Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into ip-telemetry

Author: halkazwini

articles/cloud-shell/vnet/overview.md

@@ -1,7 +1,6 @@
 ---
 description: This article describes a scenario for using Azure Cloud Shell in a private virtual network.
-ms.contributor: jahelmic
-ms.date: 04/22/2024
+ms.date: 10/23/2024
 ms.topic: conceptual
 title: Use Cloud Shell in an Azure virtual network
 ---
@@ -12,7 +11,7 @@ By default, Azure Cloud Shell sessions run in a container in a Microsoft network
 from your resources. Commands that run inside the container can't access resources in a private
 virtual network. For example, you can't use Secure Shell (SSH) to connect from Cloud Shell to a
 virtual machine that has only a private IP address, or use `kubectl` to connect to a Kubernetes
-cluster that has locked down access.
+cluster with locked-down access.
 
 To provide access to your private resources, you can deploy Cloud Shell into an Azure virtual
 network that you control. This technique is called _virtual network isolation_.
@@ -29,15 +28,15 @@ Deploying Cloud Shell in a private virtual network offers these benefits:
 ## Things to consider before deploying Azure Cloud Shell in a virtual network
 
 - Starting Cloud Shell in a virtual network is typically slower than a standard Cloud Shell session.
-- Virtual network isolation requires you to use [Azure Relay][01], which is a paid service. In the
+- Virtual network isolation requires you to use [Azure Relay][02], which is a paid service. In the
   Cloud Shell scenario, one hybrid connection is used for each administrator while they're using
   Cloud Shell. The connection is automatically closed when the Cloud Shell session ends.
 
 ## Architecture
 
 The following diagram shows the resource architecture that you must build to enable this scenario.
 
-![Illustration of a Cloud Shell isolated virtual network architecture.][03]
+![Illustration of a Cloud Shell isolated virtual network architecture.][04]
 
 - **Customer client network**: Client users can be located anywhere on the internet to securely
   access and authenticate to the Azure portal and use Cloud Shell to manage resources contained in
@@ -48,20 +47,26 @@ The following diagram shows the resource architecture that you must build to ena
 - **Customer virtual network**: This is the network that contains the subnets to support virtual
   network isolation. Resources such as virtual machines and services are directly accessible from
   Cloud Shell without the need to assign a public IP address.
-- **Azure Relay**: [Azure Relay][01] allows two endpoints that aren't directly reachable to
+- **Azure Relay**: [Azure Relay][02] allows two endpoints that aren't directly reachable to
   communicate. In this case, it's used to allow the administrator's browser to communicate with the
   container in the private network.
 - **File share**: Cloud Shell requires a storage account that's accessible from the virtual network.
   The storage account provides the file share used by Cloud Shell users.
 
-## Related links
+## Pricing
 
 Cloud Shell requires a new or existing Azure Files share to be mounted to persist files across
-sessions. Storage incurs regular costs. If you have deployed Azure Cloud Shell in a private virtual
+sessions. Storage incurs regular costs. When you deploy Azure Cloud Shell in a private virtual
 network, you pay for network resources. For pricing information, see
-[Pricing of Azure Cloud Shell][02].
+[Pricing of Azure Cloud Shell][01].
+
+## Next steps
+
+When you're ready to deploy your own instance of Cloud Shell, see
+[Deploy Azure Cloud Shell in a virtual network with quickstart templates][03].
 
 <!-- link references -->
-[01]: /azure/azure-relay/relay-what-is-it
-[02]: ../pricing.md
-[03]: media/overview/data-diagram.png
+[01]: ../pricing.md
+[02]: /azure/azure-relay/relay-what-is-it
+[03]: deployment.md
+[04]: media/overview/data-diagram.png

articles/cloud-shell/vnet/troubleshooting.md

@@ -3,7 +3,7 @@ description: >
   This article provides instructions for troubleshooting a private virtual network deployment of
   Azure Cloud Shell.
 ms.contributor: jahelmic
-ms.date: 10/26/2023
+ms.date: 10/23/2024
 ms.topic: troubleshooting
 title: Troubleshoot Azure Cloud Shell in a private virtual network
 ---
@@ -13,7 +13,7 @@ This article provides instructions for troubleshooting a private virtual network
 Cloud Shell. For best results, and to be supportable, following the deployment instructions in the
 [Deploy Azure Cloud Shell in a virtual network using quickstart templates][03] article.
 
