Bandwidth limit

The HTTP Bandwidth limit filter limits the size of data flow to the max bandwidth set in the limit_kbps when the request’s route, virtual host or filter chain has a bandwidth limit configuration.

If the bandwidth limit has been exhausted the filter stops further transfer until more bandwidth gets allocated according to the fill_interval (default is 50 milliseconds). If the connection buffer fills up with accumulated data then the source of data will have readDisable(true) set as described in the flow control doc.

Note

The token bucket is shared across all workers, thus the limits are applied per Envoy process.

Example configuration

Example filter configuration for a globally disabled bandwidth limiter but enabled for a specific route:

bandwidth-limit-filter.yaml

  1. "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
  2. codec_type: AUTO
  3. stat_prefix: ingress_http
  4. route_config:
  5. name: local_route
  6. virtual_hosts:
  7. - name: local_service
  8. domains: ["*"]
  9. routes:
  10. - match: {prefix: "/path/with/bandwidth/limit"}
  11. route: {cluster: service_protected_by_bandwidth_limit}
  12. typed_per_filter_config:
  13. envoy.filters.http.bandwidth_limit:
  14. "@type": type.googleapis.com/envoy.extensions.filters.http.bandwidth_limit.v3.BandwidthLimit
  15. stat_prefix: bandwidth_limiter_custom_route
  16. enable_mode: REQUEST_AND_RESPONSE
  17. limit_kbps: 500
  18. fill_interval: 0.1s
  19. - match: {prefix: "/"}
  20. route: {cluster: web_service}
  21. http_filters:
  22. - name: envoy.filters.http.bandwidth_limit
  23. typed_config:
  24. "@type": type.googleapis.com/envoy.extensions.filters.http.bandwidth_limit.v3.BandwidthLimit
  25. stat_prefix: bandwidth_limiter_default
  26. - name: envoy.filters.http.router
  27. typed_config:
  28. "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
  29. clusters:
  30. - name: service_protected_by_bandwidth_limit
  31. type: STRICT_DNS
  32. lb_policy: ROUND_ROBIN
  33. load_assignment:
  34. cluster_name: service1
  35. endpoints:
  36. - lb_endpoints:
  37. - endpoint:
  38. address:
  39. socket_address:
  40. address: web_service
  41. port_value: 9000
  42. - name: web_service
  43. type: STRICT_DNS

Note that if this filter is configured as globally disabled and there are no virtual host or route level token buckets, no bandwidth limiting will be applied.

Statistics

The HTTP bandwidth limit filter outputs statistics in the <stat_prefix>.http_bandwidth_limit. namespace.

Name

Type

Description

request_enabled

Counter

Total number of request streams for which the bandwidth limiter was consulted

request_enforced

Counter

Total number of request streams for which the bandwidth limiter was enforced

request_pending

GAUGE

Number of request streams which are currently pending transfer in bandwidth limiter

request_incoming_size

GAUGE

Size in bytes of incoming request data to bandwidth limiter

request_allowed_size

GAUGE

Size in bytes of outgoing request data from bandwidth limiter

request_transfer_duration

HISTOGRAM

Total time (including added delay) it took for the request stream transfer

response_enabled

Counter

Total number of response streams for which the bandwidth limiter was consulted

response_enforced

Counter

Total number of response streams for which the bandwidth limiter was enforced

response_pending

GAUGE

Number of response streams which are currently pending transfer in bandwidth limiter

response_incoming_size

GAUGE

Size in bytes of incoming response data to bandwidth limiter

response_allowed_size

GAUGE

Size in bytes of outgoing response data from bandwidth limiter

response_transfer_duration

HISTOGRAM

Total time (including added delay) it took for the response stream transfer

Runtime

The HTTP bandwidth limit filter supports the following runtime settings:

The bandwidth limit filter can be runtime feature flagged via the enabled configuration field.