Arjun Mehta
Dedicated Server SpecialistArjun Mehta is a cloud infrastructure consultant specializing in bare-metal architectures, network routing, and high-traffic database clustering.
When you lease a dedicated server, the monthly fee you agree to almost always includes a specific bandwidth allowance — measured in terabytes of data transfer or in megabits per second of committed throughput — and exceeding that allowance triggers a dedicated server bandwidth overage charge that can transform an otherwise predictable hosting budget into a line item that fluctuates by hundreds or even thousands of dollars per month. Unlike shared hosting plans that impose hard caps (your site slows down or becomes unreachable once you exhaust your allocation), or cloud platforms that bill per gigabyte with granular precision, dedicated server overage operates on a fundamentally different measurement philosophy — one rooted in network engineering practices developed for carrier and colocation billing decades ago. Understanding how overage is calculated, when it kicks in, and what rates apply is not a niche concern for network engineers; it is a prerequisite for anyone signing a dedicated server contract who wants to avoid the invoice shock that arrives thirty days after a traffic spike has already subsided.
The core mechanism behind most dedicated server bandwidth overage billing is the 95th percentile measurement model, a statistical sampling method that does not simply count total gigabytes transferred and multiply by a per-GB rate — though some providers do use that simpler total-transfer model — but instead measures your port's throughput at regular intervals, discards the highest 5% of those measurements, and determines your billable usage from the remaining peak. The model is designed to accommodate short traffic bursts without penalising you for them, but it introduces a complexity that catches first-time dedicated server buyers off guard: your invoice is determined not by how much data you transfer in aggregate but by the sustained throughput level your server maintains for at least 5% of the billing period. Two servers that transfer identical total volumes of data across a month can produce radically different overage invoices depending on whether their traffic is smooth or spiky. Before signing any dedicated server contract, understanding this measurement methodology — and the distinction between burst capacity and committed rates — is as fundamental as understanding the CPU core count or RAM allocation, because bandwidth overage is frequently the largest variable cost component in a dedicated hosting budget. For readers new to dedicated infrastructure who want to understand the full cost picture before evaluating bandwidth specifics, our dedicated server guide provides the hardware and pricing fundamentals that contextualise bandwidth as one dimension of total cost of ownership.
The 95th percentile billing model is the dominant measurement methodology for dedicated server bandwidth overage across the hosting industry, and understanding precisely how it works eliminates the single largest source of billing confusion that dedicated server customers encounter. Under this model, the provider's network infrastructure — typically the switch port your server connects to — samples your server's bandwidth utilisation at regular intervals, conventionally every five minutes, across the entire billing month. Each sample records the number of bits per second passing through the port at that moment, producing approximately 8,640 samples in a 30-day month (12 samples per hour × 24 hours × 30 days). At the end of the billing period, the provider sorts all samples from highest to lowest, discards the top 5% — roughly the highest 432 samples — and identifies the billable utilisation as the value of the highest remaining sample, which is the 95th percentile.
The practical effect of discarding the top 5% of samples is significant: it means that for approximately 36 hours of a 30-day billing month (5% of 720 hours), your server can burst to any throughput level — saturating the port entirely, if your application demands it — without increasing your billable bandwidth at all. These 36 hours of "free bursts" are what make 95th percentile billing attractive for workloads with intermittent traffic spikes: a product launch that drives heavy traffic for two days, a scheduled database replication that runs at full line rate for a weekend, or a DDoS attack that saturates your port for several hours. None of these events, individually, will change your 95th percentile measure as long as the total burst duration stays below 36 hours. However, if your sustained traffic level rises — not just spikes, but remains elevated — the 95th percentile will rise accordingly, and your bill increases. This is the critical distinction that many customers miss: 95th percentile billing protects against spikes, not against sustained growth. If your baseline traffic doubles because your user base doubled, your 95th percentile will double too, and the overage invoice will reflect that permanently higher usage level. Knowing how to estimate your resource requirements accurately before committing to infrastructure is essential; our resource calculation guide walks through the methodology for translating traffic projections into bandwidth, CPU, and memory requirements so your initial commit matches your actual needs.
