F5XC rate-limit calculator
Turn an F5 Distributed Cloud rate-limiter configuration into its effective rate, burst ceiling, and exact leaky-bucket behavior - including why Disabled is not a bypass and how a Block lockout holds.
Security & WAFCalculated in your browser. Nothing is uploaded.
Effective rate
Window1 s
Per second15
Per minute900
Per hour54000
Equivalence15 requests per second
Burst ceiling15 (1x the rate)
Behavior
Enforcement is a leaky bucket: when the bucket overflows, the load balancer returns HTTP 429.
Mitigation Action Disabled still returns 429 on overflow. It only means no extra lockout timer is applied - Disabled is not a bypass.
Counting is distributed per Regional Edge / proxy, so you may briefly see more requests than the limit before enforcement converges (K000157944). Layered Server URL and API endpoint rules are evaluated first-match, in the order configured.
API endpointGEThttps://ronutz.com/api/v1/f5xc-rate-limit-calculatorDocumented, not served. Opens the specification.
References
- F5 Distributed Cloud: Configure Rate Limiting per User (Number / Per Period / Periods / Burst Multiplier)
- F5 K000161473: Rate Limiting Behavior, Mitigation Actions, and Log Visibility
- F5 K000146642: What is the burst multiplier setting on Rate Limit configuration?
- F5 K000157944: distributed rate-limit counting can overshoot before enforcement
- F5 Distributed Cloud: Configure API Rate Limiting (Server URL + API endpoint rules, first-match)