AWSEKS - Non Istio mesh Pod to pod connection issue after installing Istio 1.13.0

Question

In kubernetes (AWS EKS) v1.20 have a default namespace with two pods, connected with a service type loadbalancer (CLB). Requesting the uri to the CLB worked fine and routed to either of the pods as required.

Post installation of 1.13.0 of Istio with istio-injection=enabled label set on a different namespace, the communication of the non-istio pods with no sidecar injection doesnt seem to work.

What I mean by doesnt work: (below 3 scenarios always worked without istio)

1. curl requests sent to https://default-nspods/apicall always worked with the non-istio pods. i.e., the CLB always forwarded requests to to the 2 pods as required.
2. curl request after logging into the pod1 to pod2s IP worked and vice versa.
3. curl request to pod2 uri from the Node1 of pod1 worked and vice versa. Post

Post installation, 2 and 3 doesnt work. The CLB also has trouble reading the nodeport of the pods at times.

Ive checked istioctl proxy-config endpoints and checked the deployments where the sidecar injection is enabled, the output doesnt show any other non mesh service/pod details.

• Istio Version: 1.13.0
• Ingress Gateway: Enabled (Loadbalancer mode)
• Egress Gateway: Disabled
• No addons like Kiali, Prometheus
• Istio Operator based installation with modified yaml values.
• Single cluster installation i.e., ISTIO_MESH_ROUTER_MODE='standard'

Istio pods, envoy sidecars, proxy-config dont show any errors.

Am kind of stuck, please let me know if I need to check kube-proxy, ip-tables or some where else.

Ive uninstalled istio using the "istioctl x uninstall --purge" option and re-installed , but the non-mesh pods seem to be not working now with Istio installed or not.

Istio pods and Istio injection namespace pods dont have issues.