Different max request size for socket, RPCs, and admin RPCs?

Nakama appears to offer only one configurable max size value, socket.max_request_size_bytes. However, the intended max size can differ across sockets, RPCs, and admin RPCs.

Example intended max size per type:

We must set the max size to facilitate the largest size needed (e.g., admin RPCs with large config exports). However, this inadvertently increases the max size for other types, such as regular gameplay socket and RPC communication, which is not intended.

According to one of Nakama’s developers:

You should adjust this value for your game to match an upper limit on what you expect the size of your largest data message would look like. The reason we have this value is to protect against an attack vector known as a distributed “slow clients” attack.

Therefore, it would be beneficial to have more granular control over these settings, so that the larger sizes required for admin RPCs do not unintentionally increase the max sizes for regular gameplay sockets and RPCs.

Does Nakama have any solution to this, or any recommended alternative approach?

Hi @a573369119,

I don’t think we can have a per-RPC limit, this config is set via Grpc-Gateway and it’s a socket-level global config.

We advise not to set an arbitrarily large limit to ensure that developers are cognizant of payload sizes/bandwidth use and unexpectedly large payloads are flagged.

You could set your own size checks and log some warning level logs if payloads are unexpectedly large. Alternatively you could use the RegisterHttp endpoints to have admin-level APIs with your own separate limits - but you’d also have to write your own auth checks since these endpoints are public by default.

Hope this helps.