Merge pull request #214145 from MicrosoftDocs/fix-network-watcher

[ASK MODE] Reverting Network Watcher

Author: SyntaxC4

articles/network-watcher/media/network-watcher-connectivity-portal/network-watcher-graph-view.png

@@ -2,60 +2,22 @@
 title: Introduction to Azure Network Watcher Connection Troubleshoot | Microsoft Docs
 description: This page provides an overview of the Network Watcher connection troubleshooting capability
 services: network-watcher
-author: shijaiswal
+documentationcenter: na
+author: damendo
 ms.service: network-watcher
 ms.topic: article
 ms.tgt_pltfrm: na
-ms.custom: ignite-2022
 ms.workload:  infrastructure-services
-ms.date: 10/12/2022
-ms.author: shijaiswal
+ms.date: 07/11/2017
+ms.author: damendo
 ---
 
 # Introduction to connection troubleshoot in Azure Network Watcher
 
-With the increase in sophisticated and high-performance workloads into Azure, there's a critical need for increased visibility and control over the operational state of complex networks running these workloads. With limited visibility, diagnosis of issues such as connectivity issues becomes difficult as there is minimum control.  
-
-The Connection troubleshoot feature of Network Watcher provides the capability to check a direct TCP connection from a virtual machine to a virtual machine (VM), fully qualified domain name (FQDN), URI, or IPv4 address. Network scenarios are complex, they're implemented using network security groups, firewalls, user-defined routes, and resources provided by Azure. Complex configurations make troubleshooting connectivity issues challenging. Network Watcher helps reduce the amount of time to find and detect connectivity issues. The results returned can provide insights into whether a connectivity issue is due to a platform or a user configuration issue. Connectivity can be checked with the [Azure portal](network-watcher-connectivity-portal.md), [PowerShell](network-watcher-connectivity-powershell.md), [Azure CLI](network-watcher-connectivity-cli.md), and [REST API](network-watcher-connectivity-rest.md).
-
-The current capabilities of Connection troubleshoot entail the following:
-- Check connectivity between source (VM) and destination (VM, URI, FQDN, IP Address).
-- Identify configuration issues that impact reachability.
-- Provide all possible hop by hop paths from the source to destination.
-- Hop by hop latency.
-- Latency - minimum, maximum, and average between source and destination.
-- A topology (graphical) view from your source to destination.
-- Number of packets dropped during the connection troubleshoot check.
-
-:::image type="content" source="./media/network-watcher-connectivity-portal/network-watcher-graph-view.png" alt-text="Screenshot of graph view of Connection troubleshoot capabilities.":::
-
-Connection troubleshoot can detect the following types of issues that can impact connectivity:
-
-- High VM CPU utilization
-- High VM memory utilization
-- Virtual machine (guest) firewall rules blocking traffic
-- DNS resolution failures
-- Misconfigured or missing routes
-- NSG rules that are blocking traffic
-- Inability to open a socket at the specified source port
-- Missing address resolution protocol entries for Azure Express Route circuits
-- No servers listening on designated destination ports
-
-Microsoft Azure Network Watcher provides numerous specialized standalone tools to diagnose and troubleshoot connectivity cases such as 
-- *[IP Flow Verify](network-watcher-ip-flow-verify-overview.md)* to detect blocked traffic due to NSG rules restriction.
-- *[Next Hop](network-watcher-next-hop-overview.md)* to determine intended traffic as per the rules of the effective route.
-- *Port Scanner* to determine any port that is blocking traffic.
-However, there was no mechanism to perform all the connectivity checks in a single location.
-
-The enhanced Connection troubleshoot feature brings all the above functionality in one place as a comprehensive method of performing all major checks, specifically issues pertaining to NSG, UDR, and blocked ports and reduces the Mean Time To Resolution (MTTR). It also provides actionable insights where a step-by-step guide or corresponding documentation is provided for faster resolution. 
+The connection troubleshoot feature of Network Watcher provides the capability to check a direct TCP connection from a virtual machine to a virtual machine (VM), fully qualified domain name (FQDN), URI, or IPv4 address. Network scenarios are complex, they are implemented using network security groups, firewalls, user-defined routes, and resources provided by Azure. Complex configurations make troubleshooting connectivity issues challenging. Network Watcher helps reduce the amount of time to find and detect connectivity issues. The results returned can provide insights into whether a connectivity issue is due to a platform or a user configuration issue. Connectivity can be checked with [PowerShell](network-watcher-connectivity-powershell.md), [Azure CLI](network-watcher-connectivity-cli.md), and [REST API](network-watcher-connectivity-rest.md).
 
