Rate Limit blocking multiple IPs even if the limit is not reached

So, I was playing with the Rate Limit middleware to figure the best values for it. And, I configured the middleware to look for IP in the X-Forwarded-For header. I just bombarded the server with thousands of requests via BlazeMeter, which has, let say, IP1. And then I was trying to reach the server with my local machine which has IP2. But I was getting 429 most of the time on my local machine. I don't know what I did wrong or if this is the expected behavior.

Server Setup

ALB --> Traefik --> Nodejs

Note: Traefik does receive the user's IP in the X-Forwarded-For header.

Middleware config

        request-limit:
            rateLimit:
                average: 100
                burst: 50
                period: 1s
                sourceCriterion:
                    requestHost: true
                    ipStrategy:
                        depth: 1

This thing bugging me for a few days. Any help would be appreciated.

Are you sure you are using the correct depth?

Yes, ALB attaches the client's ip in the header like X-Forwarded-For: client_ip and this is what traefik receives.

And, I guess depth: 1 is appropriate for this header value.

Thought I'd ask, as it seems like this would be the expected behavior if the wrong depth was being used.

I saw that you have requestHost: true that might be overriding the ipStrategy

Edit: Nope it shouldn't FTFM:

The precedence order is ipStrategy , then requestHeaderName , then requestHost .

At first, I also thought that the depth was the issue. Then I logged the headers in traefik but everything seems fine.

This issue making my head spin. If this issue continues i might be not able to use rate-limit for the time being, which i absolutely don't want to.

BTW, Thanks for your help.