Several built-in tools in Azure are available to troubleshoot network connectivity, most of which can be accessed through Network Watcher. In this post, I will focus on one essential tool Network Watcher offer: Connection Troubleshoot.

With the Connection Troubleshoot feature, you can test the connectivity between an Azure VM, App Gateway, and Azure VMSS, such as a different Azure VM, URIs, FQDNs, or any IP address. Using this tool several issues can be detected, including problems with guest VMs such as firewall configuration or memory allocation, Azure configuration challenges like network security groups blocking traffic, or routing problems diverting traffic. Additionally, DNS failures may also be diagnosed.

This tool provides a comprehensive method of troubleshooting connections and reduces the Mean Time To Resolution (MTTR) by detecting issues relating to network security groups, blocked ports, UDRs, etc.

To perform a connectivity test for connection troubleshooting, the virtual machine running the test must have the Network Watcher agent VM extension installed.

The matrix below contains instructions for installing the Network Watcher agent VM extension.

Network Watcher agent VM extension for Windows
Network Watcher agent VM extension for Linux.
Update Network Watcher agent VM extension to the latest version.

The table below displays some of the primary properties obtained after troubleshooting the connection.

Property Description
ConnectionStatus The status of the connectivity check indicates whether a connection is successful. The possible results are “Reachable” and “Unreachable.”
AvgLatencyInMs The average latency measured in milliseconds during the connectivity check.
MinLatencyInMs The minimum latency for the connectivity check is measured in milliseconds.
MaxLatencyInMs The maximum allowable latency during the connectivity check is measured in milliseconds.
ProbesSent During the check, the number of probes sent cannot exceed 100.
ProbesFailed The number of probes that failed during the check. The maximum possible value is 100.
Hops The path from the source to the destination (hop by hop).
SourcePortStatus This evaluates whether the source port is reachable. The possible values are: Unknown,Reachable,Unstable,NoConnection,Timeout
DestinationPortStatus This checks the accessibility of the port at the destination. Possible values include:Unknown,Reachable,Unstable,NoConnection,Timeout

Read all responsies in the Microsoft official document here.

Demo: Use the Connection Troubleshoot for the connectivity diagnostic test.

On the Network Watcher, choose Network diagnostic toolsConnection troubleshoot

I have spun up an Azure VM to show how connection troubleshooting can assist. It’s straightforward to verify if the connection to my VM is successful. The screenshot below shows a ping (ICMP) test to my blog, cloudopszone.com.

Finally, the following image shows that my VM is reachable and has no connection issues.

Related links

Share This