Share via

App GW IP exhaust issue

Kumar, Jitendra 0 Reputation points
2026-05-04T11:28:32.6266667+00:00

We have a dedicated /27 subnet for application gateway. We have already build 8 App Gateways in this. Ea h App GW has 1 front end IP, min instance count :1 and max instance count: 2

When we are trying to provision 9th App Gateway then we are facing IP exhaust issue. As per my calculation we must have 3 more IPs but then after we are getting this error. How can i resolve this error? How can i find out under which App GW more than 3 IPs are being used?

Azure Application Gateway
Azure Application Gateway

An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.

0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kumar, Jitendra 0 Reputation points
    2026-05-06T07:58:18.35+00:00

    Thanks again for providing the best possible answers.

    I would like to share an update from my testing. I ran my workflow by selecting a static frontend IP, and the deployment was successful. During troubleshooting, I discovered that there were 3 hidden IPs in the subnet.

    I also found that App Gateway instance IPs are not assigned sequentially; instead, they are allocated randomly. Because of this behavior, those 3 IPs appeared hidden within the subnet.

    Now, I have successfully provisioned my 9th Application Gateway, and it is working correctly as per the expected calculations.

    The reason for the previous failures was that I was assigning a static frontend IP from the subnet that was already being utilized internally by one of the App Gateway instances. As a result, I had to rerun the workflow around 10–12 times using different frontend IPs from the subnet before achieving success.

    Since NICs are not directly visible or involved in the case of Application Gateway, there should ideally be some mechanism to identify which IPs are already utilized internally and which are free for frontend assignment.

    I hope Microsoft or any senior solution architect can provide guidance on this issue so that such deployment challenges can be avoided in the future.

    Was this answer helpful?

    0 comments
  2. Alex Burlachenko 21,805 Reputation points MVP Volunteer Moderator
    2026-05-05T15:08:10.2033333+00:00

    Kumar, Jitendra hi & thx for join me here at Q&A portal,

    so.......... /27 math looks ok on paper but App Gateway needs hidden scale/upgrade IPs, use bigger subnet.... I guess /27 is too tight for 8 App Gateways already. Azure reserves 5 IPs in every subnet, so /27 gives u 32 total minus 5 = 27 usable IPs. App Gateway v2 can consume more than just 1 frontend IP. it needs private instance IPs, frontend IPs if private, scaling headroom up to max instance count, plus upgrade/maintenance headroom. with 8 gateways and max count 2, u are already near practical exhaustion. the fix is not finding “3 missing IPs”, its using a bigger dedicated subnet, ideally /24 for App Gateway v2 if u expect growth. to see usage, check subnet effective IP usage in portal or list NIC/IP configs tied to the subnet with Resource Graph / CLI, but App Gateway reserved instance IPs are not always obvious like normal NICs. practical move: create new larger subnet, deploy new App Gateways there or recreate/migrate gradually. u usually cant just shrink/expand subnet if address space around it is not free.

    rgds, Alex

    & 

    if my answer helps pls accept it.

    Was this answer helpful?

    0 comments
  3. Ravi Varma Mudduluru 11,960 Reputation points Microsoft External Staff Moderator
    2026-05-04T14:29:41.47+00:00

    Hello @Kumar, Jitendra,

    Thank you for reaching out to Microsoft Q&A.

    I understand you're hitting an IP exhaustion error while trying to deploy the 9th Application Gateway in your dedicated /27 subnet.

    This is a common issue with Application Gateway v2 when using autoscaling. Even though each gateway is currently running with the minimum instance count of 1, Azure reserves IP addresses based on the maximum instance count you have configured (in your case, 2), plus one IP for the frontend configuration.

    Quick Breakdown:

    • A /27 subnet gives you 27 usable IPs (32 total minus 5 reserved by Azure).
    • Each Application Gateway reserves: 1 frontend IP + Max instance count.
    • With 8 gateways: 8 × (1 + 2) = 24 IPs already reserved for the gateways.

    This leaves very little room for the 9th gateway, which is why you're seeing the error.

    Recommended Solutions:

    1. Best Long-term Option – Use a larger subnet Move (or create new gateways) in a bigger dedicated subnet, such as /26 or ideally /24. Microsoft recommends /24 for production workloads with autoscaling.
    2. Short-term Option – Reduce Maximum instances Review your existing gateways and lower the Maximum instance count (e.g., to 1 or 2 only where really needed). This immediately frees up reserved IPs.

    3. Check Current Usage You can quickly see the configuration of all your gateways using this CLI command:

    az network application-gateway list --query "[].{Name:name, ResourceGroup:resourceGroup, MinScale:properties.autoscaleConfiguration.minCapacity, MaxScale:properties.autoscaleConfiguration.maxCapacity}" -o table

    Reference:

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.