I rent dedicated server from company and I noticed it is using too much download bandwidth constantly on nginx process even with low traffic on non peak hours. I checked with tcpdump and I saw those
05:59:41.415892 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.415901 IP x.x.x.x.49842 > 224.24.1.7.search-agent: UDP, length 940
05:59:41.415938 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.416131 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.416257 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.416481 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.416498 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.416536 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.416651 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.416751 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.416770 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.416940 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.416957 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.417134 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417183 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.417247 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417349 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 1472
05:59:41.417364 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417493 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417511 IP z.z.z.z.54220 > 233.1.1.17.search-agent: UDP, length 1472
05:59:41.417553 IP z.z.z.z.63019 > 233.1.1.15.search-agent: UDP, length 1472
05:59:41.417580 IP x.x.x.x.65524 > 224.1.1.14.search-agent: UDP, length 416
05:59:41.417602 IP z.z.z.z.54220 > 233.1.1.17.search-agent: UDP, length 1472
05:59:41.417624 IP z.z.z.z.54216 > 233.1.1.18.search-agent: UDP, length 1128
05:59:41.417632 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417701 IP z.z.z.z.63516 > 233.1.1.20.search-agent: UDP, length 1472
05:59:41.417745 IP z.z.z.z.54220 > 233.1.1.17.search-agent: UDP, length 1472
05:59:41.417764 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417779 IP z.z.z.z.63516 > 233.1.1.20.search-agent: UDP, length 408
05:59:41.417806 IP z.z.z.z.54220 > 233.1.1.17.search-agent: UDP, length 472
05:59:41.417829 IP z.z.z.z.54218 > 233.1.1.14.search-agent: UDP, length 1472
05:59:41.417876 IP z.z.z.z.63019 > 233.1.1.15.search-agent: UDP, length 1472
05:59:41.417889 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.417924 IP z.z.z.z.63516 > 233.1.1.20.search-agent: UDP, length 1472
05:59:41.417940 IP z.z.z.z.63019 > 233.1.1.15.search-agent: UDP, length 1472
05:59:41.417980 IP z.z.z.z.54218 > 233.1.1.14.search-agent: UDP, length 596
05:59:41.417985 IP z.z.z.z.63516 > 233.1.1.20.search-agent: UDP, length 1160
05:59:41.418008 IP z.z.z.z.63019 > 233.1.1.15.search-agent: UDP, length 1472
05:59:41.418099 IP z.z.z.z.63019 > 233.1.1.15.search-agent: UDP, length 692
05:59:41.418100 IP x.x.x.x.53999 > 224.24.1.4.search-agent: UDP, length 1472
05:59:41.418152 IP z.z.z.z.54218 > 233.1.1.14.search-agent: UDP, length 1472
Above x.x.x.x, z.z.z.z IP is also not my server IPV4 but it is other ip from the service provider subnet.
EDIT:
And this is my ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet f.f.f.f netmask 255.255.255.0 broadcast f.f.f.255
ether 2c:44:fd:7f:fe:e0 txqueuelen 1000 (Ethernet)
RX packets 6513838035 bytes 8249745134653 (7.5 TiB)
RX errors 0 dropped 965 overruns 0 frame 0
TX packets 860626046 bytes 934970894599 (870.7 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 38
eth1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 2c:44:fd:7f:fe:e1 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 39
eth2: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 2c:44:fd:7f:fe:e2 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 38
eth3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 2c:44:fd:7f:fe:e3 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 39
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 35765450 bytes 98858211782 (92.0 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 35765450 bytes 98858211782 (92.0 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Is this a misconfiguration by the server provider or can I fix this by myself?