Rate limits protect APIs from abuse and from accidental thundering-herd traffic. They're typically expressed as N requests per minute or per hour, scoped per API key, per IP, or per account. Crossing the limit returns HTTP 429.
Servers usually include a Retry-After header (seconds to wait) and X-RateLimit-* headers showing remaining quota. Clients should respect these — exponential backoff with jitter on 429 is the polite pattern.
lrok doesn't impose per-tunnel rate limits on free or Pro. The bottleneck moves back to your local server, which is where it should be — let your app's own quota / backpressure handle the load.