 > [!IMPORTANT]
-> 
-> Ensure that the `AzureNetworkWatcherExtension` VM extension is installed on the VM that you troubleshoot from.
-> - To install the extension on a Windows VM, see [Azure Network Watcher Agent virtual machine extension for Windows](../virtual-machines/extensions/network-watcher-windows.md?toc=%2fazure%2fnetwork-watcher%2ftoc.json)
-> - To install the extension on a Linux VM, see [Azure Network Watcher Agent virtual machine extension for Linux](../virtual-machines/extensions/network-watcher-linux.md?toc=%2fazure%2fnetwork-watcher%2ftoc.json). 
-> 
-> The extension isn't required on the destination endpoint.
+> Connection troubleshoot requires that the VM you troubleshoot from has the `AzureNetworkWatcherExtension` VM extension installed. For installing the extension on a Windows VM visit [Azure Network Watcher Agent virtual machine extension for Windows](../virtual-machines/extensions/network-watcher-windows.md?toc=%2fazure%2fnetwork-watcher%2ftoc.json) and for Linux VM visit [Azure Network Watcher Agent virtual machine extension for Linux](../virtual-machines/extensions/network-watcher-linux.md?toc=%2fazure%2fnetwork-watcher%2ftoc.json). The extension is not required on the destination endpoint.
 
 ## Response
 
@@ -64,16 +26,16 @@ The following table shows the properties returned when connection troubleshoot h
 |Property  |Description  |
 |---------|---------|
 |ConnectionStatus     | The status of the connectivity check. Possible results are **Reachable** and **Unreachable**.        |
-|AvgLatencyInMs     | Average latency during the connectivity check, in milliseconds. (Only shown if check status is reachable)        |
-|MinLatencyInMs     | Minimum latency during the connectivity check, in milliseconds. (Only shown if check status is reachable)        |
-|MaxLatencyInMs     | Maximum latency during the connectivity check, in milliseconds. (Only shown if check status is reachable)        |
+|AvgLatencyInMs     | Average latency during the connectivity check in milliseconds. (Only shown if check status is reachable)        |
+|MinLatencyInMs     | Minimum latency during the connectivity check in milliseconds. (Only shown if check status is reachable)        |
+|MaxLatencyInMs     | Maximum latency during the connectivity check in milliseconds. (Only shown if check status is reachable)        |
 |ProbesSent     | Number of probes sent during the check. Max value is 100.        |
 |ProbesFailed     | Number of probes that failed during the check. Max value is 100.        |
 |Hops     | Hop by hop path from source to destination.        |
 |Hops[].Type     | Type of resource. Possible values are **Source**, **VirtualAppliance**, **VnetLocal**, and **Internet**.        |
 |Hops[].Id | Unique identifier of the hop.|
 |Hops[].Address | IP address of the hop.|
-|Hops[].ResourceId | ResourceID of the hop if the hop is an Azure resource. If it's an internet resource, ResourceID is **Internet**. |
+|Hops[].ResourceId | ResourceID of the hop if the hop is an Azure resource. If it is an internet resource, ResourceID is **Internet**. |
 |Hops[].NextHopIds | The unique identifier of the next hop taken.|
 |Hops[].Issues | A collection of issues that were encountered during the check at that hop. If there were no issues, the value is blank.|
 |Hops[].Issues[].Origin | At the current hop, where issue occurred. Possible values are:<br/> **Inbound** - Issue is on the link from the previous hop to the current hop<br/>**Outbound** - Issue is on the link from the current hop to the next hop<br/>**Local** - Issue is on the current hop.|
@@ -83,7 +45,7 @@ The following table shows the properties returned when connection troubleshoot h
 |Hops[].Issues[].Context[].key |Key of the key value pair returned.|
 |Hops[].Issues[].Context[].value |Value of the key value pair returned.|
 
