I am using istio as ingress in our EKS cluster .
The traffic flow is like
NLB ----> Istio-Ingress-Gateway—> Container
I want only few external Ip should be able to access thru NLB . went thru the post
https://istio.io/docs/tasks/policy-enforcement/denial-and-list/ for IP whitelisting, but this doesnt work . As the client IP is not preserved .
I am using istio helm chart , which doesnt not prvovide option to install ingress gateway as daemon set .
Has anyone implemented the above scenario , if so please let me know what all steps are to be done .