Azure Connection Monitor

Azure Connection Monitor is a cloud-native network monitoring solution for Azure and hybrid environments. It allows you to monitor the connectivity of your network by creating Network Watchers that continuously check the health and performance of network paths between various endpoints.

Tip: Connection Monitor helps proactively identify network issues, assess network health, and diagnose network performance problems from source to destination.

Key Features

End-to-End Network Visibility: Monitor connectivity from virtual machines, on-premises servers, and other cloud environments.
Proactive Monitoring: Set up alerts based on performance metrics like round-trip time, packet loss, and connection success/failure.
Diagnostic Capabilities: Quickly identify the root cause of network connectivity issues by pinpointing problematic hops.
Scalability: Easily scale your monitoring capabilities as your network grows.
Integration: Integrates seamlessly with Azure Monitor and Log Analytics for advanced analysis and reporting.

Use Cases

Monitoring network latency and packet loss between critical applications.
Diagnosing connectivity issues for remote users or branch offices.
Ensuring reliable communication paths for hybrid cloud deployments.
Validating network configurations after infrastructure changes.

Getting Started

To start using Azure Connection Monitor, you'll typically need to:

Ensure you have Azure Network Watcher enabled in your region.
Create Connection Monitor resources.
Define the endpoints you want to monitor (e.g., Azure VMs, IP addresses, FQDNs).
Configure monitoring configurations to specify the frequency and metrics to collect.

Creating a Connection Monitor Resource

You can create a Connection Monitor resource through the Azure portal, Azure CLI, or PowerShell.

Azure CLI Example

            
az network connection-monitor create \
    --name MyConnectionMonitor \
    --resource-group MyResourceGroup \
    --location eastus \
    --endpoints MyVMEndpoint1 MyVMEndpoint2 \
    --test-configurations "Name=HTTPTest,Protocol=HTTP,Port=80,Frequency=300" \
    --locations westus
            
        

Configuring Endpoints

Endpoints can be various Azure resources or external locations. Common endpoint types include:

Azure Virtual Machines: Requires the Network Watcher agent to be installed and configured.
Local Machines: For on-premises or multi-cloud environments, the agent can be deployed on physical servers or VMs.
IP Addresses/FQDNs: Monitor connectivity to specific services or external endpoints.

Defining Test Configurations

Test configurations specify the type of network test to perform, including:

Protocol: TCP, ICMP, HTTP, HTTPS.
Port: The port to use for the test.
Frequency: How often the test should run (in seconds).
Thresholds: Define acceptable performance limits for latency and packet loss.

Monitoring and Analysis

Once your Connection Monitor is set up, you can view the results in the Azure portal. Metrics like connection status, round-trip time, and packet loss are displayed in clear, visual charts.

Note: For detailed analysis and long-term data retention, it is recommended to configure Connection Monitor to send its logs to an Azure Log Analytics workspace.

Interpreting Results

Connection Status: Indicates whether the connection between endpoints was successful.

Round-Trip Time (RTT): Measures the time it takes for a packet to travel from the source to the destination and back. High RTT can indicate network congestion or routing issues.

Packet Loss: Represents the percentage of packets that failed to reach their destination. High packet loss severely impacts application performance.

Advanced Concepts

Connection Monitor Workspaces: Organize your connection monitors and associated data.
Log Analytics Integration: Use Kusto Query Language (KQL) to perform complex analysis of network telemetry.
Alerting: Set up Azure Monitor alerts based on Connection Monitor metrics to be notified of network anomalies.

Sample KQL Query for Latency

            
ConnectionMonitor
| where TIMESTAMP > ago(1h)
| where RttUs != -1 // Exclude failed connections
| summarize avg(RttUs) / 1000 by CorrelationId, WorkspaceName, NetworkFlowId, OperationName
| sort by TIMESTAMP desc
            
        

For more in-depth information, including pricing and service limits, please refer to the official Azure documentation or contact Azure support.

Important: Ensure firewall rules are configured correctly to allow traffic for Connection Monitor tests, especially when monitoring across different networks or regions.