The use case scenario here is that the private DNS resolves an internal IP acting as the default gateway of an API Manager - APIM.
In front of APIM, there is an Application Gateway with a backend pool targeting the private DNS.
I can see that the backend health status is unknown, and it might be related to the FQDN - associated with an internal Ip, not being resolved, but how can I make sure that it is the actual problem?
You can try either of the following ways to make sure Private DNS zone is resolving a given private IP.
Workaround 1:
- Create an Azure VNet with a DNS private zone like private.test.com.
- Create a VM and a VPN gateway on that VNet. Enable VNet integration.
- with my Azure web app service.
Workaround 2:
- Deploy new Azure Private DNS Zones in your Azure environment part of private endpoint deployment. (Default option)
- Use existing Azure Private DNS Zones. Use this option if you using a private endpoint in a hub-and-spoke model from a different subscription or even within the same subscription.
- Use your own DNS Servers if you do not use DNS forwarders and instead you manage A records directly in your on-premises DNS servers.
Reference: Azure DNS zone record not resolving to specified IP from App service to Virtual Machine - Stack Overflow and Configure DNS Name Resolution for private endpoints - Azure Purview | Microsoft Docs