How do you design an API gateway that handles rate limiting, authentication, and dynamic routing under high load?