Rate limit

This documentation is for the Envoy v3 API.

As of Envoy v1.18 the v2 API has been removed and is no longer supported.

If you are upgrading from v2 API config you may wish to view the v2 API documentation:

This extension may be referenced by the qualified name envoy.filters.network.ratelimit

Note

This extension is intended to be robust against untrusted downstream traffic. It assumes that the upstream is trusted.

Tip

This extension extends and can be used with the following extension category:

Rate limit configuration overview.

extensions.filters.network.ratelimit.v3.RateLimit

[extensions.filters.network.ratelimit.v3.RateLimit proto]

{
  "stat_prefix": "...",
  "domain": "...",
  "descriptors": [],
  "timeout": "{...}",
  "failure_mode_deny": "...",
  "rate_limit_service": "{...}"
}
stat_prefix

(string, REQUIRED) The prefix to use when emitting statistics.

domain

(string, REQUIRED) The rate limit domain to use in the rate limit service request.

descriptors

(repeated extensions.common.ratelimit.v3.RateLimitDescriptor, REQUIRED) The rate limit descriptor list to use in the rate limit service request.

timeout

(Duration) The timeout in milliseconds for the rate limit service RPC. If not set, this defaults to 20ms.

failure_mode_deny

(bool) The filter’s behaviour in case the rate limiting service does not respond back. When it is set to true, Envoy will not allow traffic in case of communication failure between rate limiting service and the proxy. Defaults to false.

rate_limit_service

(config.ratelimit.v3.RateLimitServiceConfig, REQUIRED) Configuration for an external rate limit service provider. If not specified, any calls to the rate limit service will immediately return success.