In today's cloud-driven world, managing costs is a critical aspect of running an efficient and profitable business. One of the often overlooked yet significant components of cloud expenditure is egress costs—charges incurred when data is transferred out of the cloud provider's network to another location. Whether you're running a startup, managing a large enterprise, or handling personal projects, understanding and optimizing egress costs can lead to substantial savings.

In this blog let us understand what egress costs are, and how to best manage them.

A few basic concepts first

Ingress

In the context of cloud computing, ingress usually describes the data coming into the cloud from external sources. For instance, when you upload files to cloud storage or send data to a cloud-based application, that data transfer is considered ingress

Egress

In the context of cloud computing, egress typically describes the data exiting the cloud to an external destination, such as downloading files from cloud storage to a local device or sending data from a cloud-based application to users over the internet.

Virtual Private Network (VPC)

It is a virtual network dedicated to your cloud account. It is logically isolated from other virtual networks in the cloud. It provides you with a private, secure space to launch your cloud resources.

Your cloud account can have multiple VPCs and all are logically separate entities (i.e., entities within one VPC cannot interact with a different VPC unless you’ve done something special called VPC peering).

VPC peering

VPC peering is a networking connection between two VPCs that enables you to route traffic between them privately. Instances in either VPC can communicate with each other as if they are within the same network.

Where is the cost involved?

• Ingress is mostly free.
• Egress comes at a cost - which depends on source and destination of network traffic among other things. We’ll discuss this in detail below.
• This is done by design because cloud providers want you to get inside their system and don’t want you to exit it (talk about a vendor lock in).
  A company once decided to switch their storage bucket from GCP to Azure because they scored some sweet deal with Microsoft. But once they started to move data, they realized the egress cost they’d pay to Google while doing it was twice the amount they’d have saved after moving to Azure. So they couldn’t move it.

How is egress cost calculated?

• Within a cloud, usually there are regions. For example, in GCP there are regions like: us-west, us-east, asia-south, asia-east, etc.
• Each region has zones for availability: asia-south-a, asia-south-b are 2 zones in 1 region.
• Data transferred within a zone using internal IP address: $0
• Data transferred within a zone using external IP address: ~$0.01 / GB
• Data transferred across a zone within a region: ~$0.01 / GB
• Data transferred across regions is almost: ~$0.1 / GB (This changes based on source and destination regions. Refer to your cloud provider's documentation for exact figures.)
• The important thing here that people usually miss is that egress within a zone is only free if you are using internal IP addresses.

How to reduce egress cost?

Case 1: First machine is on AWS, second on Azure.

You’d have to pay full egress across cloud providers, doesn’t matter if same or different region.

Case 2: Within same cloud, both machines in different regions.

You’d have to pay full egress.

Case 3: Within same cloud, same region, different zones.

You’d have to pay partial egress (~$0.01 / GB) as mentioned above.

Case 4: Within same cloud, same region, same zone, same VPC.

Use the internal IP address of entities and you’d pay 0 egress. If you don’t want to use IP addresses you can configure a DNS mapping that maps to internal IP address of the machine.

Case 5: Within same cloud, same region, same zone, different VPC.

• Without VPC peering, you’d pay full egress cost ($0.1) as data is going to the wide internet.
• With VPC peering and using the internal IP address (or the hostname DNS mapped to internal IP address), you’d pay 0 egress fees.