Advanced throttling policy along with IP condition shows unexpected behaviours when adding more IP conditions.
Thanks,
Riyazath Ali.
Steps to Reproduce
- When creating a new API by engaging a newly created whitelisting policy which has the default limit as 0 requests/year and 2 IP conditions the flow is working fine without any issues.
```
Default policy 0 req per year
First IP condition: 192.13.8.1
9 req per min
Second IP condition: 127.0.0.1
3 req per min
```
- We performed the API invocation via Devportal UI. (So the IP address is 127.0.0.1). So, the request will be throttled out after 3 requests as per the second IP condition as expected.
- We changed the policy again by replacing 127.0.0.1 with 127.0.0.2. So when performing API invocation via dev-portal(127.0.0.1), the default policy(0 req per 1 year) will be applied and throttled out permanently as expected.
```
Default policy 0 req per year
First IP condition: 192.13.8.1
9 req per min
Second IP condition: 127.0.0.2
3 req per min
```
Again changed the policy by replacing 127.0.0.2 with 127.0.0.1. So, the expectation is when performing API invocation via dev-portal(127.0.0.1) as per the IP condition, the requests should be throttled out after 3 requests. But, it is throttling out continuously.
```
Default policy 0 req per year
First IP condition: 192.13.8.1
9 req per min
Second IP condition: 127.0.0.1
3 req per min
```
But, when we perform the API invocation with 127.0.0.2(via cURL), the requests are continuously whitelisted. But, the expectation is all the requests should be throttled out since the default policy is expected to be applied.
```
curl -X 'POST' \
'https://localhost:8243/sampleapi/v1' \
-H 'accept: */*' \
-H 'Authorization: Bearer eyJ4NXQiOiJNell4TW1Ga09HWXdNV0kwWldObU5EY3hOR1l3WW1NNFpUQTNNV0kyTkRBelpHUXpOR00wWkdSbE5qSmtPREZrWkRSaU9URmtNV0ZoTXpVMlpHVmxOZyIsImtpZCI6Ik16WXhNbUZrT0dZd01XSTBaV05tTkRjeE5HWXdZbU00WlRBM01XSTJOREF6WkdRek5HTTBaR1JsTmpKa09ERmtaRFJpT1RGa01XRmhNelUyWkdWbE5nX1JTMjU2IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJhZG1pbiIsImF1dCI6IkFQUExJQ0FUSU9OIiwiYXVkIjoiMU9xU2RfM3R4UHc2dzd3VDRaNGplQ3M3NXJVYSIsIm5iZiI6MTY5MTc2NjE3MCwiYXpwIjoiMU9xU2RfM3R4UHc2dzd3VDRaNGplQ3M3NXJVYSIsInNjb3BlIjoiZGVmYXVsdCIsImlzcyI6Imh0dHBzOlwvXC9sb2NhbGhvc3Q6OTQ0M1wvb2F1dGgyXC90b2tlbiIsImV4cCI6MTY5MTc2OTc3MCwiaWF0IjoxNjkxNzY2MTcwLCJqdGkiOiIzM2FkZWY5Yi0wYmEyLTQyNWMtYjViYy0yMjU1ODk4MzdmODIifQ.SYFg3_cl4wj1JuCON4kCoBDPF2Tsv1dh1-ZuWwjexr7RHhT7cWbx-ldJBuIlv-uEfKxmXaaYKozII4g74WFZH6tNk44-xqiHa-inJKAVBKmdpG5FnYlPIFq7ubzWQEYT5CDuYkyij5pbXRyRR3plWMyxyd-eoUQUwSCmQuQNvp0AGkpBSjj31CW5ibBCTx6akzncQWVzrgYGxaztktiEiz3Z86mzD_3Nyz0erViu4oDu2ZqtHVHKB5Q7fVFBvtpL0fEw_zxo3L4ucVcuPcdq5XTolOfH26mPNP1ovuHYHZvAGCScDDR7Pt2WZbA6XBQHunfJwK9HZBqMv_UKOX0q7A' \
-d '' -k -H "X-Forwarded-For: 127.0.0.2"
```
### Affected Component
APIM
### Version
3.2.0
### Environment Details (with versions)
_No response_
### Relevant Log Output
_No response_
### Related Issues
_No response_
### Suggested Labels
_No response_
Description
Hi Team,
Advanced throttling policy along with IP condition shows unexpected behaviours when adding more IP conditions.