The five-minute sampling interval used by most providers is not arbitrary — it is a pragmatic balance between measurement granularity and data storage practicality inherited from the Simple Network Management Protocol (SNMP) polling conventions established in the 1990s. A shorter interval, such as one-minute sampling, would capture burst behaviour more accurately but would generate five times the data volume and increase the likelihood that short microbursts — which may not reflect genuine sustained utilisation — inflate the 95th percentile measure. A longer interval, such as fifteen-minute sampling, would smooth out genuine traffic patterns and make it harder to distinguish between short bursts and sustained increases. The five-minute convention also aligns with the SNMP polling intervals used by most network monitoring platforms (MRTG, Cacti, Observium, LibreNMS), meaning the provider's internal monitoring likely produces the same data that feeds your bill.
What matters most to the customer is not the sampling interval itself but whether the provider counts inbound and outbound traffic separately or aggregates them, and which direction's higher value determines the billable rate. The most common approach — and the one that minimises billing surprises — is to measure outbound (egress) traffic only, because that is the direction that consumes the provider's transit and peering capacity. Some providers measure the higher of inbound or outbound at each sampling interval, which protects the provider against customers who run inbound-heavy workloads (backup ingestion, file upload platforms) but can produce higher bills for workloads that were assumed to be asymmetric. Even fewer providers bill on the sum of inbound and outbound, a methodology that essentially doubles the billable throughput and should be treated as a significant cost premium when comparing providers. Before signing a contract, confirm in writing which direction or combination of directions the 95th percentile measurement is applied to, and model your projected costs under each scenario to understand the sensitivity of your bill to this often-overlooked detail.
The 5% discard rule is the 95th percentile model's defining feature and its most misunderstood aspect. The rule exists because network traffic is inherently bursty — TCP congestion control algorithms (CUBIC, BBR) continuously probe for available bandwidth, application workloads generate data in bursts (a page render, a file download, a database query result), and external events like DDoS attacks or flash crowds create brief, extreme utilisation spikes that do not represent the server's sustained capacity demand. If a provider billed on the absolute peak (the 100th percentile), every customer would pay for the highest single five-minute window of the month — a number heavily influenced by one-off events and not reflective of the infrastructure capacity the provider needed to provision. The 5% discard acknowledges that network capacity planning should be based on sustained demand patterns, not on maximum observed spikes.
However, the 5% threshold is a convention, not a law of physics, and the specific percentage matters. A provider that uses a 90th percentile model (discarding the top 10%) gives you 72 hours of free bursts per month but measures your billable rate at a lower threshold — which can produce a lower bill if your traffic is smooth, or a higher bill if your bursts are frequent and sustained. Conversely, a 98th percentile model discards only the top 2% (approximately 14.4 hours of bursts), which produces a billable rate closer to your absolute peak and results in higher bills for spiky workloads. The 95th percentile has become the industry standard because it strikes a balance that most customers and providers consider fair, but nothing prevents a provider from offering a different percentile — and the difference between 90th and 98th percentile billing can be substantial for workloads with irregular traffic. This is a negotiable term in larger contracts, and if your workload has specific burst characteristics, requesting a custom percentile threshold or a total-transfer-based model alternative is worth the conversation.
Most dedicated server bandwidth agreements are structured as a two-tier system: a committed rate that you pay a fixed monthly fee for, and a burst rate that you pay only for utilisation above the commit. The committed rate — often called the Committed Information Rate or CIR — is the throughput level the provider guarantees you can sustain 24/7 without throttling, deprioritisation, or overage charges. If your contract includes a 200 Mbps commit on a 1 Gbps port, you pay a fixed monthly price for the first 200 Mbps of 95th percentile utilisation, and the provider's network is engineered to deliver that 200 Mbps continuously without complaint. The burst tier — everything above the commit up to the physical port speed — is available to you but metered, typically at a per-Mbps rate that is higher than the per-Mbps rate embedded in your commit pricing. This two-tier structure is the economic foundation of dedicated server bandwidth overage billing, and the spread between the committed rate and the burst rate is where providers earn their margin on bandwidth.
