p2pstream

Appearance

Rate Limits Reference

Rate limit rules are global public proxy rules evaluated after WAF rules and before traffic shapers and route resolution.

Exact Fields And Defaults

SettingDefault or limit
Namerate-limit when empty
Limit60
Window60000 ms
Response status429
Response body sourceInline
Response bodyRate limit exceeded\n
Response content typetext/plain; charset=utf-8
Default keyremote IP
Max key parts8
Max value matchers32

Algorithms:

AlgorithmNotes
Fixed windowCheapest and easiest to understand.
Sliding windowBetter fairness around window boundaries.
Token bucketAllows bursts up to burst capacity.
Leaky bucketSmooths bursty traffic.

Which algorithm to choose

ScenarioRecommended algorithm
Login or form endpoint — strict, no burstSliding window
API endpoint — allow short bursts, then throttleToken bucket
Simple per-IP cap with minimal overheadFixed window
Smooth, metered API throughput — eliminate all burstsLeaky bucket

Token bucket is the default and works well for most API use cases. Use sliding window for sensitive endpoints like login where any burst tolerance is undesirable.

Validation Rules

  • Limit must be at least 1.
  • Window must be between 1 second and 1 day.
  • Burst must be non-negative and cannot exceed 10x limit.
  • Response status must be between 400 and 599.
  • Template-mode responses require a selected generic_body response template.
  • Header matcher names and response header names must be valid HTTP tokens.
  • Protected generated headers such as RateLimit-*, X-RateLimit-*, Retry-After, Content-Length, and Connection cannot be configured as custom response headers.

Rules use request-only CEL match_rule rules. Empty match rules match every request. See CEL Policy Matching for variables, helper functions, builder behavior, limits, and examples.

Route data, target data, target health, and load-balancer state are not available inside rate-limit match CEL. Rate limits still run before route resolution.

Key sources:

  • remote IP,
  • host,
  • method,
  • path,
  • protocol,
  • header,
  • cookie,
  • query parameter.
p2pstream Traffic Policy rate limits section showing rule priority, match summaries, algorithms, budgets, and enabled state
The Rate Limits section shows the active budgets beside nearby WAF controls, making priority and match breadth easier to audit.
p2pstream rate-limit rule editor showing match builder, algorithm, limit, window, burst, key parts, and response settings
The rate-limit editor configures the request match, key parts, algorithm, budget, and denial response served when the selected bucket is exhausted.

Runtime Effects

When a request exceeds the selected rule's budget, p2pstream returns the configured response and does not run traffic shaping, route resolution, target selection, or cache lookup for that request.

When response body source is Template, p2pstream resolves the selected generic template body into the rule before serving the denial response. The rule's configured status, content type, generated rate-limit headers, and custom response headers still apply.

Token and leaky bucket burst defaults to the effective limit when unset.

Examples

Login rule:

text
Method: POST
Host pattern: app.example.com
Path prefix: /login
Algorithm: Sliding window
Limit: 10
Window: 60000 ms
Key: remote IP

Operations documentation for self-hosted p2pstream deployments.