Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. 1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    2. Network watcher - Simulate Network Throughput testing between two source and destination endpoints

      This will offload system owners to monitor and report of simulated throughput testing limits between virtual machines on different Vnets in the network architecture layout over time

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    3. Network watcher - deploy and manage virtual machines on targeted spokes as a service

      This will offload system owners to provision and manage all Virtual machines deployed in different spokes or regions that are used in the configuration of network watcher.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    4. Network watcher Test Configuration support for UDP traffic monitoring

      Inorder to monitor DNS traffic on both TCP and UDP on a given port for example 53. This will allow monitoring DNS looks for A records or domains across Azure

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    5. Please help advise when will NSG Flow Logs support Azure Services like AKS

      customer's verbatism:
      The main reason we are asking Azure teams to extend Flow Logs and Traffic Analyser to AKS is for allowing clients with web applications running on Kubernetes clusters to monitor, analyse and alert about all traffic hitting the cluster’s public IP address. This would be essential for identifying sources that may overload, intentionally or not, our applications and implement actions appropriately for avoiding performance issues.

      4 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    6. Support for NetworkWatcher / NSG Flow logs for App Service with Regional VNet Integration enabled

      At present any App Service configured with a Vnet Integration for all outbound/inbound traffic (allowed via a NSG) there is NO means of monitoring the traffic that traverses this path. Whilst NetworkWatcher / NSG Flow logs supports VM based traffic monitoring.

      For organizations with requirements to monitor outbound/inbound network traffic for Security / Audit purposes - this poses a significant challenge with traffic traversing this integration not monitored.

      5 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    7. NSG FLow Log with immutable storage

      For compliance reasons we want to send NSG flow logs to a compliant storage account with an applied immutability policy with allow protected appends on each log container.
      This works find with Activity Logs since Activity Logs writes to Append Blobs.
      But:
      NSG flow logs write to Block Blobs which are generated every hour and updated every few minutes.
      If immutability policy is set, no updates are written (despite of flag allow protected appends)

      Please change behaviour that flow logs can be used with immutable storage.
      Thank you

      12 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    8. Schedule and copy Packet Captures

      Add scheduling functionality to packet capture. Only being able to run them manually or mess around with powershell and function apps is painful.

      Be able to copy an existing packet capture config and run it again. Having to go through the same configuration each time is tedious.

      4 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    9. Additional "/read" permission to allow call to Network Watcher queryFlowLogStatus api

      Today default Build-In Reader role not allow to execute Query Flow Log Status, because Reader role allows all operations of "*/read".
      But query flow log status operation have "/action" in the end:
      Microsoft.Network/networkWatchers/queryFlowLogStatus/action

      This makes complicated to use different applications and services which want to query flow log status. To be able to do it they ask customers to create custom role in each and each subscription with that permission and then assign that role to the application (In addition to Reader role which they ask to assign for other features).

      If will be additional permission with "/read" operation to…

      46 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    10. Network Watcher should support Australia Central and Australia Central 2 region

      Network Watcher is currently not available in Australia Central and Australia Central 2 region. Make Network Watcher available in these regions.

      2 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    11. Monitoring NSG flog logs condition.

      Sometimes NSG flow logs can not be put on the Storage account because of bug or other problems. But I could not notice the situation. So I hope to add the feature that we can check the flow logs condition by email alert.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    12. Simplify

      Do any of you developers at Microsoft actually talk to end users before you implement this stuff? The first thing you should do after getting the flow logging working is to provide an EASY and SIMPLE way for end users to view the flow logs through the portal without having to have a Computer Science Masters degree to write friggin Powershell scripts or other programs to view this data that you are collecting

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    13. Create Azure IP address search tool for Network Watcher / Network Diagnostic Tools

      NSG logging is nice that it reports communication between azure objects. However, its not always obvious which service / vm the IP address represents in an NSG log.

      It would be very helpful if there was some kind of Azure IP address lookup tool where you supply a VNet address and an IP address and then the search tool would show you which Azure object that IP Address corresponds (Object Name, Object Type).

      9 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    14. Traffic Analytics in DoD regions

      Traffic Analytics in DoD regions

      9 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    15. 3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    16. 3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    17. STOP creating random Resource Groups!

      Honestly, what are we going to do with you MSFT when it comes to RBAC?

      When MSFT puts services into Preview and often months or years after they are so-called GA they still fail to recognize that they are violating Governance, RBAC, rules allowing Azure Services to randomly create Resource Groups in any given Azure Subscription.

      The two biggest violators of this right now are Databricks and Network Watcher.

      In most cases our clients should be refusing to use these services until they are capable of adhering to Governance and Security rules being enforce by InfoSec and others.

      Resource Groups are sacred beasts…

      20 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

    18. Alerting for Next-Hop in Network Watcher

      Create an activity log or alert with the Next Hop feature. This would allow real time monitoring and notification if a VM was to get internet access by accident. Currently I do not see any alerting functionality for route table changes... For example, it would be great if we could create a monitor anytime a route table changed or when the VM routing changed from Next-Hop VPN to Internet and vice versa. There needs to be more visibility and alerting to VM's that have internet access, likely a huge security concern for many organizations.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    19. Azure Portal Report Settings

      In the Azure Portal, is there a way to change the Portal report settings to display kbps instead of mbps? When we work with the Support Engineers from Microsoft – Azure Rapid Response (ARR), their reports have more granularity than our reports. This sometimes leads to debates as to the data we are seeing and reporting to Microsoft ARR. We have not been able to find a way to make these changes is the settings.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    20. Can't get NSG Flow Logs to show up in Azure Monitor Logs!

      I can't find corresponding flow logs for the action that I manually triggered. Here is what I am trying to do and I am expecting flow logs to show up after few (4) minutes but they don't!

      1) Call API at the Application Gateway @https://api.aspnet4you.com/api/customer/FindAllCustomers?country=United%20States&state=Washington&city=Seattle

      2) Query to find app gateway access logs and they show up in about 3 minutes:
      AzureDiagnostics
      | where TimeGenerated >= now(-15m)
      | where clientIP_s !=""
      | where Category == "ApplicationGatewayAccessLog"

      3) Query NSG Flow logs but NO Result Found!
      AzureNetworkAnalyticsCL
      | where TimeGenerated >= now(-15m)
      | where SubType
      s == "FlowLog"
      |…

      7 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1 3
    • Don't see your idea?

    Feedback and Knowledge Base