Description:

Currently, there is no way to use local and global ratelimit together for backend traffic policy - RateLimitSpec requires specifying (only one) ratelimit type https://gateway.envoyproxy.io/latest/api/extension_types/#ratelimitspec.

Envoy supports (and this is suggested in docs) using simultaneously two types for ratelimit.

From the "global rate limiting" description:

Note that Envoy also supports local rate limiting. Local rate limiting can be used in conjunction with global rate limiting to reduce load on the global rate limit service. For example, a local token bucket rate limit can absorb very large bursts in load that might otherwise overwhelm a global rate limit service. Thus, the rate limit is applied in two stages. The initial coarse grained limiting is performed by the token bucket limit before a fine grained global limit finishes the job.

From the "local rate limiting" description:

Finally, Envoy also supports global rate limiting. Local rate limiting can be used in conjunction with global rate limiting to reduce load on the global rate limit service.

Relevant Links:

1. local rate limiting (envoy architecture) https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/other_features/local_rate_limiting
2. global rate limiting (envoy architecture) https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/other_features/global_rate_limiting
3. gateway local rate limit https://gateway.envoyproxy.io/docs/tasks/traffic/local-rate-limit/
4. gateway global rate limit https://gateway.envoyproxy.io/docs/tasks/traffic/global-rate-limit/
5. gateway RateLimitSpec API reference https://gateway.envoyproxy.io/latest/api/extension_types/#ratelimitspec