Thanks, Riyazath Ali.
Steps to Reproduce
- When creating a new API by engaging a newly created whitelisting policy which has the default limit as 0 requests/year and 2 IP conditions the flow is working fine without any issues. ``` Default policy 0 req per year First IP condition: 192.13.8.1 9 req per min Second IP condition: 127.0.0.1 3 req per min ``` - We performed the API invocation via Devportal UI. (So the IP address is 127.0.0.1). So, the request will be throttled out after 3 requests as per the second IP condition as expected.
- We changed the policy again by replacing 127.0.0.1 with 127.0.0.2. So when performing API invocation via dev-portal(127.0.0.1), the default policy(0 req per 1 year) will be applied and throttled out permanently as expected. ``` Default policy 0 req per year First IP condition: 192.13.8.1 9 req per min Second IP condition: 127.0.0.2 3 req per min ```
Again changed the policy by replacing 127.0.0.2 with 127.0.0.1. So, the expectation is when performing API invocation via dev-portal(127.0.0.1) as per the IP condition, the requests should be throttled out after 3 requests. But, it is throttling out continuously. ``` Default policy 0 req per year First IP condition: 192.13.8.1 9 req per min Second IP condition: 127.0.0.1 3 req per min ```
But, when we perform the API invocation with 127.0.0.2(via cURL), the requests are continuously whitelisted. But, the expectation is all the requests should be throttled out since the default policy is expected to be applied. ``` curl -X 'POST' \ 'https://localhost:8243/sampleapi/v1' \ -H 'accept: */*' \ -H 'Authorization: Bearer eyJ4NXQiOiJNell4TW1Ga09HWXdNV0kwWldObU5EY3hOR1l3WW1NNFpUQTNNV0kyTkRBelpHUXpOR00wWkdSbE5qSmtPREZrWkRSaU9URmtNV0ZoTXpVMlpHVmxOZyIsImtpZCI6Ik16WXhNbUZrT0dZd01XSTBaV05tTkRjeE5HWXdZbU00WlRBM01XSTJOREF6WkdRek5HTTBaR1JsTmpKa09ERmtaRFJpT1RGa01XRmhNelUyWkdWbE5nX1JTMjU2IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJhZG1pbiIsImF1dCI6IkFQUExJQ0FUSU9OIiwiYXVkIjoiMU9xU2RfM3R4UHc2dzd3VDRaNGplQ3M3NXJVYSIsIm5iZiI6MTY5MTc2NjE3MCwiYXpwIjoiMU9xU2RfM3R4UHc2dzd3VDRaNGplQ3M3NXJVYSIsInNjb3BlIjoiZGVmYXVsdCIsImlzcyI6Imh0dHBzOlwvXC9sb2NhbGhvc3Q6OTQ0M1wvb2F1dGgyXC90b2tlbiIsImV4cCI6MTY5MTc2OTc3MCwiaWF0IjoxNjkxNzY2MTcwLCJqdGkiOiIzM2FkZWY5Yi0wYmEyLTQyNWMtYjViYy0yMjU1ODk4MzdmODIifQ.SYFg3_cl4wj1JuCON4kCoBDPF2Tsv1dh1-ZuWwjexr7RHhT7cWbx-ldJBuIlv-uEfKxmXaaYKozII4g74WFZH6tNk44-xqiHa-inJKAVBKmdpG5FnYlPIFq7ubzWQEYT5CDuYkyij5pbXRyRR3plWMyxyd-eoUQUwSCmQuQNvp0AGkpBSjj31CW5ibBCTx6akzncQWVzrgYGxaztktiEiz3Z86mzD_3Nyz0erViu4oDu2ZqtHVHKB5Q7fVFBvtpL0fEw_zxo3L4ucVcuPcdq5XTolOfH26mPNP1ovuHYHZvAGCScDDR7Pt2WZbA6XBQHunfJwK9HZBqMv_UKOX0q7A' \ -d '' -k -H "X-Forwarded-For: 127.0.0.2" ``` ### Affected Component APIM ### Version 3.2.0 ### Environment Details (with versions) _No response_ ### Relevant Log Output _No response_ ### Related Issues _No response_ ### Suggested Labels _No response_