Skip to content

Comments

feat: retrieval-timeout & max-concurrent-requests#285

Merged
hsanjuan merged 6 commits intomainfrom
feat-additional-gateway-limits
Aug 14, 2025
Merged

feat: retrieval-timeout & max-concurrent-requests#285
hsanjuan merged 6 commits intomainfrom
feat-additional-gateway-limits

Conversation

@lidel
Copy link
Member

@lidel lidel commented Aug 11, 2025
edited
Loading

This PR adds built-in limiters for IPFS Gateway requests: retrieval-timeout (default: 30s) and max-concurrent-requests (default: 1024).

On ipfs.io

cc @gammazero @hsanjuan @ns4plabs for visibility as this PR moves some of Nginx responsibilities to Rainbow.

High load infrastructure like ipfs.io will need to ensure Nginx limits are bit higher than Rainbow, namely:

  • proxy_read_timeout (nginx) > RAINBOW_RETRIEVAL_TIMEOUT here (right now both 30s, we need to set proxy +5s)
  • worker_connections (nginx) > RAINBOW_MAX_CONCURRENT_REQUESTS (1024 needs to be raised, fysa ipfs.io uses value 10x bigger)

We can disable limits by setting both env variables to 0

@lidel lidel mentioned this pull request Aug 11, 2025
Merged
4 tasks
@lidel
Copy link
Member Author

lidel commented Aug 11, 2025
edited
Loading

I'll be fixing conformance failures in ipfs/boxo#994 – they are not related to feature added here, but existing bugs that now are surfaced by time-bound execution.

@lidel lidel requested review from gammazero and hsanjuan August 11, 2025 22:36
@lidel lidel marked this pull request as ready for review August 11, 2025 22:36
@lidel lidel mentioned this pull request Aug 11, 2025
Merged
4 tasks
gammazero
gammazero approved these changes Aug 13, 2025
View reviewed changes
hsanjuan
hsanjuan approved these changes Aug 13, 2025
View reviewed changes
docs/environment-variables.md Outdated

Maximum number of concurrent HTTP requests that the gateway will process.

This setting provides rate limiting to protect the gateway from resource exhaustion during high load scenarios. When the limit is reached, new requests will receive a `429 Too Many Requests` response with a `Retry-After` header indicating when the client should retry.
Copy link
Contributor

@hsanjuan hsanjuan Aug 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And when should that retry be? Is it hardcoded or dynamic or...?

Copy link
Member Author

@lidel lidel Aug 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hsanjuan for now Retry-After header is hardcoded to 60 seconds. Pushed 789b053 to document that.

Making this dynamic would make ipfs/boxo#994 even more complex and wanted to avoid that for now.

We can make it configurable in the future PRs but my experience has been clients either detect header and have own smart backoff (using 60s value as initial hint only), or just ignore the header so for MVP static 1m should be ok.

@hsanjuan hsanjuan merged commit 68b4eb9 into main Aug 14, 2025
11 checks passed
@hsanjuan hsanjuan deleted the feat-additional-gateway-limits branch August 14, 2025 13:43
This was referenced Aug 14, 2025
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hsanjuan hsanjuan hsanjuan approved these changes

@gammazero gammazero gammazero approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lidel @hsanjuan @gammazero