I'm currently investigating this issue as well. My current plan (Note this is with a LAMP stack!) is to implement this using APC's cacheing functions. When a request is received, I check to see if that IP is stored in APC's cache. If it is, then check to see if it is greater than 'X' where 'X' is the max requests per unit time. If it isn't, then create the cache entry for that IP.
This system means that no database access is required to check the rate limiting, and it doesn't rely on anything like a MongoDB or Redis server. It does assume you are using PHP with APC; if you aren't, then memcached might work instead.
