Rate Limiting
The rippled
server limits the rate at which API clients can make requests on public APIs. Rate limiting is based on the IP address of the client, so clients behind network address translation share a limit based on their public IP address.
When a client is approaching the rate limit, the server adds the field "warning": "load"
at the top level of an API response. This warning is not added to every response, but the server may send several such warnings before it disconnects a client.
If a client exceeds the rate limit, the server disconnects that client and does not serve further requests from the client's IP address for a while. The WebSocket and JSON-RPC APIs use different disconnect messages.
WebSocket API Disconnect Message
For the WebSocket API, the server closes the connection and provides a close message and code. The way you access these messages depends on your WebSocket client implementation. For example, using the Node.js ws library, the following code prints the close reason when disconnected:
const WebSocket = require('ws') const ws = new WebSocket('ws://localhost:6007/') ws.on('close', (code,reason) => { console.log("Disconnected. \ncode: ", code, "\nreason: ", reason) }) // If rate limited, prints: // Disconnected. // code: 1008 // reason: threshold exceeded
If the connection is closed because of rate limiting, the close code is 1008
and the close message is the string threshold exceeded
.
JSON-RPC Rate Limited Error
For a JSON-RPC API request, the server responds with the HTTP status code 503 Service Unavailable when the client is over the rate limit. This response has a text (not JSON) body stating that the server is overloaded:
503 Service Unavailable Server is overloaded
Rate Per Request
The server calculates a client's usage rate based on the number of requests made over time, and weighs different types of requests based on approximately how much work the server must do to serve them. Follow-up messages from the server for the subscribe method and path_find method also count towards a client's usage rate.
The usage rate drops off exponentially over time, so a client that does not make requests automatically has its access restored after a period of seconds to minutes.