When an ingress is configured with an HTTP listener, applications must send an HTTP Host header with the configured (or default) hostname for the backend service in order for the request to be correctly routed. This is documented on the Hosts of the ingress gateway config entry.
Hosts(array<string>: <optional>) - A list of hosts that specify what requests will match this service. This cannot be used with a tcp listener, and cannot be specified alongside a * service name. If not specified, the default domain .ingress.* will be used to match services. Requests must send the correct host to be routed to the defined service.
Given the configuration you provided, you would need to use the following curl command to reach your backend service.
Thanks @blake . Your suggestions worked and I was able to CURL ingress controller using IP and host header as you suggested.
The example on learning site here suggests to set counting service url property using IP resolved by DNS query to "counting.ingress.dc1.consul". Based on what you are suggesting, the steps in the learning site are not accurate/correct.
Also, is envoy dependent on service name/id coming from host header or <service>.ingress.<domain> for all traffic? Is there any path based routing to avoid this requirement for applications outside mesh wanting to consume services hosted in a mesh?