-The following is an example of an issue found on a Hop.
+The following is an example of an issue found on a hop.
 
 ```json
 "Issues": [
@@ -102,7 +64,7 @@ The following is an example of an issue found on a Hop.
 ```
 ## Fault types
 
-The Connection troubleshoot feature returns fault types about the connection. The following table lists the current fault types returned.
+Connection troubleshoot returns fault types about the connection. The following table provides a list of the current fault types returned.
 
 |Type  |Description  |
 |---------|---------|
@@ -115,4 +77,4 @@ The Connection troubleshoot feature returns fault types about the connection. Th
 
 ### Next steps
 
-Learn how to troubleshoot connections using the [Azure portal](network-watcher-connectivity-portal.md), [PowerShell](network-watcher-connectivity-powershell.md), the [Azure CLI](network-watcher-connectivity-cli.md), or [REST API](network-watcher-connectivity-rest.md).
+Learn how to troubleshoot connections using the [Azure portal](network-watcher-connectivity-portal.md), [PowerShell](network-watcher-connectivity-powershell.md), the [Azure CLI](network-watcher-connectivity-cli.md), or [REST API](network-watcher-connectivity-rest.md).

articles/network-watcher/media/network-watcher-connectivity-portal/network-watcher-next-steps.png

@@ -3,83 +3,57 @@ title: Troubleshoot connections - Azure portal
 titleSuffix: Azure Network Watcher
 description: Learn how to use the connection troubleshoot capability of Azure Network Watcher using the Azure portal.
 services: network-watcher
-author: shijaiswal
+documentationcenter: na
+author: damendo
 ms.service: network-watcher
 ms.topic: troubleshooting
+ms.tgt_pltfrm: na
 ms.workload:  infrastructure-services
-ms.custom: ignite-2022
-ms.date: 10/12/2022
-ms.author: shijaiswal
+ms.date: 01/04/2021
+ms.author: damendo
 ---
 
 # Troubleshoot connections with Azure Network Watcher using the Azure portal
 
-This article describes the procedure to use Connection troubleshoot to verify whether a direct connection from a virtual machine to a destination can be established. 
+> [!div class="op_single_selector"]
+> - [Portal](network-watcher-connectivity-portal.md)
+> - [PowerShell](network-watcher-connectivity-powershell.md)
+> - [Azure CLI](network-watcher-connectivity-cli.md)
+> - [Azure REST API](network-watcher-connectivity-rest.md)
 
-## Prerequisites
+Learn how to use connection troubleshoot to verify whether a direct TCP connection from a virtual machine to a given endpoint can be established.
 
-Ensure that you have the following:
+## Before you begin
+
+This article assumes you have the following resources:
 
 * An instance of Network Watcher in the region you want to troubleshoot a connection.
 * Virtual machines to troubleshoot connections with.
 
 > [!IMPORTANT]
-> 
-> Ensure that the `AzureNetworkWatcherExtension` VM extension is installed on the VM that you troubleshoot from.
-> - To install the extension on a Windows VM, see [Azure Network Watcher Agent virtual machine extension for Windows](../virtual-machines/extensions/network-watcher-windows.md)     
-> - To install the extension on a Linux VM, see [Azure Network Watcher Agent virtual machine extension for Linux](../virtual-machines/extensions/network-watcher-linux.md). 
-> 
-> The extension isn't required on the destination endpoint.
+> Connection troubleshoot requires that the VM you troubleshoot from has the `AzureNetworkWatcherExtension` VM extension installed. For installing the extension on a Windows VM visit [Azure Network Watcher Agent virtual machine extension for Windows](../virtual-machines/extensions/network-watcher-windows.md?toc=%2fazure%2fnetwork-watcher%2ftoc.json) and for Linux VM visit [Azure Network Watcher Agent virtual machine extension for Linux](../virtual-machines/extensions/network-watcher-linux.md?toc=%2fazure%2fnetwork-watcher%2ftoc.json). The extension is not required on the destination endpoint.
 
 ## Check connectivity to a virtual machine
 
-To check the connectivity to a destination virtual machine over port 80 follow these steps:
-
-1. In Network Watcher, select **Connection troubleshoot**. 
-2. In the **Source** section, enter the details of the virtual machine that you want to check connectivity from:
-   1. Select the **Subscription** to which the VM belongs.
-   2. Select the **Resource group** within the subscription.
-   3. Select the type of the source machine from the **Source type** drop-down. The source can be a Virtual machine, Application Gateway, or a Bastion host.
-3. In the **Destination** section,
-   1. Select the **Destination type** as **Virtual machine**.
-   2. Select the **Resource group** to which the destination machine belongs. 
-   3. The **Virtual machine** drop-down lists the virtual machines belonging to the same resource group as the source VM. Select the destination virtual machine from the drop-down list.
-4. Provide the Probe information in the **Probe Settings** section.
-   1. Select the **Preferred IP version** to be used. You can choose IPv4, IPv6, or both.
-   2. Select the probing **Protocol**. 
-      1. If you chose **TCP**, enter the value of the **Destination port**. 
-      2. Enter the value of the **Source port**. This is an optional field.
-      3. Select **Test connection**.
-      4. If you chose **ICMP**, select **Test connection**.
-
-Connection troubleshoot checks the connectivity between the virtual machines on the specified port.
-The results of the connectivity test are available in the [**Connection troubleshoot Result**](#connection-troubleshoot-result) section.
-
-:::image type="content" source="./media/network-watcher-connectivity-portal/network-watcher-tcp-selection.png" alt-text="Screenshot of Connection troubleshoot screen with values selected.":::
+This example checks connectivity to a destination virtual machine over port 80.
 
-## Check remote endpoint connectivity
+Navigate to your Network Watcher and click **Connection troubleshoot**. Select the virtual machine to check connectivity from. In the **Destination** section choose **Select a virtual machine** and choose the correct virtual machine and port to test.
 
-To check the connectivity and latency to a remote endpoint, follow these steps:
+Once you click **Check**, connectivity between the virtual machines on the port specified is checked. In the example, the destination VM is unreachable, a listing of hops are shown.
 
-1. In Network Watcher, select **Connection troubleshoot**. 
-2. In the **Source** section, enter the details of the virtual machine that you want to check connectivity from:
-   1. Select the **Subscription** to which the VM belongs.
-   2. Select the **Resource group** within the subscription.
-   3. Select the type of the source machine from the **Source type** drop-down. The source can be a Virtual machine, Application Gateway, or a Bastion host.. 
-3. Choose **Specify manually** in the **Destination type** section.
-4.  Enter the URI, FQDN, or IP address and select **Test connection**.  
+![Check connectivity results for a virtual machine][1]
 
-This method of checking connectivity is used for remote endpoints like websites and storage endpoints. The results of the connectivity test are available in the [**Connection troubleshoot Result**](#connection-troubleshoot-result) section.
+## Check remote endpoint connectivity
 
-## Connection troubleshoot result
+To check the connectivity and latency to a remote endpoint, choose the **Specify manually** radio button in the **Destination** section, input the url and the port and click **Check**.  This is used for remote endpoints like websites and storage endpoints.
 
-This section provides actionable insights with a step-by-step guide to resolve issues. It also shows the status of the connection and provides details such as latency, hops, details of tests performed, their status, and the steps to mitigate the issues.
+![Check connectivity results for a web site][2]
 
-For each test with a *Failed* or *Warning* status, the **Connection troubleshoot Result** table provides links to specific articles in the documentation to assist the users in resolving issues.  
+## Next steps
 
-:::image type="content" source="./media/network-watcher-connectivity-portal/network-watcher-unsuccessful.png" alt-text="Screenshot of Results table for unsuccessful connection.":::
+Learn how to automate packet captures with Virtual machine alerts by viewing [Create an alert triggered packet capture](network-watcher-alert-triggered-packet-capture.md)
 
-## Next steps
+Find if certain traffic is allowed in or out of your VM by visiting [Check IP flow verify](diagnose-vm-network-traffic-filtering-problem.md)
 
-- Automate packet captures with Virtual machine alerts using [Create an alert triggered packet capture](network-watcher-alert-triggered-packet-capture.md).
-- Check the type of traffic that is allowed in or out of your VM using [Check IP flow verify](diagnose-vm-network-traffic-filtering-problem.md).
+[1]: ./media/network-watcher-connectivity-portal/figure1.png
+[2]: ./media/network-watcher-connectivity-portal/figure2.png