Rate limit

This documentation is for the Envoy v3 API.

As of Envoy v1.18 the v2 API has been removed and is no longer supported.

If you are upgrading from v2 API config you may wish to view the v2 API documentation:

This extension may be referenced by the qualified name envoy.filters.http.ratelimit

Note

This extension is intended to be robust against untrusted downstream traffic. It assumes that the upstream is trusted.

Tip

This extension extends and can be used with the following extension category:

Rate limit configuration overview.

extensions.filters.http.ratelimit.v3.RateLimit

[extensions.filters.http.ratelimit.v3.RateLimit proto]

{
  "domain": "...",
  "stage": "...",
  "request_type": "...",
  "timeout": "{...}",
  "failure_mode_deny": "...",
  "rate_limited_as_resource_exhausted": "...",
  "rate_limit_service": "{...}",
  "enable_x_ratelimit_headers": "...",
  "disable_x_envoy_ratelimited_header": "...",
  "rate_limited_status": "{...}"
}
domain

(string, REQUIRED) The rate limit domain to use when calling the rate limit service.

stage

(uint32) Specifies the rate limit configurations to be applied with the same stage number. If not set, the default stage number is 0.

Note

The filter supports a range of 0 - 10 inclusively for stage numbers.

request_type

(string) The type of requests the filter should apply to. The supported types are internal, external or both. A request is considered internal if x-envoy-internal is set to true. If x-envoy-internal is not set or false, a request is considered external. The filter defaults to both, and it will apply to all request types.

timeout

(Duration) The timeout in milliseconds for the rate limit service RPC. If not set, this defaults to 20ms.

failure_mode_deny

(bool) The filter’s behaviour in case the rate limiting service does not respond back. When it is set to true, Envoy will not allow traffic in case of communication failure between rate limiting service and the proxy.

rate_limited_as_resource_exhausted

(bool) Specifies whether a RESOURCE_EXHAUSTED gRPC code must be returned instead of the default UNAVAILABLE gRPC code for a rate limited gRPC call. The HTTP code will be 200 for a gRPC response.

rate_limit_service

(config.ratelimit.v3.RateLimitServiceConfig, REQUIRED) Configuration for an external rate limit service provider. If not specified, any calls to the rate limit service will immediately return success.

enable_x_ratelimit_headers

(extensions.filters.http.ratelimit.v3.RateLimit.XRateLimitHeadersRFCVersion) Defines the standard version to use for X-RateLimit headers emitted by the filter:

  • X-RateLimit-Limit - indicates the request-quota associated to the client in the current time-window followed by the description of the quota policy. The values are returned by the rate limiting service in current_limit field. Example: 10, 10;w=1;name=”per-ip”, 1000;w=3600.

  • X-RateLimit-Remaining - indicates the remaining requests in the current time-window. The values are returned by the rate limiting service in limit_remaining field.

  • X-RateLimit-Reset - indicates the number of seconds until reset of the current time-window. The values are returned by the rate limiting service in duration_until_reset field.

In case rate limiting policy specifies more then one time window, the values above represent the window that is closest to reaching its limit.

For more information about the headers specification see selected version of the draft RFC.

Disabled by default.

disable_x_envoy_ratelimited_header

(bool) Disables emitting the x-envoy-ratelimited header in case of rate limiting (i.e. 429 responses). Having this header not present potentially makes the request retriable.

rate_limited_status

(type.v3.HttpStatus) This field allows for a custom HTTP response status code to the downstream client when the request has been rate limited. Defaults to 429 (TooManyRequests).

Note

If this is set to < 400, 429 will be used instead.

Enum extensions.filters.http.ratelimit.v3.RateLimit.XRateLimitHeadersRFCVersion

[extensions.filters.http.ratelimit.v3.RateLimit.XRateLimitHeadersRFCVersion proto]

Defines the version of the standard to use for X-RateLimit headers.

OFF

(DEFAULT) ⁣X-RateLimit headers disabled.

DRAFT_VERSION_03

⁣Use draft RFC Version 03.

extensions.filters.http.ratelimit.v3.RateLimitPerRoute

[extensions.filters.http.ratelimit.v3.RateLimitPerRoute proto]

{
  "vh_rate_limits": "..."
}
vh_rate_limits

(extensions.filters.http.ratelimit.v3.RateLimitPerRoute.VhRateLimitsOptions) Specifies if the rate limit filter should include the virtual host rate limits.

Enum extensions.filters.http.ratelimit.v3.RateLimitPerRoute.VhRateLimitsOptions

[extensions.filters.http.ratelimit.v3.RateLimitPerRoute.VhRateLimitsOptions proto]

OVERRIDE

(DEFAULT) ⁣Use the virtual host rate limits unless the route has a rate limit policy.

INCLUDE

⁣Use the virtual host rate limits even if the route has a rate limit policy.

IGNORE

⁣Ignore the virtual host rate limits even if the route does not have a rate limit policy.