Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Network Monitoring API or Powershell Cmdlet for adding/removing nodes to be monitored

      Hello,
      Is it possible to use OMS - NPM with some kind of API or Poweshell Cmdlet.

      I have the following example that I need to solve:

      We create VMs and then sometimes they are turned off as they no longer needed for whatever reason. I do not want to still monitor network traffic to this node/VM on Azure.

      Currently we have to use the NPM UI configuration to select the node and click the checkbox for 'Use for monitoring` which is open to human error for when we forgot to disable this and more likely we forget to re-enable…

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    2. Support for NetworkWatcher / NSG Flow logs for App Service with Regional VNet Integration enabled

      At present any App Service configured with a Vnet Integration for all outbound/inbound traffic (allowed via a NSG) there is NO means of monitoring the traffic that traverses this path. Whilst NetworkWatcher / NSG Flow logs supports VM based traffic monitoring.

      For organizations with requirements to monitor outbound/inbound network traffic for Security / Audit purposes - this poses a significant challenge with traffic traversing this integration not monitored.

      5 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    3. Availability Test Integration with Application Insights

      Right now App Insights provides availability tests, but they can only hit external facing sites. The Service Endpoint Monitor fills that gap for any internal sites, but the customer now has to manage 2 separate tool configurations. It would be ideal if App Insights would allow OMS nodes as options on the “Test Locations” list, so all URL testing would be configured in the same place and the respective engines would execute them appropriately

      5 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    4. Please help advise when will NSG Flow Logs support Azure Services like AKS

      customer's verbatism:
      The main reason we are asking Azure teams to extend Flow Logs and Traffic Analyser to AKS is for allowing clients with web applications running on Kubernetes clusters to monitor, analyse and alert about all traffic hitting the cluster’s public IP address. This would be essential for identifying sources that may overload, intentionally or not, our applications and implement actions appropriately for avoiding performance issues.

      4 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    5. Schedule and copy Packet Captures

      Add scheduling functionality to packet capture. Only being able to run them manually or mess around with powershell and function apps is painful.

      Be able to copy an existing packet capture config and run it again. Having to go through the same configuration each time is tedious.

      4 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    6. Monitoring NSG flog logs condition.

      Sometimes NSG flow logs can not be put on the Storage account because of bug or other problems. But I could not notice the situation. So I hope to add the feature that we can check the flow logs condition by email alert.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    7. 3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    8. 3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    9. Local Network Watcher for End User for their Azure Instance

      Local Network Watcher possibly tied into Internet Connection API. No overhead and only fires when the connection drops or is having issues. Allows the user to input their own instances and is able to visually see where the issue might be and possible solutions. So a mini Network Monitor.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    10. Network Watcher should support Australia Central and Australia Central 2 region

      Network Watcher is currently not available in Australia Central and Australia Central 2 region. Make Network Watcher available in these regions.

      2 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    11. GetBestNeigbhors for a given Source Azure Region

      GetBestNeighbors
      Input :

      AzureRegion SourceRegion : Source region , Frame of Reference
      AzureRegion[] Regions : List of regions which needs to be reached from Source Region

      Output : Ordered list of azure regions “best” reachable from SourceRegion

      Alternatively , Simpler version

      GetBestNeighbors
      Input :

      AzureRegion SourceRegion : Source region

      Output : Ordered list of all available azure regions “best” reachable from SourceRegion

      Alternatively ,Even more simpler version

      GetBestNeighbors
      Input :

      Output : Ordered list of all available azure regions “best” reachable from SourceRegion. This must be same as it would have been called from Source region as above.

      2 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    12. Alerting for Next-Hop in Network Watcher

      Create an activity log or alert with the Next Hop feature. This would allow real time monitoring and notification if a VM was to get internet access by accident. Currently I do not see any alerting functionality for route table changes... For example, it would be great if we could create a monitor anytime a route table changed or when the VM routing changed from Next-Hop VPN to Internet and vice versa. There needs to be more visibility and alerting to VM's that have internet access, likely a huge security concern for many organizations.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    13. Azure Portal Report Settings

      In the Azure Portal, is there a way to change the Portal report settings to display kbps instead of mbps? When we work with the Support Engineers from Microsoft – Azure Rapid Response (ARR), their reports have more granularity than our reports. This sometimes leads to debates as to the data we are seeing and reporting to Microsoft ARR. We have not been able to find a way to make these changes is the settings.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    14. Create credit system for NW

      Create a credit system that allows an option for "yes continue to bill me" or "no, turn off services when credits expire" . I want to be ale to use use Network Watcher in its capacity as a "free" service without crossing the threshold that then requires payment - especially for the more complex services. An alternative idea is a "Basic" SKU which enables only limited instances of the network watcher extension. Essentially, customers today are inhibited from using b/c of the fear of having to pay for services. We should enable a warning or auto-disable that would prevent them…

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    15. Let security group view show the order in which rules are processed

      The current security group view allows multiple ways to sort the security rules that show up. It would be most useful if there would be a way to sort the security rules in the effective way they would be processed, meaning:
      1. customer defined rules on the subnet
      2. default rules on the subnet
      3. customer defined rules on the NIC
      4. default rules on the NIC.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →

      Thank you for the suggestion, we’ll consider adding this sort option. The current UI in Portal provides you with tabs to see the security rules applied on the Subnet and the NIC, as well as the default rules.

      Note, the rule processing order you provided only applies for inbound traffic. From https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg :

      Inbound traffic

      1. NSG applied to subnet: If a subnet NSG has a matching rule to deny traffic, the packet will be dropped.

      2. NSG applied to NIC (Resource Manager) or VM (classic): If VM\NIC NSG has a matching rule to deny traffic, packet will be dropped at VM\NIC, although subnet NSG has a matching rule to allow traffic.

      Outbound traffic

      1. NSG applied to NIC (Resource Manager) or VM (classic): If VM\NIC NSG has a matching rule to deny traffic, the packet will be dropped.

      2. NSG applied to subnet: If…

    16. Monitor container network traffic within a node

      I would like to see a solution for monitoring traffic between containers on the same node. I'm not sure if the Network Watcher product already does this or not - it wasn't specified.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    17. Add SQL Tests to Service Endpoint Monitor

      Enable testing of database availability - similar to SCOM OLEDB capability (https://technet.microsoft.com/en-us/library/hh457575(v=sc.12).aspx) that can make a test connection and even run a test query to validate functionality.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    18. Simplify

      Do any of you developers at Microsoft actually talk to end users before you implement this stuff? The first thing you should do after getting the flow logging working is to provide an EASY and SIMPLE way for end users to view the flow logs through the portal without having to have a Computer Science Masters degree to write friggin Powershell scripts or other programs to view this data that you are collecting

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    19. Network watcher Test Configuration support for UDP traffic monitoring

      Inorder to monitor DNS traffic on both TCP and UDP on a given port for example 53. This will allow monitoring DNS looks for A records or domains across Azure

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    20. Network watcher - deploy and manage virtual machines on targeted spokes as a service

      This will offload system owners to provision and manage all Virtual machines deployed in different spokes or regions that are used in the configuration of network watcher.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base