← Lessons

quiz vs the machine

Gold1520

System Design

The Rate Limiting of Events

Capping how fast clients can emit realtime events to protect servers and other users from floods.

4 min read · core · beat Gold to climb

Why limit events

A realtime connection lets a client send messages as fast as it wants. A buggy or malicious client can flood the server, starving other users and exhausting resources. Rate limiting caps how many events a client may emit per unit time.

The token bucket

  • Each client has a bucket that refills at a fixed rate.
  • Every event costs one token; if the bucket is empty the event is rejected or delayed.
  • The bucket size sets how large a short burst may be.

Applying it to realtime

  • Limit per connection so one client cannot drown a shared room.
  • Add a per room limit so a busy channel does not overwhelm its subscribers.
  • Choose to drop, delay, or disconnect when a client persistently exceeds the limit.

Key idea

Rate limiting events with a token bucket caps how fast each client emits, protecting the server and other users from a single flooding connection.

Check yourself

Answer to earn rating on the learn ladder.

1. In a token bucket, what happens when the bucket is empty?

2. Why limit events per connection in a realtime system?