-## Verify you have set the correct permissions
+## Verify you have the correct permissions
 
 To configure Azure Cloud Shell in a virtual network, you must have the **Owner** role assignment on
 the subscription. To view and assign roles, see [List owners of a subscription][01].
@@ -79,28 +79,13 @@ permissions for your subscription:
 
    [![Screenshot showing the network relay role assignments.][ss04a]][ss04x]
 
-## Redeploy Cloud Shell for a private virtual network
+## When all else fails
 
 Verify the configurations described in this article. If you continue receive an error message when
 you try to use your deployment of Cloud Shell, you have two options:
 
-1. Open a support ticket
 1. Redeploy Cloud Shell for a private virtual network
-
-### Open a support ticket
-
-If you want to open a support ticket, you can do so from the Azure portal. Be sure to capture any
-error messages, including the **Correlation Id** and **Activity Id** values. Don't change any
-settings or delete any resources until instructed to by a support technician.
-
-Follow these steps to open a support ticket:
-
-1. Select the **Support & Troubleshooting** icon on the top navigation bar in the Azure portal.
-1. From the **Support & Troubleshooting** pane, select **Help + support**.
-1. Select **Create a support request** at the top of the center pane.
-1. Follow the instructions to create a support ticket.
-
-   [![Screenshot of creating a support ticket in the Azure portal.][ss05a]][ss05x]
+1. Open a support ticket
 
 ### Redeploy Cloud Shell for a private virtual network
 
@@ -124,13 +109,28 @@ The following list provides a description of the resources created by the deploy
 - A **Relay** resource with the name of the relay namespace you provided in the deployment template.
 - A **Storage account** resource with the name you provided in the deployment template.
 
-Once you have removed the resources, you can redeploy Cloud Shell by following the steps in the
+After you remove the resources, you can redeploy Cloud Shell by following the steps in the
 [Deploy Azure Cloud Shell in a virtual network using quickstart templates][03] article.
 
 You can find these resources by viewing the resource group in the Azure portal.
 
 [![Screenshot of resources created by the deployment.][ss02a]][ss02x]
 
+### Open a support ticket
+
+If you want to open a support ticket, you can do so from the Azure portal. Be sure to capture any
+error messages, including the **Correlation Id** and **Activity Id** values. Don't change any
+settings or delete any resources until instructed to by a support technician.
+
+Follow these steps to open a support ticket:
+
+1. Select the **Support & Troubleshooting** icon on the top navigation bar in the Azure portal.
+1. From the **Support & Troubleshooting** pane, select **Help + support**.
+1. Select **Create a support request** at the top of the center pane.
+1. Follow the instructions to create a support ticket.
+
+   [![Screenshot of creating a support ticket in the Azure portal.][ss05a]][ss05x]
+
 <!-- link references -->
 [01]: /azure/role-based-access-control/role-assignments-list-portal#list-owners-of-a-subscription
 [02]: https://portal.azure.com/

articles/container-apps/quickstart-code-to-cloud.md

@@ -178,7 +178,7 @@ If the `up` command doesn't find a Dockerfile, it automatically uses Buildpacks
 ::: zone-end
 
 
-In the following code example, the `.` (dot) tells `containerapp up` to run in the `src` directory of the extracted sample API application.
+In the following code example, the `.` (dot) tells `containerapp up` to run in the current directory of the extracted sample API application.
 
 # [Bash](#tab/bash)
 

articles/internet-peering/faqs.md

@@ -6,11 +6,13 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: internet-peering
 ms.topic: faq
-ms.date: 09/20/2023
+ms.date: 10/23/2024
 ---
 
 # Internet peering frequently asked questions (FAQ)
 
+This article provides answers to some of the frequently asked questions about Internet peering.
+
 ## General
 
 ### What is the difference between Internet peering and Peering Service?
@@ -54,4 +56,3 @@ Carriers that offer SLA and enterprise-grade internet are doing so on their part
 ### If a service provider already peers with Microsoft, what kind of changes are required to support Peering Service?
 
 Peering Service partners must have an Azure subscription and manage the Peering Service connections using the Azure portal as this is where customer prefixes are registered, performance metrics are viewed, and support tickets are logged, among other features. If a provider has existing peering with Microsoft but no Azure subscription, the resources must be added to your subscription before you're able to convert these to the Peering Service configuration. During the configuration change, Microsoft changes the policy group during a hard restart of the BGP session. No configuration changes are required on the partner’s side, unless the telco partner is supporting Peering Service for voice, then BFD configuration is required. For more information, see [Azure Internet peering for Communications Services walkthrough](walkthrough-communications-services-partner.md).
-

articles/internet-peering/peering-service-partner-overview.md

@@ -5,7 +5,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: internet-peering
 ms.topic: concept-article
-ms.date: 08/18/2023
+ms.date: 10/23/2024
 ---
 
 # Azure Peering Service partner overview
@@ -47,7 +47,7 @@ In addition, Peering Service partners are able to see received routes reported i
 
 :::image type="content" source="./media/peering-service-partner-overview/peering-service-partner-latency-report.png" alt-text="Diagram showing monitoring platform for Peering Service.":::
 
-## Next steps
+## Related content
 
 - To establish a Direct interconnect for Peering Service, see [Internet peering for Peering Service walkthrough](walkthrough-peering-service-all.md).
 - To establish a Direct interconnect for Peering Service Voice, see [Internet peering for Peering Service Voice walkthrough](walkthrough-communications-services-partner.md).

articles/network-watcher/media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure6.png

@@ -6,7 +6,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: azure-network-watcher
 ms.topic: how-to
-ms.date: 09/26/2024
+ms.date: 10/23/2024
 ---
 
 # Visualize Azure Network Watcher NSG flow logs using open source tools
@@ -235,19 +235,15 @@ The sample dashboard provides several visualizations of the flow logs:
 
 5. Top 10 Source/Destination IPs – bar charts showing the top 10 source and destination IPs. You can adjust these charts to show more or less top IPs. From here, you can see the most commonly occurring IPs and the traffic decision (allow or deny) being made towards each IP.
 
-   ![Screenshot shows a sample dashboard with flows by top ten source and destination I P addresses.][6]
-
-6. Flow Tuples – this table shows you the information contained within each flow tuple, and its corresponding NGS and rule.
-
-   ![Screenshot shows flow tuples in a table.][7]
+6. Flow Tuples – a table showing the information contained within each flow tuple, and its corresponding NGS and rule.
 
 Using the query bar at the top of the dashboard, you can filter down the dashboard based on any parameter of the flows, such as subscription ID, resource groups, rule, or any other variable of interest. For more about Kibana's queries and filters, see the [official documentation](https://www.elastic.co/guide/en/beats/packetbeat/current/kibana-queries-filters.html)
 
 ## Conclusion
 
 By combining the network security group flow logs with the Elastic Stack, we have come up with powerful and customizable way to visualize our network traffic. These dashboards allow you to quickly gain and share insights about your network traffic, and filter down and investigate on any potential anomalies. Using Kibana, you can tailor these dashboards and create specific visualizations to meet any security, audit, and compliance needs.
 
-## Next steps
+## Next step
 
 Learn how to visualize your NSG flow logs with Power BI by visiting [Visualize NSG flows logs with Power BI](network-watcher-visualize-nsg-flow-logs-power-bi.md)
 
@@ -259,5 +255,3 @@ Learn how to visualize your NSG flow logs with Power BI by visiting [Visualize N
 [3]: ./media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure3.png
 [4]: ./media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure4.png
 [5]: ./media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure5.png
-[6]: ./media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure6.png
-[7]: ./media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure7.png

articles/network-watcher/media/network-watcher-visualize-nsg-flow-logs-open-source-tools/figure7.png

@@ -4,7 +4,7 @@ description: Learn about file shares hosted in Azure Files using the Server Mess
 author: khdownie
 ms.service: azure-file-storage
 ms.topic: conceptual
-ms.date: 07/08/2024
+ms.date: 10/23/2024
 ms.author: kendownie
 ms.custom: devx-track-azurepowershell
 ---
@@ -154,6 +154,34 @@ az storage account file-service-properties update \
 ```
 ---
 
+### Enable SMB Multichannel on older operating systems
+
+Support for SMB Multichannel in Azure Files requires ensuring Windows has all the relevant patches applied. Several older Windows versions, including Windows Server 2016, Windows 10 version 1607, and Windows 10 version 1507, require additional registry keys to be set for all relevant SMB Multichannel fixes to be applied on fully patched installations. If you're running a version of Windows that's newer than these three versions, no additional action is required.
+
+#### Windows Server 2016 and Windows 10 version 1607
+
+To enable all SMB Multichannel fixes for Windows Server 2016 and Windows 10 version 1607, run the following PowerShell command:
+
+```PowerShell
+Set-ItemProperty `
+    -Path "HKLM:SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides" `
+    -Name "2291605642" `
+    -Value 1 `
+    -Force
+```
+
+#### Windows 10 version 1507
+
+To enable all SMB Multichannel fixes for Windows 10 version 1507, run the following PowerShell command:
+
+```PowerShell
+Set-ItemProperty `
+    -Path "HKLM:\SYSTEM\CurrentControlSet\Services\MRxSmb\KBSwitch" `
+    -Name "{FFC376AE-A5D2-47DC-A36F-FE9A46D53D75}" `
+    -Value 1 `
+    -Force
+```
+
 ### SMB security settings
 
 Azure Files exposes settings that let you toggle the SMB protocol to be more compatible or more secure, depending on your organization's requirements. By default, Azure Files is configured to be maximally compatible, so keep in mind that restricting these settings may cause some clients not to be able to connect.

articles/network-watcher/network-watcher-visualize-nsg-flow-logs-open-source-tools.md

@@ -4,7 +4,7 @@ description: Learn to use Azure file shares with Windows and Windows Server. Use
 author: khdownie
 ms.service: azure-file-storage
 ms.topic: how-to
-ms.date: 05/13/2024
+ms.date: 10/23/2024
 ms.author: kendownie
 ms.custom: ai-video-demo
 ai-usage: ai-assisted
@@ -29,6 +29,8 @@ The steps in the video are also described in the following sections.
 
 In order to use an Azure file share via the public endpoint outside of the Azure region it's hosted in, such as on-premises or in a different Azure region, the OS must support SMB 3.x. Older versions of Windows that support only SMB 2.1 can't mount Azure file shares via the public endpoint.
 
+Azure Files supports [SMB Multichannel](files-smb-protocol.md#smb-multichannel) on premium file shares only.
+
 | Windows version | SMB version | Azure Files SMB Multichannel | Maximum SMB channel encryption |
 |-|-|-|-|
 | Windows 11, version 22H2 | SMB 3.1.1 | Yes | AES-256-GCM |
@@ -43,9 +45,9 @@ In order to use an Azure file share via the public endpoint outside of the Azure
 | Windows 10, version 2004 | SMB 3.1.1 | Yes, with KB5003690 or newer | AES-128-GCM |
 | Windows Server 2019 | SMB 3.1.1 | Yes, with KB5003703 or newer | AES-128-GCM |
 | Windows 10, version 1809 | SMB 3.1.1 | Yes, with KB5003703 or newer | AES-128-GCM |
-| Windows Server 2016 | SMB 3.1.1 | Yes, with KB5004238 or newer and [applied registry key](#windows-server-2016-and-windows-10-version-1607) | AES-128-GCM |
-| Windows 10, version 1607 | SMB 3.1.1 | Yes, with KB5004238 or newer and [applied registry key](#windows-server-2016-and-windows-10-version-1607) | AES-128-GCM |
-| Windows 10, version 1507 | SMB 3.1.1 | Yes, with KB5004249 or newer and [applied registry key](#windows-10-version-1507) | AES-128-GCM |
+| Windows Server 2016 | SMB 3.1.1 | Yes, with KB5004238 or newer and [applied registry key](files-smb-protocol.md#windows-server-2016-and-windows-10-version-1607) | AES-128-GCM |
+| Windows 10, version 1607 | SMB 3.1.1 | Yes, with KB5004238 or newer and [applied registry key](files-smb-protocol.md#windows-server-2016-and-windows-10-version-1607) | AES-128-GCM |
+| Windows 10, version 1507 | SMB 3.1.1 | Yes, with KB5004249 or newer and [applied registry key](files-smb-protocol.md#windows-10-version-1507) | AES-128-GCM |
 | Windows Server 2012 R2 | SMB 3.0 | No | AES-128-CCM |
 | Windows 8.1 | SMB 3.0 | No | AES-128-CCM |
 | Windows Server 2012 | SMB 3.0 | No | AES-128-CCM |
@@ -134,34 +136,6 @@ For Azure Government Cloud, change the servername to:
 
 `\\storageaccountname.file.core.usgovcloudapi.net\myfileshare`
 
-## Enable SMB Multichannel
-
-Support for SMB Multichannel in Azure Files requires ensuring Windows has all the relevant patches applied. Several older Windows versions, including Windows Server 2016, Windows 10 version 1607, and Windows 10 version 1507, require additional registry keys to be set for all relevant SMB Multichannel fixes to be applied on fully patched installations. If you're running a version of Windows that's newer than these three versions, no additional action is required.
-
-### Windows Server 2016 and Windows 10 version 1607
-
-To enable all SMB Multichannel fixes for Windows Server 2016 and Windows 10 version 1607, run the following PowerShell command:
-
-```PowerShell
-Set-ItemProperty `
-    -Path "HKLM:SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides" `
-    -Name "2291605642" `
-    -Value 1 `
-    -Force
-```
-
-### Windows 10 version 1507
-
-To enable all SMB Multichannel fixes for Windows 10 version 1507, run the following PowerShell command:
-
-```PowerShell
-Set-ItemProperty `
-    -Path "HKLM:\SYSTEM\CurrentControlSet\Services\MRxSmb\KBSwitch" `
-    -Name "{FFC376AE-A5D2-47DC-A36F-FE9A46D53D75}" `
-    -Value 1 `
-    -Force
-```
-
 ## Next steps
 
 See these links for more information about Azure Files: