Chapter 18 Monitor Virtual Networking

This Chapter covers following Topic Lessons

  • Network Watcher
  • Network Performance Monitor
  • Requirements and Steps for Enabling Network Performance Monitor

This Chapter covers following Lab Exercises

  • Enabling Network Watcher
  • Network Watcher Capabilities
  • Adding NPM in Log Analytics Workspace

Chapter Topology

In this chapter we will Network Watcher and Network Performance Monitor (NPM) to the Topology.

Screenshot_681

Network Watcher

Before going into details of Network watcher, let’s discuss what happens without Network Watcher.

Without Network Watcher: Azure provides monitoring, troubleshooting, diagnostics and logging at individual resource level such as Virtual Machines, Virtual Network, Load Balancers, NSG, Application Gateway & ExpressRoute etc.

With Network Watcher: Network Watcher provides end to end Monitoring, Diagnostics and logging across Resource Levels and across Network topology level.

Network Watcher is a regional service and can only be ran against resources in the same region.

Exercise 163: Enabling Network Watcher (East US 2 Region)

In Azure Portal Click All Services in left pane>Under Networking Click Network Watcher> Network watcher Dashboard opens>You can Enable Network Watcher for all regions or in the region of your choice>Here we will enable for East US 2> Click 28 Region icon>Scroll down Select East US 2 Row and click …>Click Enable Network Watcher.

Screenshot_682

Exercise 164: Exploring Network Watcher Capabilities

Topology: Provides a network level topology diagram showing the various interconnections and associations between network resources of VNET in a RG.

Click Topology in left pane >in right pane select your Resource Group. You can see 3 VNETs â€" VNETCloud, VNET2 and VNET3 Connections.

Screenshot_683

You can further filter the topology for Individual VNET. In this case I selected VNETCloud from dropdown box.

Screenshot_684

Next Hop: Traffic from the source to destination has a next hop. Next Hop feature finds or verifies the next hop for packets being routed in the Azure Network Fabric, enabling you to diagnose virtual machine routing problems.

Next hop also returns the route table associated with the next hop. If the route is defined as a user-defined route, that route is returned. Otherwise, next hop returns System Route.

Next Hop diagnoses virtual machine routing problems.

Click Next hop in left pane >in right pane Select your Resource Group, Virtual Machine and Destination Address and click Next Hop.

Screenshot_685

IP flow verify: IP Flow Verify helps to verify if a virtual machine can talk to another virtual machine. If the packet is denied by a security group, the rule and group that denied the packet is returned. You can choose the source and destination to diagnose connectivity issue.

IP flow verify diagnoses virtual machine network traffic filter problems.

Click IP flow verify in left pane >in right pane Select your Resource Group, Virtual Machine and Remote IP Address and click Check.

Screenshot_686

Packet Capture: Packet Capture creates packet capture sessions to track traffic to and fro from a virtual machine.

Packet capture is a virtual machine extension that is remotely started through Network Watcher.

Filters are provided for the capture session to ensure you capture traffic you want to monitor. Filters are based on 5-tuple (protocol, local IP address, remote IP address, local port, and remote port) information. The captured data is stored in the local disk or a storage blob.

Click Packet capture in left pane >in right pane click +Add>Add Packet capture blade opens>Select Target VM and Storage selects> Add Filters if required (Scroll down to see filter options).

Screenshot_687

Connection Monitor: Monitors and Diagnoses communication problems between 2 Virtual Machines. Network Watcher Connection Monitor enables you to configure and track connection reachability, latency, and network topology changes. If there is an issue, it tells you why it occurred and how to fix it.

Pre-Req: Network Watcher Agent for Windows extension is added to VMs.

Click Connection Monitor in left pane >in right pane click +Add>Add connection monitor blade opens>Select Target VM and destination VM> Click Add.

Screenshot_688

VPN Troubleshoot: Virtual Network Gateways provide connectivity between on-premises and virtual networks. Network Watcher provides the capability to monitor and troubleshoot Virtual Network Gateways and Connections.

