MCP glossary

Security

Rate limit

Understand MCP rate limits for hosted endpoints, abuse protection, per-route buckets, global spray limits, and Retry-After behavior.

Definition

A rate limit bounds how many requests a caller, route, token, IP, or global traffic source can make over a time window. It protects hosted MCP endpoints from accidental loops, abuse, and resource exhaustion.

How Astrail Uses It

Astrail applies rate limits around hosted MCP routes so tools/list, tools/call, and unknown-server traffic cannot cheaply overwhelm runtime resources. Limits pair with validation, auth checks, and body-size controls.

Implementation Checklist

Limit by identity when authenticated and by IP or route when anonymous.

Add a global bucket for spray attacks across random server IDs.

Return consistent 429 responses and Retry-After guidance.

Keep expensive upstream calls behind cheap early rejection checks.

FAQ

Is a rate limit the same as DDoS protection?

No. Application rate limits reduce abuse and accidental loops, but network-layer DDoS protection still belongs at the edge or infrastructure layer.

Should tools/list and tools/call have the same limits?

Not necessarily. tools/call is usually more expensive and may deserve tighter limits, while tools/list still needs protection against catalog scraping or server-ID spraying.