Apar Agarwal | Engineering Blog

The Thundering Herd

When you expose a public API, it's only a matter of time before someone (accidentally or maliciously) hammers your endpoints.

Why Token Bucket?

I chose the Token Bucket algorithm over Fixed Window because it allows for bursts of traffic while maintaining a steady average rate.

interface RateLimitConfig {
  windowSize: number; // in seconds
  maxRequests: number;
}

// Pseudo-code for Redis Lua script
const luaScript = `
  local key = KEYS[1]
  local window = ARGV[1]
  
  local current = redis.call("INCR", key)
  if current == 1 then
    redis.call("EXPIRE", key, window)
  end
  
  return current
`

Distributed Systems

When running multiple Node.js instances, local memory stores won't cut it. Redis provides the atomic operations needed to synchronize counters across your cluster.

Designing Rate Limiting for a Node.js API

The Thundering Herd

Why Token Bucket?

Distributed Systems