Click VPN Troubleshoot in left pane >in right pane select Storage Account and Virtual Network gateway>Click Start Troubleshooting.

Screenshot_689

Here you can see the Virtual Network Gateways (VPNCloud & VPNOnPrem) created in Exercise 122, Chapter 12.

Network Performance Monitor

Network Performance Monitor is a cloud-based hybrid network monitoring solution. Network Performance Monitor offers following three capabilities: Performance Monitor, Service Connectivity Monitor and ExpressRoute Monitor.

NPM is added as Management solution in Log Analytics workspace.

Performance Monitor

Performance Monitor helps you monitor network performance (latency) and network connectivity between various points (Source & Destination Nodes) in your network infrastructure.

You can monitor Network Performance and Network Connectivity across cloud deployments and on-premises locations, multiple data centers and branch offices.

With Topology Map you can see hop-by-hop topology of the routes between the source and destination nodes. The unhealthy routes or hops will be coloured in red, which will help you to quickly localize the problem to a particular section of the network. It will also show you Network Performance (Latency) across various subnets along the path.

Figure below shows topology map between two nodes. Performance Monitor is monitoring all the paths including redundant path between the nodes. It is showing both network connectivity status and latency across the network.

Screenshot_690

Service Connectivity Monitor

Service Connectivity Monitor helps you monitor network connectivity from users to service and application endpoints. Endpoints include Websites, SaaS applications, PaaS applications, and SQL databases.

You can perform the following functions with Service Connectivity Monitor:

  • Determine the response time, network latency, and packet loss experienced when connecting to the endpoint.
  • Determine whether poor application performance is because of the network or because of some issue on the application provider's end.
  • Identify hot spots on the network that might be causing poor application performance by viewing the latency contributed by each hop on a topology map.
  • Monitor the network connectivity to your applications and network services from multiple branch offices or locations. Applications and network services include Office 365, Dynamics CRM, internal line-ofbusiness applications, and SQL databases.
  • Use built-in tests to monitor network connectivity to Office 365 and Dynamics 365 endpoints.

ExpressRoute Monitor

ExpressRoute Monitor helps you Monitor end-to-end connectivity and performance between On-premises and Azure over Azure ExpressRoute Connection.

NPM for ExpressRoute offers comprehensive ExpressRoute monitoring for Azure Private Peering and Microsoft peering connections. Key capabilities of ExpressRoute Monitor include:

  1. Auto-detection of ER circuits associated with your subscription.
  2. Detection of network topology from on-premises to your cloud applications.
  3. Capacity planning, bandwidth utilization analysis.
  4. Monitoring and alerting on both primary and secondary paths.
  5. Monitoring connectivity to Azure services such as Office 365, Dynamics 365 over ExpressRoute.
  6. Detect degradation of connectivity to Virtual Networks.

Figure below shows Redundant ExpressRoute Connectivity between Onpremises (on left side of the Figure) and Azure. It is showing both connectivity status and the latency in the network.

Screenshot_691

Requirements and Steps for Enabling Network Performance Monitor

  1. Log Analytics Workspace.
  2. Log Analytics Agent installed on the Nodes.
  3. Adding NPM Monitor Management solution to Log Analytics workspace.

Important Note: You can also access NPM through Network Watcher Dashboard.

Exercise 165: Adding NPM in Log Analytics Workspace

In this Exercise we will just demonstrate how to add NPM to Log analytics Workspace LACloud. LACloud was created in Exercise 156, Chapter 17.

In Log Analytics workspace dashboard click Workspace Summary in left pane> Click + Add in Workspace Summary blade>Management Tools Pane opens> In Recommended Solutions Click more>Recommended blade opens>Scroll down and select Network Performance Monitor .

Screenshot_692
UP

LIMITED OFFER: GET 30% Discount

This is ONE TIME OFFER

ExamSnap Discount Offer
Enter Your Email Address to Receive Your 30% Discount Code

A confirmation link will be sent to this email address to verify your login. *We value your privacy. We will not rent or sell your email address.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.