Network Watcher is a suite of tools and services provided by Microsoft Azure that allows users to monitor, diagnose, and troubleshoot their Azure network resources. It provides a range of features and capabilities that help users to understand how their network is performing, identify potential issues, and take action to resolve them.
In this article, we will provide an overview of Network Watcher, explain how it works, and discuss some of its key features and benefits.
Network Watcher is a fully managed service, which means that Microsoft Azure takes care of the underlying infrastructure, including hardware and software. This allows users to focus on their applications and workloads, without having to worry about managing and maintaining the Network Watcher service itself.
To use Network Watcher, users first need to enable it for their Azure subscription. This can be done through the Azure portal or using the Azure CLI or PowerShell. Once Network Watcher has been enabled, users can then access its features and capabilities through the Azure portal, the Azure CLI, or the Network Watcher API.
One of the key features of Network Watcher is its ability to monitor the performance of Azure network resources. It provides real-time metrics and diagnostic logs that can help users to understand how their network is performing, identify potential bottlenecks, and take action to improve performance. For example, Network Watcher can provide information on the number of dropped packets, the average round trip time, and the average jitter for a VM, a VNet, or a network security group.
Another important feature of Network Watcher is its ability to diagnose and troubleshoot network issues. It provides a range of tools and services that can help users to identify the root cause of a network problem, and take action to resolve it. For example, Network Watcher can be used to perform a packet capture on a VM, a VNet, or a network security group, to understand what is happening on the network at a particular point in time. It can also be used to perform connectivity tests between two VMs, to verify that network traffic is flowing as expected.
In addition to its monitoring and diagnostic capabilities, Network Watcher also provides a range of tools and services for managing and securing Azure network resources. For example, it can be used to view and manage the security rules for a network security group, to ensure that only authorized traffic is allowed to pass through. It can also be used to view the effective security rules for a VM, to understand how the rules from different sources are combined to determine the VM’s security posture.
Overall, Network Watcher is a valuable service for users who need to monitor, diagnose, and troubleshoot their Azure network resources. It provides a range of features and capabilities that can help users to understand how their network is performing, identify potential issues, and take action to resolve them. Whether you’re running a small development environment or a large, production-scale workload, Network Watcher can help you to ensure that your Azure network is performing optimally.
An illustration of how Azure Network Watcher functions
One way that Azure Network Watcher can be used is to diagnose connectivity issues between VMs. For example, let’s say that you have two VMs in different VNets that need to communicate with each other. However, you notice that the VMs are unable to establish a connection, and you’re not sure why.
To troubleshoot this issue, you can use Network Watcher to perform a connectivity test between the two VMs. This test will send a series of probes from one VM to the other, and measure the response time and other metrics. This can help you to determine whether the issue is due to a network configuration problem, a routing issue, or some other problem.
To perform the connectivity test, you can use the Azure portal, the Azure CLI, or the Network Watcher API. In the Azure portal, you can go to the Network Watcher blade, and then select “Connectivity check” from the menu on the left. This will open the connectivity check page, where you can specify the source and destination VMs, and the protocol and port to be tested.
Once you have specified the parameters for the test, you can click “Start test” to initiate the connectivity check. This will start the probes from the source VM to the destination VM, and collect the response time and other metrics. The results of the test will be displayed in the Azure portal, and can also be downloaded as a CSV file.
Based on the results of the connectivity test, you can then take action to resolve the issue. For example, if the test shows that the VMs are unable to establish a connection because of a network configuration problem, you can use Network Watcher to view the security rules for the network security groups associated with the VMs. This can help you to identify any rules that are blocking the traffic, and modify them as needed.
In this way, Azure Network Watcher can be used to diagnose and troubleshoot connectivity issues between VMs, and help you to ensure that your Azure network is performing optimally.
Azure Network Watcher pricing example
For example, if you are monitoring 10 resources and process 1 GB of data per hour, the cost of using Azure Network Watcher would be:
10 resources * $0.01/resource/hour = $0.10/hour 1 GB * $0.05/GB = $0.05/hour Total cost = $0.15/hour
This pricing example is for illustration purposes only and may not reflect the actual cost of using Azure Network Watcher. To get an accurate estimate of the cost of using Azure Network Watcher, you can use the Azure pricing calculator.
Additionally, Azure offers a free tier for Azure Network Watcher that allows you to use the service for free up to certain limits. For more information on the free tier and its limitations, see the Azure Network Watcher pricing page.