Rate limiting per IP address?

Hey guys, I’m wondering if I were to apply rate limiting to my end point, would the limit apply to the endpoint as a whole? Ie. If my rate limit is 100 calls per second and 101 users makes the call at the same time, 1 of them will fail?

If yes, would it then be possible to limit the call to 100 calls per second per IP address? This way, if a malicious user tries to do something funny to overwhelm the server, they won’t be able to. At the same time, other normal users (who have different IPs from each other) should be able to make calls to my endpoint without getting affected.

Appreciate if someone could shed some thoughts on this. Thanks!