You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/network-watcher/connection-monitor.md
+64-51Lines changed: 64 additions & 51 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,41 +1,39 @@
1
1
---
2
-
title: Tutorial - Monitor network communication using the Azure portal
3
-
description: In this tutorial, learn how to monitor network communication between two virtual machines with Azure Network Watcher's connection monitor capability.
2
+
title: 'Tutorial: Monitor network communication between two virtual machines using the Azure portal'
3
+
description: In this tutorial, you learn how to monitor network communication between two virtual machines with Azure Network Watcher's connection monitor capability.
4
4
services: network-watcher
5
-
documentationcenter: na
6
5
author: damendo
7
-
editor: ''
8
6
tags: azure-resource-manager
9
-
# Customer intent: I need to monitor communication between a VM and another VM. If the communication fails, I need to know why, so that I can resolve the problem.
10
-
11
7
ms.service: network-watcher
12
8
ms.topic: tutorial
13
-
ms.tgt_pltfrm: na
14
-
ms.workload: infrastructure-services
15
-
ms.date: 01/04/2021
9
+
ms.workload: infrastructure-services
10
+
ms.date: 10/17/2022
16
11
ms.author: damendo
17
12
ms.custom: mvc
13
+
# Customer intent: I need to monitor communication between a VM and another VM. If the communication fails, I need to know why, so that I can resolve the problem.
18
14
---
19
15
20
16
# Tutorial: Monitor network communication between two virtual machines using the Azure portal
21
17
22
18
> [!NOTE]
23
-
> This tutorial cover Connection Monitor (classic). Try the new and improved [Connection Monitor](connection-monitor-overview.md) to experience enhanced connectivity monitoring
19
+
> This tutorial covers Connection Monitor (classic). Try the new and improved [Connection Monitor](connection-monitor-overview.md) to experience enhanced connectivity monitoring.
24
20
25
21
> [!IMPORTANT]
26
22
> Starting 1 July 2021, you will not be able to add new connection monitors in Connection Monitor (classic) but you can continue to use existing connection monitors created prior to 1 July 2021. To minimize service disruption to your current workloads, [migrate from Connection Monitor (classic) to the new Connection Monitor](migrate-to-connection-monitor-from-connection-monitor-classic.md) in Azure Network Watcher before 29 February 2024.
27
23
28
-
Successful communication between a virtual machine (VM) and an endpoint such as another VM, can be critical for your organization. Sometimes, configuration changes are introduced which can break communication. In this tutorial, you learn how to:
24
+
Successful communication between a virtual machine (VM) and an endpoint such as another VM, can be critical for your organization. Sometimes, configuration changes break communication. In this tutorial, you learn how to:
29
25
30
26
> [!div class="checklist"]
31
27
> * Create two VMs
32
-
> * Monitor communication between VMs with the connection monitor capability of Network Watcher
28
+
> * Monitor communication between VMs with the Connection Monitor capability of Network Watcher
33
29
> * Generate alerts on Connection Monitor metrics
34
30
> * Diagnose a communication problem between two VMs, and learn how you can resolve it
35
31
36
32
If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
37
33
34
+
## Prerequisites
38
35
36
+
- An Azure subscription
39
37
40
38
## Sign in to Azure
41
39
@@ -47,58 +45,73 @@ Create two VMs.
47
45
48
46
### Create the first VM
49
47
50
-
1. Select **+ Create a resource** found on the upper, left corner of the Azure portal.
51
-
2. Select **Compute**, and then select an operating system. In this tutorial, **Windows Server 2016 Datacenter** is used.
