Local Rate limit

This extension may be referenced by the qualified name envoy.filters.http.local_ratelimit


This extension has an unknown security posture and should only be used in deployments where both the downstream and upstream are trusted.


This extension extends and can be used with the following extension category:

Local Rate limit configuration overview.


[extensions.filters.http.local_ratelimit.v3.LocalRateLimit proto]

  "stat_prefix": "...",
  "status": "{...}",
  "token_bucket": "{...}",
  "filter_enabled": "{...}",
  "filter_enforced": "{...}",
  "response_headers_to_add": [],
  "descriptors": [],
  "stage": "..."

(string, REQUIRED) The human readable prefix to use when emitting stats.


(type.v3.HttpStatus) This field allows for a custom HTTP response status code to the downstream client when the request has been rate limited. Defaults to 429 (TooManyRequests).


If this is set to < 400, 429 will be used instead.


(type.v3.TokenBucket) The token bucket configuration to use for rate limiting requests that are processed by this filter. Each request processed by the filter consumes a single token. If the token is available, the request will be allowed. If no tokens are available, the request will receive the configured rate limit status.


It’s fine for the token bucket to be unset for the global configuration since the rate limit can be applied at a the virtual host or route level. Thus, the token bucket must be set for the per route configuration otherwise the config will be rejected.


When using per route configuration, the bucket becomes unique to that route.


In the current implementation the token bucket’s fill_interval must be >= 50ms to avoid too aggressive refills.


(config.core.v3.RuntimeFractionalPercent) If set, this will enable – but not necessarily enforce – the rate limit for the given fraction of requests. Defaults to 0% of requests for safety.


(config.core.v3.RuntimeFractionalPercent) If set, this will enforce the rate limit decisions for the given fraction of requests.

Note: this only applies to the fraction of enabled requests.

Defaults to 0% of requests for safety.


(repeated config.core.v3.HeaderValueOption) Specifies a list of HTTP headers that should be added to each response for requests that have been rate limited.


(repeated extensions.common.ratelimit.v3.LocalRateLimitDescriptor) The rate limit descriptor list to use in the local rate limit to override on. The rate limit descriptor is selected by the first full match from the request descriptors.

Example on how to use :this


In the current implementation the descriptor’s token bucket fill_interval must be a multiple global token bucket’s fill interval.

The descriptors must match verbatim for rate limiting to apply. There is no partial match by a subset of descriptor entries in the current implementation.


(uint32) Specifies the rate limit configurations to be applied with the same stage number. If not set, the default stage number is 0.


The filter supports a range of 0 - 10 inclusively for stage numbers.