Skip to main content
Version: 0.0.21-beta

Fixed Window Counter

Parameters

  • maxRequests, windowSize.

Description

  • Counts requests in fixed time windows; excess requests are dropped once the limit is reached.
  • Susceptible to bursts at window boundaries, potentially allowing double the limit across two windows.
note

A major drawback of the fixed window counter algorithm is that it is susceptible to bursts of traffic at the edges of time windows, which can cause more requests than the allowed quota to go through. The excess can go as high as double the limit across two windows.

Example: windowSize = 1 sec, requestLimit = 3.

    | 5         X           X       ■ => request allowed
| 4 X X X X => request dropped
| 3 ■ ■ ■ ■
| 2 ■ ■ ■ ■ ■
| 1 ■ ■ ■ ■ ■
|_____________________________
(sec) 1s 2s 3s 4s 5s

A problem with this algorithm is that a burst of traffic at the edges of time windows could cause more requests than allowed quota to go through. Consider the following case:

    Requests (excess at the edges of window):
5 | |
4 | ■ | ■ => request allowed
3 | ■ ■ | X => request dropped
2 | ■ ■ ■ X |
1 | ■ ■ ■ ■ X |
|_________|_______|_______|___________
00:00 00:30 01:00 01:30 02:00 (min:sec)
<---- Window --->

How to use

When creating your API, you can use the RateLimitFactory to create a leaking bucket rate limit.

Api.create(8080)
.rateLimit(RateLimitFactory.customFixedWindowCounter(4, Duration.ofSeconds(1)))
.addRoute(Route.builder("/"),
.path(RouteMethod.GET, "/", controller::handler))
.start();

Factory

The RateLimitFactory provides a default and a custom method for this rate limiter.

See more in our blog post about Rate Limiters