The committed rate is the bandwidth you have contractually purchased, and the provider must provision sufficient upstream transit and peering capacity to deliver it regardless of what other customers on the same network infrastructure are doing. If you have a 500 Mbps commit on a 1 Gbps port and a neighbouring server in the same rack saturates a 10 Gbps port, your 500 Mbps must remain unaffected — the provider's network architecture, oversubscription ratios, and Quality of Service (QoS) policies must ensure that your committed bandwidth is isolated from other customers' traffic. This guarantee is what distinguishes a genuine committed rate from a "burstable up to" marketing claim, and it is worth paying for if your workload requires predictable, consistent network performance.
Selecting the right commit level is a forecasting exercise that rewards accuracy. Set the commit too low, and you will pay overage rates on a large fraction of your actual usage — potentially spending more than if you had purchased a higher commit at a lower per-Mbps rate. Set the commit too high, and you will pay for capacity you never use, wasting budget that could have been allocated to faster storage or additional RAM. The optimal commit is typically your 95th percentile throughput from a representative traffic period — ideally three to six months of historical data covering both normal operations and your peak business season — plus a 20% to 30% safety margin to accommodate growth and unexpected traffic. If historical data is not available because you are migrating from a platform that does not expose per-port throughput statistics, estimate conservatively and negotiate a contract that allows you to adjust the commit after the first quarter of operation once you have real usage data. Our cloud hosting comparison explains how bandwidth provisioning differs between dedicated and cloud environments, which is useful context for teams evaluating whether a committed-rate model or a pure pay-as-you-go cloud model better fits their traffic patterns and budget tolerance.
Burst overage rates — the per-Mbps price you pay for utilisation above your commit — vary dramatically across providers, from approximately $1 to $3 per Mbps at budget providers to $5 to $15+ per Mbps at premium providers in high-cost data centre locations. To translate these rates into dollars you can budget for, you need to convert your 95th percentile measurement into billable Mbps above commit. If your 95th percentile measurement is 350 Mbps and your commit is 200 Mbps, you have 150 Mbps of overage. At a burst rate of $3 per Mbps, your bandwidth overage for the month is $450 — added on top of your base server rental fee. At $10 per Mbps, that same overage would be $1,500. The spread between commit pricing and burst pricing is typically a factor of 1.5× to 3× — meaning if your commit effectively costs you $1.50 per Mbps (a 200 Mbps commit priced at $300 per month), the burst rate might be $3 to $4.50 per Mbps. This premium is how providers price the flexibility of burst capacity: you pay less per Mbps for capacity you commit to in advance, and more per Mbps for capacity you consume on demand.
The burst rate's impact on your total cost depends heavily on your traffic pattern. A workload with a steady 300 Mbps baseline and a 200 Mbps commit pays overage on 100 Mbps every single month — an additional $300 to $1,500 monthly depending on the burst rate. A workload that averages 150 Mbps but spikes to 800 Mbps for a few hours each week may never trigger overage at all, because the spikes fall within the 5% discard window and the 95th percentile remains below the commit. This is why two businesses with identical total monthly data transfer volumes can receive dramatically different overage invoices: the first business has sustained high utilisation, the second has brief bursts. Before selecting a commit level, characterise your traffic not just by total volume but by the sustained throughput level that your application maintains across hours, not seconds. If your traffic is smooth and predictable, a higher commit at a lower per-Mbps rate will minimise your total cost. If your traffic is spiky and infrequent, a lower commit with burst overage — accepting occasional overage charges during unusual months — may be cheaper over the course of a year. The trade-off is identical to the insurance-versus-self-insurance decision in risk management, and the correct answer depends on the specifics of your traffic pattern, not on a generic rule of thumb.
Beyond the 95th percentile model, the dedicated server market offers several alternative bandwidth pricing structures, each with its own risk profile and suitability for different workload characteristics. The total-transfer model — where you are allocated a fixed number of terabytes per month and pay overage per gigabyte beyond that allocation — is simpler to understand and predict but offers no burst protection: a DDoS attack or a viral traffic surge that transfers terabytes of data in a single day will generate overage charges immediately, with no 5% discard window to absorb the spike. This model is common among budget and mid-range providers, especially those offering unmetered ports with a "fair use" transfer cap buried in the terms of service, and it disproportionately penalises workloads with high peak-to-average traffic ratios. The predictable alternative is an unmetered port — a flat monthly fee for a port with no metering or overage regardless of utilisation — which eliminates billing uncertainty entirely but commands a substantial price premium, typically $200 to $500 per month for 1 Gbps and $1,000 to $3,000+ for 10 Gbps, reflecting the provider's cost of provisioning transit capacity for a customer who may use it continuously.
