Overview
The RateLimit feature is used to control the number of requests sent to your service, ensuring that resources are distributed fairly among users. This mechanism prevents excessive load on services by enforcing configurable request limits.
Configuration Options
-
averageDefines the maximum allowed request rate (requests per second).
Default value: 5
-
burstSpecifies the maximum number of requests that can be processed in an arbitrarily small period of time before rate limiting is applied.
Default value: 10
Example Scenario
Consider the following configuration:
burst = 10You can make up to 10 requests instantly before being limited.average = 5After that, only 5 requests per second are allowed.
Request # |
Time (s) |
Allowed? |
Reason |
|---|---|---|---|
1 |
0.000 |
✅ Yes |
Bucket has space |
2 |
0.100 |
✅ Yes |
Burst capacity (9) still available |
3 |
0.200 |
✅ Yes |
Burst capacity (8) still available |
4 |
0.300 |
✅ Yes |
Burst capacity (7) still available |
5 |
0.400 |
✅ Yes |
Burst capacity (6) still available |
6 |
0.500 |
✅ Yes |
Burst capacity (5) still available |
7 |
0.600 |
✅ Yes |
Burst capacity (4) still available |
8 |
0.700 |
✅ Yes |
Burst capacity (3) still available |
9 |
0.800 |
✅ Yes |
Burst capacity (2) still available |
10 |
0.900 |
✅ Yes |
Burst capacity (1) still available |
11 |
1.000 |
❌ No |
Burst is exhausted, now limited to 5/sec |
12 |
1.100 |
✅ Yes |
New token added (average = 5/sec) |
13 |
1.200 |
✅ Yes |
New token added |
14 |
1.300 |
✅ Yes |
New token added |
15 |
1.400 |
✅ Yes |
New token added |
16 |
1.500 |
✅ Yes |
New token added |
17 |
1.600 |
❌ No |
Rate limit reached (5/sec) |
Outcome:
A burst of 10 requests is allowed instantly.
After that, the system enforces an average of 5 requests per second.
Other requests get 429 Too Many Requests.
Use Cases
API Protection: Prevents users from overwhelming the service.
Fair Usage Enforcement: Ensures users get a balanced share of service requests.
DDoS Mitigation: Helps limit excessive traffic spikes.
By configuring RateLimit properly, you can fine-tune your service to balance performance and protection.