A comprehensive comparison of rate limiting algorithms covering fixed window, sliding window log, sliding window counter, token bucket, and leaky bucket. Each algorithm encodes different tradeoffs around fairness, burst tolerance, and memory cost. Fixed window is computationally cheap but vulnerable to boundary amplification exploits. Sliding window log offers strict fairness but high memory overhead. Sliding window counter balances accuracy and efficiency for large-scale APIs. Token bucket is recommended as the default for most developer-facing APIs due to its support for controlled bursts while enforcing long-term average rates. The guide also covers distributed rate limiting challenges including consistency tradeoffs and microservices placement considerations.
Table of contents
Rate Limiting Algorithms at a GlanceWhat Is Rate Limiting?What Is the Fixed Window Algorithm?What Is the Sliding Window Algorithm?What Is the Token Bucket Algorithm?What Is the Leaky Bucket Algorithm?Distributed Rate Limiting and Global CoordinationRate Limiting in Microservices ArchitecturesWhat Is the Best Rate Limiting Algorithm for APIs?Sort: