Skip to content

I think I am being grouped with other traffic⚓︎

Use this path if your own activity seems reasonable, but you may be sharing egress with other organizations, tenants, teams, or workloads through corporate NAT, VPNs, hosted CI, cloud infrastructure, or another shared platform.

Maven Central applies rate limits based on the traffic it sees at the network edge. If many unrelated users, tenants, workloads, or organizations share the same outbound IPs, their traffic may appear as one high-volume consumer. In that situation, your individual usage may be reasonable, but the aggregate traffic from the shared egress path may still cross a rate limit threshold.

Why this is hard to resolve directly⚓︎

Shared egress can make the real source of traffic difficult or impossible for you to see. The activity may be coming from other tenants, teams, customers, workloads, or systems using the same outbound path.

It can also be difficult to identify the relevant egress IPs. Hosted CI systems, corporate VPNs, cloud NAT gateways, managed build platforms, and shared infrastructure providers may rotate, pool, or abstract outbound addresses. Even if you can identify the IPs and Sonatype can confirm what Maven Central is seeing, you may not have the access or authority needed to change the underlying traffic pattern.

What to do first⚓︎

Your first step should usually be to contact the provider or internal team that controls the shared egress path. That may be your cloud provider, hosted CI provider, VPN provider, corporate network team, build platform team, managed service provider, or another infrastructure operator.

Ask them to investigate direct traffic to Maven Central's canonical repository endpoints:

  • repo1.maven.org
  • repo.maven.apache.org

These endpoints resolve to the same Maven Central repository service. repo.maven.apache.org is a CNAME for repo1.maven.org, so traffic to either name should be treated as direct Maven Central access.

If shared infrastructure is involved, ask the provider to contact Sonatype using the infrastructure provider path. They are usually in the best position to work with us because they can see the platform, egress design, customer aggregation model, caching options, and available controls.

Contacting Sonatype directly⚓︎

If you cannot get help from the provider, you may contact Sonatype directly as a last resort. We may be able to help determine whether Maven Central is seeing rate-limited traffic from IPs you provide, but our ability to solve the problem may be limited if the relevant traffic is controlled by a provider or shared infrastructure operator.

See 429: Contact support for what to include. Note that shared egress is one of the recognized exceptions to the egress IP requirement — if you genuinely cannot identify the IP because it is controlled by a shared platform, say so explicitly and provide whatever context you can about the provider, platform, and environment.

The key point: a 429 in a shared egress environment may not mean your own usage is excessive. It may mean your traffic is grouped with other traffic you cannot see. In those cases, the fastest path is usually through the provider or internal team that controls the shared network.