Local Rate Limit Filter (proto)

This extension has the qualified name envoy.filters.listener.local_ratelimit

Note

This extension is intended to be robust against untrusted downstream traffic. It assumes that the upstream is trusted.

Tip

This extension extends and can be used with the following extension category:

• envoy.filters.listener

This extension must be configured with one of the following type URLs:

• type.googleapis.com/envoy.extensions.filters.listener.local_ratelimit.v3.LocalRateLimit

Local rate limit configuration overview.

extensions.filters.listener.local_ratelimit.v3.LocalRateLimit

[extensions.filters.listener.local_ratelimit.v3.LocalRateLimit proto]

{
  "stat_prefix": ...,
  "token_bucket": {...},
  "runtime_enabled": {...}
}

stat_prefix

(string, REQUIRED) The prefix to use when emitting statistics.

token_bucket

(type.v3.TokenBucket, REQUIRED) The token bucket configuration to use for rate limiting all incoming sockets. If the token is available, the socket will be allowed. If no tokens are available, the socket will be immediately closed.

Note

In the current implementation the token bucket’s fill_interval must be >= 50ms to avoid too aggressive refills.

runtime_enabled

(config.core.v3.RuntimeFeatureFlag) Runtime flag that controls whether the filter is enabled or not. If not specified, defaults to enabled.