Packet Limits

Fine-grained control over packet rate limiting and size restrictions.

Why Packet Limits?

Minecraft servers process thousands of packets per second. Without limits, malicious clients can flood the server with packets to cause lag, crashes, or resource exhaustion. GAPE's packet limiting system provides granular control over what types and volumes of packets are allowed.

Per-Packet Type Limits

Different packet types have different legitimate usage patterns. GAPE allows you to configure limits for each packet type individually:

Movement Packets

Players send movement packets constantly during normal gameplay:

  • Position packets - Where the player is standing
  • Look packets - Where the player is looking
  • Position + Look packets - Combined movement and rotation

Normal limit: 20-30 per second. Higher rates often indicate speed hacks or teleportation exploits.

Interaction Packets

Block breaking, entity interaction, item usage:

  • Block dig packets - Breaking blocks
  • Block place packets - Placing blocks
  • Use entity packets - Right-clicking entities
  • Use item packets - Using items in hand

Normal limit: 10-20 per second. Excessive rates indicate auto-clickers or interaction exploits.

Inventory Packets

Opening containers, clicking slots, moving items:

  • Window click packets - Clicking inventory slots
  • Close window packets - Closing GUIs
  • Creative inventory packets - Creative mode item spawning

Normal limit: 15-25 per second. High rates suggest inventory exploits or item duplication attempts.

Chat and Command Packets

Player messages and command execution:

  • Chat packets - Regular chat messages
  • Command packets - Command execution
  • Tab complete packets - Command auto-completion

Normal limit: 3-5 per second for chat, 5-10 for commands. Prevents chat spam and command flooding.

Custom Payload Packets

Plugin messages and mod communication:

  • Plugin messages - Custom plugin channels
  • Brand packets - Client brand information
  • Resource pack status - Resource pack responses

Normal limit: 5-10 per second. Prevents plugin channel exploits and netty pipeline injection.

Size Limits

Beyond rate limiting, GAPE can restrict the size of individual packets:

Maximum Packet Size

  • Chat messages - Default 256 characters, configurable up to 32KB
  • Sign text - Default 384 characters total (4 lines × 96 chars)
  • Book pages - Default 8KB per page, 100 pages maximum
  • Custom payload - Default 32KB for plugin messages
  • Item NBT - Default 64KB for complex items

Oversized Packet Handling

When a packet exceeds size limits:

  • Cancel - Block the packet entirely (recommended)
  • Truncate - Cut the packet down to maximum size
  • Alert - Allow but log violation and notify staff

Rate Limiting Windows

GAPE uses sliding time windows for rate limiting:

Window Duration

How long to track packets before resetting the counter:

  • 1 second - Strict limiting, good for burst protection
  • 5 seconds - Balanced approach (recommended)
  • 10 seconds - Lenient, allows occasional spikes

Burst Allowance

Some legitimate actions cause brief packet bursts (e.g., rapidly scrolling through inventory). Burst allowance lets players exceed the rate limit briefly:

  • No burst - Strict enforcement
  • 1.5x burst - Allow 50% over limit for 1 second
  • 2x burst - Allow 100% over limit for 1 second (recommended)

Configuration Strategy

Aggressive Protection

For servers facing frequent attacks:

  • Short time windows (1-2 seconds)
  • Low packet limits (vanilla minimum + 10%)
  • No burst allowance
  • Oversized packets cancelled immediately

Balanced Protection (Recommended)

For most servers:

  • Medium time windows (5 seconds)
  • Moderate packet limits (vanilla + 50%)
  • 2x burst allowance
  • Oversized packets cancelled with alerts

Lenient Protection

For creative servers or minigame servers with unusual packet patterns:

  • Long time windows (10 seconds)
  • High packet limits (vanilla + 100%)
  • 3x burst allowance
  • Oversized packets truncated instead of cancelled

Per-Player vs Global Limits

Per-Player Limits

Track each player's packet rate individually. Prevents one player from flooding the server while not affecting others.

Global Limits

Track total packets across all players. Useful for protecting against coordinated attacks where multiple accounts flood simultaneously.

Recommended Approach

Use per-player limits for most packet types, and global limits only for expensive packets like custom payload or command packets.

Performance Considerations

Packet limiting overhead:

  • Per-packet check: 50-100ns
  • Memory: ~200 bytes per player for tracking
  • Cleanup: Automatic purging of old data every 30 seconds

The performance cost is negligible compared to processing the actual packets.

Tuning for Your Server

Monitor First

Before adjusting limits, monitor normal gameplay:

  • Enable logging for all packet violations
  • Observe packet rates during peak hours
  • Identify which packet types are most commonly exceeded
  • Check for false positives from legitimate players

Adjust Gradually

  • Start with lenient limits and tighten slowly
  • Change one packet type at a time
  • Test during normal gameplay before deploying
  • Get player feedback on any lag or blocked actions

Special Cases

  • Creative mode servers - Higher limits for block place/break packets
  • PvP servers - Higher limits for use entity and interaction packets
  • Minigame servers - Custom limits per game type using GAPE's API
  • Hub servers - Lower limits since less intensive gameplay
Tip: Start with GAPE's default limits and only adjust if you experience false positives or see exploits getting through.