Code Room
System designMediumsd-g658
Subject Egress proxy gatewayLevel Mid–Senior~40 minCommon in Networking & APIs interviewsIndustries Technology

Question

Design a centralized egress (forward) proxy that all outbound HTTP from a 5,000-service platform must route through, handling 60k outbound requests/sec to arbitrary third-party and customer-specified URLs. It must enforce an allow/deny policy (block internal IP ranges and metadata endpoints to prevent SSRF), apply per-destination rate limits and circuit breakers, reuse upstream connections for efficiency, and add under 5ms p99. Walk through the proxy architecture, the policy-enforcement model, and the central trade-off.

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.