Between these extremes lies a spectrum of hybrid models. Some providers offer a 95th percentile commit with a "burstable cap" — an absolute upper limit on billable overage, beyond which you are not charged regardless of utilisation. This functions as an insurance policy: your maximum monthly bandwidth cost is known in advance (commit fee plus the capped overage amount), while your actual bill may be lower if utilisation stays within the commit. Other providers offer pooled bandwidth across multiple servers — if you lease five servers each with a 200 Mbps commit, your total commit is 1 Gbps (1,000 Mbps), and overage is calculated on the aggregate 95th percentile across all ports rather than per-server. Pooled bandwidth is particularly advantageous for load-balanced architectures where traffic distributes unevenly across servers; a single server that runs hot does not trigger overage as long as the pool's aggregate 95th percentile stays within the total commit. Still other providers offer a sliding-scale overage rate that decreases as your total utilisation increases — the first 100 Mbps of overage at $5 per Mbps, the next 200 Mbps at $3 per Mbps, and so on — which benefits high-bandwidth workloads by reducing the marginal cost of additional throughput. Each of these models is a negotiation tool as much as a pricing structure, and understanding the menu of options before you sit down with a provider's sales team gives you the leverage to select the model that best matches your workload's mathematical profile rather than accepting the provider's default. For a broader view of how dedicated server costs compare with cloud alternatives across all dimensions — not just bandwidth — our cloud hosting overview maps the pricing philosophies of both models against typical business use cases.
An increasingly relevant model in 2026 is the committed data transfer tier with a fixed overage rate, popularised by providers who have adopted cloud-style bandwidth pricing on dedicated hardware. Under this model, you pay a base monthly fee that includes, for example, 20 TB of outbound transfer, and any transfer beyond 20 TB is charged at a flat rate of $0.01 to $0.05 per GB — a model that feels familiar to teams migrating from AWS or Azure. The advantage is simplicity and predictability for workloads where total transfer volume is the binding constraint, not peak throughput. The disadvantage is the absence of burst protection: a single large-file distribution event that transfers 5 TB in a day will consume 25% of your monthly allowance instantly, and if that pattern repeats, your overage will accumulate linearly with no statistical smoothing. For workloads where large file transfers are infrequent but individually massive — software distribution, media asset delivery, dataset publishing — the total-transfer model with a high included allowance may be cheaper than a 95th percentile commit, precisely because the 95th percentile model would measure the sustained throughput during those large transfers and bill you for a higher percentile than your normal baseline reflects. The correct model depends on your workload's specific characteristics, and no single model is uniformly cheaper — only uniformly better understood.
Avoiding dedicated server bandwidth overage surprises requires a combination of pre-contract due diligence, real-time monitoring, and architectural decisions that reduce your exposure to burst-driven billing spikes. The most expensive overage invoices almost always result from one of three scenarios: the customer did not know their traffic pattern before signing the contract and chose a commit that was unrealistically low; the customer experienced a sustained traffic increase — not a spike but a permanent upward shift — and did not adjust their commit to match the new baseline; or the customer's architecture generated internal traffic (database replication, backup transfers, log aggregation) that they did not realise was counting against their bandwidth allowance. Each of these scenarios is preventable with the right combination of monitoring, alerting, and network architecture design.
You cannot manage what you do not measure, and bandwidth overage is no exception. The single highest-impact action you can take to avoid overage surprises is to deploy bandwidth monitoring that gives you daily visibility into your 95th percentile trajectory — not just your total transfer volume, not just your real-time throughput, but specifically the metric that will determine your invoice. Tools like vnstat provide historical interface statistics with hourly, daily, and monthly aggregations; iftop and nload provide real-time visibility; and monitoring platforms like Netdata, Prometheus with node_exporter, and Datadog can graph your 95th percentile over time and alert you when the projected month-end value approaches your commit threshold. The key is to monitor the same metric the provider uses — if the provider bills on outbound 95th percentile every five minutes, your monitoring should replicate that methodology as closely as possible so there are no discrepancies between what your dashboard shows and what the invoice states.