52
-
3. Enter, or select, the following information, accept the defaults for the remaining settings, and then select **OK**:
48
+
1. In the search box at the top of the portal, enter *virtual machine*. Select **Virtual machines**.
49
+
50
+
1. In **Virtual machines**, select **+ Create** then **+ Azure virtual machine**.
51
+
52
+
1. Enter or select the following information in **Create a virtual machine**.
53
+
54
+
| Setting | Value |
55
+
| ------- | ----- |
56
+
|**Project details**||
57
+
| Subscription | Select your subscription. |
58
+
| Resource group | Select **Create new**. </br> Enter *myResourceGroup* in **Name**. </br> Select **OK**. |
| Public inbound ports | Leave the default of **Allow selected ports**. |
73
+
| Select inbound ports | Leave the default of **RDP (3389)**. |
74
+
75
+
1. Select **Advanced** tab, then select **Select an extension to install**.
53
76
54
-
|Setting|Value|
55
-
|---|---|
56
-
|Name|myVm1|
57
-
|User name| Enter a user name of your choosing.|
58
-
|Password| Enter a password of your choosing. The password must be at least 12 characters long and meet the [defined complexity requirements](../virtual-machines/windows/faq.yml?toc=%2fazure%2fnetwork-watcher%2ftoc.json#what-are-the-password-requirements-when-creating-a-vm-).|
59
-
|Subscription| Select your subscription.|
60
-
|Resource group| Select **Create new** and enter **myResourceGroup**.|
61
-
|Location| Select **East US**|
77
+
1. Enter *Network Watcher Agent for Windows* in the search box. Select **Network Watcher Agent for Windows** and then select **Next**.
62
78
63
-
4. Select a size for the VM and then select **Select**.
64
-
5. Under **Settings**, select **Extensions**. Select **Add extension**, and select **Network Watcher Agent for Windows**, as shown in the following picture:
79
+
:::image type="content" source="./media/connection-monitor/network-watcher-agent-for-windows.png" alt-text="Screenshot of installing Network Watcher Agent for Windows when creating a Windows VM.":::
1. In **Configure Network Watcher Agent for Windows Extension** page, select **Create**.
67
82
68
-
6. Under **Network Watcher Agent for Windows**, select **Create**, under **Install extension** select **OK**, and then under **Extensions**, select **OK**.
69
-
7. Accept the defaults for the remaining **Settings** and select **OK**.
70
-
8. Under **Create** of the **Summary**, select **Create** to start VM deployment.
83
+
1. In **Create a virtual machine** page, select **Review + create** and then **Create** to start VM deployment.
71
84
72
85
### Create the second VM
73
86
74
87
Complete the steps in [Create the first VM](#create-the-first-vm) again, with the following changes:
75
88
76
-
|Step|Setting|Value|
77
-
|---|---|---|
78
-
| 1 | Select a version of **Ubuntu Server**||
79
-
| 3 | Name | myVm2 |
80
-
| 3 | Authentication type | Paste your SSH public key or select **Password** and enter a password. |
81
-
| 3 | Resource group | Select **Use existing** and select **myResourceGroup**. |
82
-
| 6 | Extensions |**Network Watcher Agent for Linux**|
| Public inbound ports | Select **Allow selected ports**. |
95
+
| Select inbound ports | Select **SSH (22)**. |
96
+
| Extensions | Select **Network Watcher Agent for Linux**. |
83
97
84
98
The VM takes a few minutes to deploy. Wait for the VM to finish deploying before continuing with the remaining steps.
85
99
86
100
## Create a connection monitor
87
101
88
102
Create a connection monitor to monitor communication over TCP port 22 from *myVm1* to *myVm2*.
89
103
90
-
1. On the left side of the portal, select **All services**.
91
-
2. Start typing *network watcher* in the **Filter** box. When **Network Watcher** appears in the search results, select it.
92
-
3. Under **MONITORING**, select **Connection monitor**.
93
-
4. Select **+ Add**.
94
-
5. Enter or select the information for the connection you want to monitor, and then select **Add**. In the example shown in the following picture, the connection monitored is from the *myVm1* VM to the *myVm2* VM over port 22:
