BestHub
Sign in
Backend Development 8 min read

Understanding Nginx Rate Limiting: Leaky Bucket, Burst, NoDelay, and Delay Configurations

This article explains Nginx rate‑limiting using the leaky‑bucket algorithm, demonstrates basic, burst, nodelay, and delay configurations with code examples, and discusses their effects on request handling while also including promotional material for related services.

Top Architect
Top Architect
Top Architect
Understanding Nginx Rate Limiting: Leaky Bucket, Burst, NoDelay, and Delay Configurations

This article provides a step‑by‑step tutorial on Nginx rate limiting, starting with a simple leaky‑bucket configuration that limits requests per client IP to 10 requests per second.

limit_req_zone $binary_remote_addr zone=ip_limit:10m rate=10r/s;
server {
    location /login/ {
        limit_req zone=ip_limit;
        proxy_pass http://login_upstream;
    }
}

The basic setup uses $binary_remote_addr to identify clients, defines a shared memory zone named ip_limit of 10 MB, and sets the rate to 10 r/s, which means one request is allowed every 100 ms. If ten requests arrive simultaneously, only one is processed and the rest are rejected.

To allow a short burst of traffic, the burst parameter is added:

limit_req_zone $binary_remote_addr zone=ip_limit:10m rate=10r/s;
server {
    location /login/ {
        limit_req zone=ip_limit burst=12;
        proxy_pass http://login_upstream;
    }
}

Here burst=12 creates a bucket that can temporarily hold up to 12 excess requests, queuing them so they are processed at the steady rate of one request per 100 ms. All 10 simultaneous requests will be executed sequentially, but the added latency may be undesirable for some services.

To eliminate the queuing delay, the nodelay flag is introduced:

limit_req_zone $binary_remote_addr zone=ip_limit:10m rate=10r/s;
server {
    location /login/ {
        limit_req zone=ip_limit burst=12 nodelay;
        proxy_pass http://login_upstream;
    }
}

With nodelay , requests are allowed to pass immediately up to the burst limit; excess requests are still rejected, preventing additional latency but causing non‑uniform request distribution.

Finally, the delay parameter can control how many requests are delayed after the burst limit is exceeded:

limit_req_zone $binary_remote_addr zone=ip_limit:10m rate=10r/s;
server {
    location /login/ {
        limit_req zone=ip_limit burst=12 delay=4;
        proxy_pass http://login_upstream;
    }
}

Setting delay=4 means that from the fifth request onward, each request is delayed, allowing finer control over request concurrency and smoothing traffic spikes.

Beyond the technical tutorial, the article contains promotional messages encouraging readers to join paid AI communities, purchase ChatGPT accounts, and access additional resources.

BackendconfigurationNginxRate Limitingleaky bucketburstnodelay
Top Architect
Written by

Top Architect

Top Architect focuses on sharing practical architecture knowledge, covering enterprise, system, website, large‑scale distributed, and high‑availability architectures, plus architecture adjustments using internet technologies. We welcome idea‑driven, sharing‑oriented architects to exchange and learn together.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment