JustinBytes

Rate Limiting:
Rate Limiting is a technique used to control the number of incoming requests to or outgoing requests from a resource within a certain time period. This can help ensure that the system stays responsive, even during high spikes in traffic.

Benefits:
1. Prevent Abuse:
If an attacker tries to flood a service with requests, rate limiting can prevent the service from becoming overwhelmed, protecting against denial-of-service attacks.

2. Fair Usage:
It ensures that a service can serve many users without allowing one user to monopolize the system.

3. Cost Control:
Some services have a cost associated with processing requests. Rate-limiting can help keep costs under control.

4. Quality of Service:
By managing how many requests a client can make, it ensures that resources are available to handle each request fairly and efficiently.

There are two popular methods used to implement rate limiting:
1. Token Bucket Algorithm:
A token is added to the bucket at regular intervals (e.g., 1 token per second).
The bucket has a maximum capacity (burst size). If a token is generated when the bucket is full, it's discarded. When a request is made, a token is removed from the bucket. If no tokens are available, the request is rejected or delayed.

2. Leaky Bucket Algorithm:
Requests are added to the bucket, and they "leak out" at a constant rate, whether they are processed or not. If the bucket is full, new requests are either rejected or lost (they overflow the bucket). The Leak rate determines how quickly requests are processed.

Imagine a bucket with a small hole in the bottom. Water (requests) flow into the bucket at a steady rate (rate limit), but the bucket can also hold a certain amount of water above that level (burst size). If water flows into the bucket faster than it flows out of the hole, the water level will rise until it reaches the top of the bucket (burst size limit). If water continues to flow at this higher rate, it will overflow (requests will be rejected or delayed). If the flow of water slows down again, the water level will gradually return to its normal level, and the system will continue to operate under its regular rate limit.

Bursty Rate Limiting:
Bursty rate limiting is a form of rate limiting that allows occasional bursts of traffic to exceed the typical rate limit for a short period of time. After that window of time, the rate returns to its normal limit. The "burst size" defines the number of additional requests that can be handled during the burst window.

Implementation in Go (3 requests per second per client):

Bursty Implementation: