So finally Microsoft released a feature which allows us to troubleshoot networking issues in Azure! It provides us with multiple options to check on route paths, view list of Network Security groups to see which ACL’s take priority and such. And also it can be used to check traffic flow from one location to another! NOTE: It is only available in some US regions as of now.
Now its quite limited in terms of regions it is available in and it is still in preview so we need to register the service manully, using Powershell.
Register-AzureRmProviderFeature -FeatureName AllowNetworkWatcher -ProviderNamespace Microsoft.Network
Get-AzureRmProviderFeature -FeatureName AllowNetworkWatcher -ProviderNamespace Microsoft.Network
Requires to have a VM in the requires region where Azure Network Watcher is supported –> which is now West US, North Central US and West Central US https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-packet-capture-manage-powershell
Needs to have a guest VM extension installed before using the packet capturing sequence. Since the Network watcher compoent needs to communicate with the a Storage Account where it stores the PCAP files.
After you have added the agent and enabled it on a VM you can now go back to the network watcher and see the differnt options available and it will by default choose the VM which has the agent installed to do traffic.
So for instance here It checked the traffic flow and see if there was any NSG that would restrict the traffic.
NOTE: There is an issue with the extension which Microsoft is now rolling out an hotfix to correct, so you might need to reinstall the extension on the VM using CLI
Remove-AzureRmVMExtension -ResourceGroupName resourcegroup -VMName vmname -Name NetworkWatcherAgentWindows
$AzureNetworkWatcherExtension = Get-AzureRmVMExtensionImage -Location WestCentralUS -PublisherName Microsoft.Azure.NetworkWatcher -Type NetworkWatcherAgentWindows
$ExtensionName = “AzureNetworkWatcherExtension”
Set-AzureRmVMExtension -ResourceGroupName $VM.ResourceGroupName -Location $VM.Location -VMName $VM.Name -Name $ExtensionName -Publisher $AzureNetworkWatcherExtension.PublisherName -ExtensionType $AzureNetworkWatcherExtension.Type -TypeHandlerVersion $AzureNetworkWatcherExtension.Version.Substring(0,3)
You can also specify filters on what kind of traffic you want to add as part of the filter.
and voila! We can luckily view the pcap packets within WireShark!
And from here we can do more in-depth troubleshooting!