Hello @AmitJaiswal-8743,
I am a colleague of @MuthuKumaranMurugaachari-MSFT and I am just replying to your follow-up query here.
And these 2 private ips are not matching with the private ip shown in Azure portal--App gateway.
my app gateway is Manual scaling with only 1 instance configured. so there should be only 1 private ip in use, which is visible in Azure Portal..
Where are these 2 ips coming from ?
Just to make sure that I have understood your question correctly and if I am not wrong you are talking about the Frontend private IP address
for Application Gateway on the portal as shown below.
If my understanding is correct here, then the observation above is expected. This actually due to how private IPs are used and assigned by an Application Gateway.
When an application gateway is deployed in a VNET it requires a dedicated subnet. From this subnet one private IP is assigned as Frontend private IP address
and rest (apart from 5 IP addresses reserved by Azure) are used by Application Gateway instances when they scale. This information is currently documented here.
When an Application Gateway receives a request on its Frontend private IP address
it routes the request to the backend server by using its instance private IP addresses. The 2 IPs that you observed above which did not match the Frontend private IP address
should be from your Application Gateway's subnet which were used by its instance to communicate with the backend resource. The request flow will in the following manner.
--(Frontend private IP address)AzureAppGateway(private IP of the instance)----(privateip)AzureAPIM(privateip)-
Although you have Manual scaling setup with only one instance it is likely the private IP of the instance was changed when it scaled or due to any other update, but the instance count will not go beyond 1 in this case.
Hope this answers your question! Please let me know if you have any additional questions or concerns. Thank you!