Configure at least two tiers of alerts: a warning alert when your projected 95th percentile reaches 80% of your commit, giving you time to investigate and throttle non-essential traffic, and a critical alert at 95% of your commit, triggering immediate action. The warning alert should arrive early enough in the billing cycle that you can adjust behaviour — reducing backup frequency, deferring large data transfers, or spinning up a CDN — before the month-end measurement is locked in. Additionally, request from your provider either a bandwidth utilisation portal or a periodic (weekly) usage report that shows your 95th percentile trend against your commit. Providers with modern infrastructure should be able to provide this; those that cannot may be operating on infrastructure where they themselves do not know your utilisation until the invoice is generated — a red flag that makes your own monitoring not just useful but essential.
Beyond monitoring, architectural decisions can substantially reduce your exposure to bandwidth overage. The most effective single technique is offloading cacheable egress to a Content Delivery Network (CDN). If your server serves static assets — images, CSS, JavaScript, video files, downloadables — pushing those assets through a CDN can reduce origin server egress by 80% to 99%, depending on cache hit rates and content churn. Even dynamic content that varies per user can be partially cached at the edge through techniques like edge-side includes (ESI) or by caching API responses that are shared across users. Many CDNs offer generous free tiers or flat-rate pricing that is substantially cheaper than dedicated server overage rates, making CDN offloading a net cost reduction as well as a bandwidth management strategy. For technical context on how CDN edge caching interacts with origin infrastructure, Cloudflare's cloud infrastructure overview explains the architectural relationship between origin servers and edge networks and how caching policies determine the fraction of traffic that reaches your server.
For traffic that must reach your origin server — dynamic page generation, authenticated API calls, database queries — traffic shaping can smooth the throughput curve and reduce your 95th percentile. If your application generates large, non-urgent data transfers — nightly backups to off-site storage, log file rotation and archival, analytics data export — schedule these operations during off-peak hours and rate-limit them so they consume a controlled, predictable amount of bandwidth rather than saturating the port. A backup job that transfers 500 GB over a 1 Gbps port will complete in roughly 70 minutes but will register as a 940 Mbps sample for every five-minute interval during that window, potentially becoming the sample that determines your 95th percentile for the entire month. Rate-limiting that same backup to 200 Mbps extends the transfer time to approximately 5.5 hours but dramatically reduces the likelihood that the backup window dominates your 95th percentile calculation — and if the backup runs during off-peak hours when user traffic is minimal, the total throughput during that window may still remain below your commit. The principle is to be intentional about when and how fast your server transmits data, rather than allowing every process to consume as much bandwidth as the port permits.
For organisations running AI workloads on dedicated infrastructure — model training data ingestion, inference serving, gradient synchronisation across distributed training nodes — bandwidth consumption patterns are fundamentally different from conventional web hosting and require specialised planning. AI workloads can sustain near-line-rate throughput for hours or days, making the 5% burst window irrelevant (the sustained throughput is the 95th percentile) and driving the commit requirement substantially higher than what comparable web hosting traffic volumes would suggest. Our AI hosting guide explains the bandwidth, compute, and storage requirements that differentiate AI infrastructure from traditional hosting, including the networking demands of distributed training and high-throughput inference serving that make bandwidth planning a first-order design constraint rather than an afterthought.
The bandwidth terms in a dedicated server contract are more negotiable than many buyers realise, and the items worth negotiating directly affect your exposure to dedicated server bandwidth overage costs. The first and most impactful negotiation point is the commit adjustment clause — a provision that allows you to increase your commit mid-contract without resetting the contract term and without paying a penalty. As your traffic grows, your bandwidth needs will grow with it, and being locked into a commit that was sized for your launch-day traffic means paying overage rates on an ever-increasing fraction of your actual usage. A fair commit adjustment clause allows you to upgrade your commit with, for example, 30 days of notice, with the new commit price applied prospectively to the remaining contract term. Some providers will also allow downward commit adjustments — reducing your commit if your traffic declines — though this is rarer and typically comes with restrictions, such as a floor below which the commit cannot be reduced or a limit on the frequency of adjustments.
