703:30102 Prepend IFN’s AS (32703) to Level3 TWO times.
32703:30103 Prepend IFN’s AS (32703) to Level3 THREE times.
32703:30201 Prepend IFN’s AS (32703) to Cogent ONE time.
32703:30202 Prepend IFN’s AS (32703) to Cogent TWO times.
32703:30203 Prepend IFN’s AS (32703) to Cogent THREE times.
32703:20000 Do not advertise prefixes to ANY peers
32703:20003 Do not advertise  prefix to Cogent
32703:20002 Do no advertise  prefix to Level3

You may advertise any of your prefixes as long as they are a /24 or smaller.