Line of Defense: Three Systems, Not One

Three Systems, Not One "Rate limiting" gets used as a catch-all for anything that rejects or slows down requests. But there are actually three distinct mechanisms, each protecting against a different failure mode, each asking a different question: Mechanism Question it asks What it protects Load shedding "Is this server healthy enough to handle ANY request?" The server from itself Rate limiting "Is THIS CALLER sending too many requests?" The system from abusive callers Adaptive throttling "Is the DOWNSTREAM struggling right now?" Downstream services from this server A rate limiter won't save you when your server is OOM-ing — every user is within their quota, the server is just dying. Load shedding won't stop one customer from consuming 80% of your capacity — total concurrency is fine, the distribution is unfair. And neither will prevent you from hammering a downstream service that's already struggling. These are complementary systems. Treating them as one thing — or building only one o

Line of Defense: Three Systems, Not One

Related Articles

I built an expense tracker because every other one wanted my bank login

Samsung Galaxy S26 and Galaxy S26+ Review: Lacking Ambition

5 kitchen splurges that I can't recommend enough

Here’s how to rank the 50 best Apple products ever

Fix Payment and Tax Issues in Museum Ticketing Software

Related Articles

How-To
I built an expense tracker because every other one wanted my bank login
Dev.to • 4d ago

How-To
Samsung Galaxy S26 and Galaxy S26+ Review: Lacking Ambition
Wired • 5d ago

How-To
5 kitchen splurges that I can't recommend enough
ZDNet • 5d ago

How-To
Here’s how to rank the 50 best Apple products ever
The Verge • 5d ago

How-To
Fix Payment and Tax Issues in Museum Ticketing Software
Dev.to Beginners • 5d ago