Microsoft .NET 7, a planned upgrade to Microsoft’s flagship software development platform, is set to feature built-in rate limiting, a mechanism designed to protect an application from being overwhelmed with traffic.
Microsoft provided details in a July 13 blog post. Rate limiting provides control over how much a resource can be accessed. For example, a developer might know that a database an application accesses can safely handle 1,000 requests per minute. A rate limiter could be put in the application that allows 1,000 requests but rejects requests beyond that number before they can access the database.
Microsoft .NET 7 will feature multiple rate limiting algorithms to control the flow of requests. Among these are a concurrency limiter to limit the number of concurrent requests; a token bucket limit, a way to regulate application requests using tokens; a fixed window limit, which resets the limit back to a starting point after a certain period of time; and a sliding window limit, which is similar to the fixed window algorithm but divides the time window into segments.
Microsoft has released a Nuget package, System.Threading.RateLimiting, that provides primitives for writing rate limits using common algorithms. Rate limiting middleware is provided in the Microsoft.Asp.NetCoreRateLimiting Nuget package.
Microsoft seeks developers’ feedback on .NET 7’s rate limiting APIs. For the rate limiting APIs in the System.Threading.RateLimiting namespace, use the System.Threading.RateLimiting Nuget package and provide feedback in the Runtime GitHub repo. For rate limiting middleware, use the Microsoft.AspNetCore.RateLimiting Nuget package and provide feedback in the AspNetCore GitHub repo.