104
+
1. In the search box at the top of the portal, enter *network watcher*. Select **Network Watcher**.
105
+
1. Under **Monitoring**, select **Connection monitor (classic)**.
106
+
1. Select **+ Add**.
107
+
1. Enter or select the information for the connection you want to monitor, and then select **Add**. In the example shown in the following picture, the connection monitored is from the *myVm1* VM to the *myVm2* VM over port 22:
95
108
96
109
| Setting | Value |
97
110
| --------- | --------- |
98
111
| Name | myVm1-myVm2(22) |
99
-
| Source||
112
+
|**Source**||
100
113
| Virtual machine | myVm1 |
101
-
| Destination||
114
+
|**Destination**||
102
115
| Select a virtual machine ||
103
116
| Virtual machine | myVm2 |
104
117
| Port | 22 |
@@ -117,22 +130,22 @@ Create a connection monitor to monitor communication over TCP port 22 from *myVm
117
130
118
131
Note the following information:
119
132
120
-
| Item | Value | Details|
121
-
| ---------| ---------|--------|
122
-
| Status | Reachable| Lets you know whether the endpoint is reachable or not.|
133
+
| Item | Value | Details |
134
+
| ---------| ---------|--------|
135
+
| Status | Reachable | Lets you know whether the endpoint is reachable or not.|
123
136
| AVG. ROUND-TRIP | Lets you know the round-trip time to make the connection, in milliseconds. Connection monitor probes the connection every 60 seconds, so you can monitor latency over time. |
124
-
| Hops | Connection monitor lets you know the hops between the two endpoints. In this example, the connection is between two VMs in the same virtual network, so there is only one hop, to the 10.0.0.5 IP address. If any existing system or custom routes, route traffic between the VMs through a VPN gateway, or network virtual appliance, for example, additional hops are listed. |
137
+
| Hops | Connection monitor lets you know the hops between the two endpoints. In this example, the connection is between two VMs in the same virtual network, so there's only one hop, to the 10.0.0.5 IP address. If any existing system or custom routes, route traffic between the VMs through a VPN gateway, or network virtual appliance, for example, additional hops are listed. |
125
138
| STATUS | The green check marks for each endpoint let you know that each endpoint is healthy. ||
126
139
127
140
## Generate alerts
128
141
129
142
Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals. A generated alert can automatically run one or more actions, such as to notify someone or start another process. When setting an alert rule, the resource that you target determines the list of available metrics that you can use to generate alerts.
130
143
131
144
1. In Azure portal, select the **Monitor** service, and then select **Alerts** > **New alert rule**.
132
-
2.Click**Select target**, and then select the resources that you want to target. Select the **Subscription**, and set the **Resource type** to filter down to the Connection Monitor that you want to use.
145
+
2.Select**Select target**, and then select the resources that you want to target. Select the **Subscription**, and set the **Resource type** to filter down to the Connection Monitor that you want to use.
133
146
134
147
135
-
1. Once you have selected a resource to target, select **Add criteria**. The Network Watcher has [metrics on which you can create alerts](../azure-monitor/alerts/alerts-metric-near-real-time.md#metrics-and-dimensions-supported). Set **Available signals** to the metrics ProbesFailedPercent and AverageRoundtripMs:
148
+
1. Once you've selected a resource to target, select **Add criteria**. The Network Watcher has [metrics on which you can create alerts](../azure-monitor/alerts/alerts-metric-near-real-time.md#metrics-and-dimensions-supported). Set **Available signals** to the metrics ProbesFailedPercent and AverageRoundtripMs:
136
149
137
150
138
151
1. Fill out the alert details like alert rule name, description, and severity. You can also add an action group to the alert to automate and customize the alert response.
@@ -145,9 +158,9 @@ By default, Azure allows communication over all ports between VMs in the same vi
145
158
2. Select the **myVm2-nsg** network security group.
146
159
3. Select **Inbound security rules**, and then select **Add**, as shown in the following picture:
:::image type="content" source="./media/connection-monitor/inbound-security-rules-inline.png" alt-text="Screenshot of Inbound security rules." lightbox="./media/connection-monitor/inbound-security-rules-expanded.png":::
149
162
150
-
4. The default rule that allows communication between all VMs in a virtual network is the rule named **AllowVnetInBound**. Create a rule with a higher priority (lower number) than the **AllowVnetInBound** rule that denies inbound communication over port 22. Select, or enter, the following information, accept the remaining defaults, and then select **Add**:
163
+
4. The default rule that allows communication between all VMs in a virtual network is the rule named **AllowVnetInBound**. Create a rule with a higher priority (lower number) than the **AllowVnetInBound** rule that denies inbound communication over port 22. Select, or enter, the following information, accept the remaining defaults, and then select **+ Add**:
0 commit comments