Diagnosing network connectivity and performance issues in the cloud can be a challenge as your network evolves in complexity. We are pleased to announce the preview of a new feature to check network connectivity in a variety of scenarios when using VM.
The Azure Network Watcher Connectivity Check feature helps to drastically reduce the amount of time needed to find and detect connectivity issues in the infrastructure. The results returned can provide valuable insights to whether a connectivity issue is due to a platform or a potential user configuration. Network Watcher Connectivity Check can be used from the Azure portal, using PowerShell, Azure CLI, and REST API.
Connectivity Check is supported in a variety of scenarios – VM to a VM, VM to an external endpoint, and VM to an on-premise endpoint. Leveraging a common and typical network topology, the example below illustrates how Connectivity Check can help resolve network reachability issues using the Azure portal. There is a VNet hosting a multi-tier web application and four subnets, amongst which are an application subnet and a database subnet.
Figure 1 – Multi-tier web application
On the Azure portal, navigate to Azure Network Watcher and under Network Diagnostic Tools click on Connectivity Check. Once there, you can specify the Source and Destination VM and click the “Check” button to begin the connectivity check.
A status indicating reachable or unreachable is returned once the connectivity check completes. The number of hops, the minimum, average and maximum latency to reach the destination are also returned.
Figure 2 – Connectivity Check – access from portal
In this example, a connectivity check was done from the VM running the application tier to the VM running the database tier. The status is returned as unreachable, and it’s important to note, one of the hops indicated a red status. Clicking on the hop indicates the presence of an NSG rule that is blocking all traffic, thereby blocking end-to-end connectivity.
Figure 3 – Unreachable status
The NSG rule configuration error was rectified and a connectivity check was repeated as illustrated below, where the results now indicate an end-to-end connectivity. The network latency between source and destination, along with hop information is also provided.
Figure 4 – Reachable status
The destination for Connectivity Check can be an IP address, an FQDN, or an ARM URI.
We believe the Connectivity Check feature will give you deeper insights to network performance in Azure. We welcome you to reach out, as your feedback from using Network Watcher is crucial to help steer the product development and eco system growth.