The second negotiation point is the overage notification policy. Many providers will not notify you when you are approaching or exceeding your commit; the first indication is the invoice itself, which arrives after the overage has already occurred and cannot be reversed. Negotiate for a contractual commitment that the provider will alert you — via email, portal notification, or API webhook — when your projected 95th percentile utilisation exceeds a defined percentage of your commit, such as 80%. Some larger providers offer this as a standard feature of their customer portal; smaller providers may resist because it requires engineering effort to implement. If the provider cannot offer automated alerts, negotiate for a weekly manual report during the billing cycle, and supplement it with your own monitoring as described above. The goal is to eliminate the "surprise" component of overage billing — even if overage charges are sometimes unavoidable, they should never be unexpected.
The third negotiation point is the overage rate cap and the burst rate schedule. If the contract specifies a burst overage rate of, for example, $5 per Mbps with no upper limit, a sustained traffic surge can produce an overage invoice that exceeds your base server rental by a factor of five or ten. Negotiate for a monthly overage cap — a maximum total bandwidth charge (commit plus overage) that functions as a ceiling on your bandwidth exposure. This cap should be set high enough that the provider is comfortable with the risk — perhaps 2× or 3× the commit fee — but low enough that a worst-case scenario does not bankrupt your hosting budget. In exchange for the cap, you may need to accept a slightly higher burst rate or a slightly higher commit level, but the predictability gained is typically worth the modest premium. Additionally, negotiate the metering methodology itself: confirm whether inbound traffic is counted or excluded, whether traffic between your own servers within the same data centre (private VLAN traffic) is metered or exempt, and whether the provider will furnish the raw sampling data behind your 95th percentile calculation so you can independently verify the invoice. A provider that refuses to share the measurement data behind the charges they are asking you to pay is one whose bandwidth billing you should treat as an opaque cost rather than a managed expense.
Most providers use the 95th percentile model: your port throughput is sampled every five minutes across the billing month, the top 5% of samples (roughly 36 hours of peak utilisation) are discarded, and your billable utilisation is the highest remaining sample. Overage is the difference between this 95th percentile value and your committed bandwidth rate, multiplied by the per-Mbps burst rate specified in your contract. Some providers use total-transfer billing (overages charged per GB beyond an included TB allowance), which is simpler but offers no burst protection.
Because 95th percentile billing is based on sustained throughput, not total transfer volume. Server A that transfers 30 TB by running at a steady 100 Mbps all month will have a 95th percentile of roughly 100 Mbps. Server B that transfers 30 TB by running at 10 Mbps most of the month but bursting to 900 Mbps for 40 hours will have a 95th percentile near 900 Mbps — roughly nine times higher than Server A — despite transferring identical total data. The billing model penalises sustained high throughput, not total volume.
Yes, an unmetered port eliminates all overage charges in exchange for a significantly higher fixed monthly fee — typically $200 to $500 for 1 Gbps and $1,000 to $3,000+ for 10 Gbps. This is cost-effective if your sustained throughput is high enough that overage charges at burst rates would exceed the unmetered port premium. For workloads with moderate or spiky traffic, a committed rate with occasional overage is usually cheaper. Calculate your expected 95th percentile, multiply by the burst rate, and compare the total against the unmetered price to determine which model is cheaper for your specific workload.
It depends entirely on the provider's metering policy, and this is one of the most important details to clarify before signing. Some providers exempt private VLAN traffic between your own servers from bandwidth metering; others count all traffic crossing the switch port, including server-to-server replication, backup, and database synchronisation traffic. If your architecture involves multiple servers that communicate heavily with each other, unmetered private traffic can save hundreds of dollars per month in avoided overage charges and should be a priority negotiation point.
Command-line tools like vnstat provide historical interface statistics with hourly, daily, and monthly aggregations. Netdata offers a web dashboard with real-time and historical bandwidth graphs including 95th percentile calculations. Prometheus with the node_exporter can collect interface counters and feed them into Grafana dashboards that compute and display your 95th percentile trajectory against your commit threshold over any time window. For teams that prefer SaaS monitoring, Datadog and New Relic include network throughput metrics with configurable percentile calculations and alerting. The critical feature is the ability to compare your projected month-end 95th percentile against your contractual commit, not just to see real-time throughput.
Arjun Mehta is a cloud infrastructure consultant specializing in bare-metal architectures, network routing, and high-traffic database clustering.







