What does an LLM gateway in front of providers centralize?
Several internal services each call LLM providers directly. Explain what introducing an LLM gateway/proxy in front of the providers centralizes, and why that's worth a hop.
An LLM gateway centralizes keys, routing/failover, rate limits, caching, cost accounting, logging, and guardrails behind one interface — trading an extra hop for consistency you can't get per-service.
Imagine an office where everyone orders supplies from outside vendors. If each person has their own vendor logins, their own budget tracking, and their own way of handling a vendor outage, it's chaos — nobody knows total spend and rules differ desk to desk. A gateway is like a central purchasing department. Everyone orders through it. It holds the vendor accounts, tracks who spent what, swaps vendors if one is down, and enforces the same rules for all. The cost is one extra stop, so that department has to be fast and never closed.
Detailed answer & concept explanation~6 min readEverything you need to truly understand this topic: intuition, mechanics, step by step explanation, code, formulas, and worked example. Click to expand.
Everything you need to truly understand this topic: intuition, mechanics, step by step explanation, code, formulas, and worked example. Click to expand.
Everything you need to truly understand this topic: intuition, mechanics, step by step explanation, code, formulas, and worked example.
Everything important, quickly.
Spend 6-8 minutes mapping each centralized concern to the per-service pain it removes, then rehearse the availability tradeoff so you can both sell and stress-test the gateway.
| Concern | Without gateway (per-service) | With gateway (centralized) |
|---|---|---|
| API keys | Copied into every repo, hard to rotate | Held in one place, rotated once |
| Provider failover | Reimplemented or missing per service | One routing policy for all |
| Cost attribution | Fragmented, no org-wide view | Single ledger, per-team budgets |
| Caching | Per-service, hits not shared | Shared prefix/semantic cache |
| Failure blast radius | Localized to one service | Gateway is shared — must be HA |
Real products, models, and research that use this idea.
- LiteLLM Proxy is a widely used open-source LLM gateway that unifies 100+ providers behind one OpenAI-compatible interface with keys, budgets, and logging.
- Portkey and Helicone are 2026 gateway/observability proxies that add caching, cost tracking, and fallback routing in front of providers.
- Cloudflare AI Gateway sits in front of provider APIs to add caching, rate limiting, and analytics at the edge.
- Kong and Envoy AI gateway plugins extend existing API-gateway infrastructure to handle LLM routing, keys, and rate limits.
What an interviewer would ask next. Try answering before peeking at the approach.
QThe gateway is now on the critical path for every LLM call. How do you stop it from becoming a single point of failure?
QTwo teams want different rate limits and different default models through the same gateway. How do you support that?
Don't say thisRed flags and common mistakes that signal junior thinking. Click to expand.
Red flags and common mistakes that signal junior thinking. Click to expand.
Listing the gateway's features but never naming the cost — an extra hop and a shared component that becomes a single point of failure if it isn't built to be highly available.
The night-before-the-interview bullets. Scan these on the way to the call.
Primary sources. Skim if you want the original framing.
Same topic, related formats. Practice these next.