Azure is huge, so is the way the Networking works in Azure. There are lots of Network devices aka Resources available on Azure. All these resources combined together can really become difficult to Debug or assess any issues. To Sample a few below is a list (not comprehensive)
- Virtual Networks
- Network Security Groups
- Route Tables
- Network Peering
- Application Gateways
- Load Balancers
The Network Watcher is one tool which comes really handy in multiple ways. It allows Azure Solution Architects / System Admins to get a beter view of the Cloud Network with below features.
- View Topology Maps – These allow us to view the Topology for a certain Location / Region and Resource Group. Sample Topology as shown below
- Connection Troubleshooting – This panel allows you to validate any Connection issues between particular Source / Destination pair of VMs .
- IP Flow Logs – the IP Flow Logs enable a Network engineer to validate the NSG Rule allowing / denying a flow between Source / Destination pair.
- Next Hop Test – This function of Network Watcher allows us to view the Next Hop in terms of Network routing. Setting up certain Routing Tables and Additional Routes on the VNETs/ Subnets affects this perspective.
- Packet Capturing – this feature is quite useful for Network Engineers / Architects who have used Microsoft Network Analyzer or Wireshark on their On-Premise Networks. This allows to Capture all the Network Packets between a Source – Destination Pair on specific IPv4 or IPv6 IPs and custom ports. The Destination for the Packet Capture is a Storage Account. Once the packet capture as been stopped from the Network Watcher console, then the capture file appears in the designated Storage Account. Here are a series of screenshots to show the same.
Happy azure Networking guys!