Currently have configured a service to IP restriction plugin, and the settings are as followed
For illustration purpose , let say 10.10.10.10 is my outgoing public IP address
config.blacklist
config.whitelist
10.10.10.10/32
As such, any request that originate from 10.10.10.10 will be able to pass through Kong successfully and then proxy to the upstream service.
Interestingly, this is not the case, in fact, it blacklisted my source ip 10.10.10.10. Is it some kind of UI bug ? I changed 10.10.10.10 to config.blacklist, and the api works :).
We are using Kong-EE Docker 0.36 deployed in AWS with RDS.
Hi,
Welcome to Kong Nation.
There are different things to consider to figure out what could be wrong in your configuration. (among them load balancer ? docker etc…)
Looking at your test, it seems that kong does not recognise the call as issued from 10.10.10.10
The IP restriction plugin is using ngx.var.binary_remote_addr and compares it with its configuration.
There are lot of information in this post : https://discuss.konghq.com/t/how-to-forward-clients-request-ip/384
Hi,
Two possibilities:
1/ bug in the plugin (possible but I’m not aware of it)
2/ the IP received and used by Kong is not 10.10.10.10 and then it explains your scenario
That is why I replied regarding the generic subject of client IP.