DocsICP FilingConsole
官方文档
首页

Diagnose network connectivity

更新时间:
复制 MD 格式
产品详情
我的收藏

Network Connectivity Diagnostics helps you diagnose connectivity between cloud resources, understand network status, and pinpoint the causes of reachability issues.

Prerequisites

Before you use Network Connectivity Diagnostics, ensure that the following conditions are met:

  • If a diagnostic object is an instance or elastic network interface, the corresponding instance must be in the Running state.

  • If a diagnostic object includes a secondary ENI, the secondary ENI must be bound to an instance. For more information, see Bind a secondary ENI.

  • To check an instance's operating system configurations during a diagnosis, ensure that the instance and its OS meet the conditions in the following table.

    Architecture

    Supported OS versions

    Required configuration

    x86_64

    • Windows Server 2008 and later

    • Alibaba Cloud Linux 2/3

    • Alibaba Cloud Linux 3 Pro

    • AlmaLinux 8.x

    • Anolis OS 7.x/8.2

    • CentOS 7.x/8.x

    • CentOS Stream 8

    • Debian 8.x/9.x/10.x

    • Fedora 33/34

    • OpenSUSE 15.x/42.x

    • Rocky Linux 8.x

    • SUSE Linux 12.x/15.x

    • Ubuntu 20.04

Limitations

The following table lists the limits for paths and diagnostic tasks.

Item

Limit

How to increase

Maximum number of paths per region

100

Cannot be increased

Maximum number of diagnostic tasks per region

1,000

Cannot be increased

Maximum number of concurrent diagnostic tasks per region

5

Cannot be increased

Workflow

Network Connectivity Diagnostics uses the following workflow:

  1. Specify a path.

    A path contains the information required to run a diagnostic task, such as the VPC and diagnostic objects (instance, elastic network interface, or public IP address). You can create or clone a path. For more information, see Create a path and Clone a path.

    Note

    When you create a path or start a diagnostic task, the system checks whether the AliyunServiceRoleForECSNetworkInsights service-linked role exists. If the role does not exist, the system automatically creates it. For more information, see Manage the service-linked role for Network Connectivity Diagnostics.

  2. Start a diagnostic task.

    A diagnostic task uses the information in a path to check the real-time network connectivity between objects. After you create or clone a path, the system automatically starts a diagnostic task. You can also manually start a diagnostic task for an existing path. For more information, see Diagnose an existing path.

  3. View the diagnostic results.

    In addition to viewing the results in the diagnostic task list, you can also view the details of a diagnostic task. For more information, see Manage diagnostic tasks.

    Note

    Network Connectivity Diagnostics is an auxiliary tool. Its results reflect key network configurations but may not represent the real-time communication status, as they can be affected by factors such as transient network fluctuations or dynamic security group changes.

Create a path

  1. Go to ECS Console - Troubleshooting.

  2. In the upper-left corner of the page, select a region and resource group.地域

  3. On the Network Connectivity Diagnostics tab, click Create Path.

  4. Configure the path parameters and click Create.

    Parameter

    Description

    Path Name

    A path name must be 2 to 128 characters in length. The name can contain Chinese characters, English letters, digits, and the following special characters: periods (.), underscores (_), hyphens (-), and colons (:). The name cannot start with a special character, a digit, http://, or https://.

    VPC

    Select a VPC. At least one diagnostic object must be an ECS instance or elastic network interface in the selected VPC.

    Source and Destination

    Select the type of diagnostic object, and then specify the source and destination objects. The following types are supported:

    • ECS Instance: The diagnostic object is an existing ECS instance. The source and destination cannot be the same instance.

    • NIC: The diagnostic object is an existing elastic network interface. The source and destination cannot be the same elastic network interface, and they cannot belong to the same instance.

    • Public IP Address: The diagnostic object is a public IP address that you enter. The source and destination types cannot both be set to Public IP Address.

    Destination Port and Protocol

    Supported destination ports depend on the selected protocol:

    • If the protocol is Custom TCP or Custom UDP, you can select a destination port from the list of common ports or enter another port number.

      Common ports include SSH (22), telnet (23), HTTP (80), HTTPS (443), MS SQL (1433), Oracle (1521), MySQL (3306), RDP (3389), PostgreSQL (5432), and Redis (6379).

    • If the protocol is All ICMP (IPv4) or All GRE, the destination port must be -1/-1.

    After you create the path, the system automatically starts a diagnostic task to check whether the source can access the specified port of the destination over the specified protocol.

    Note

    The diagnostic process may take a few minutes. You can view the execution status and wait for the results in the path list. You can also go to the path details page to view the execution status and detailed results of the diagnostic task. For more information, see Manage diagnostic tasks.

Clone a path

You can clone an existing path and modify some settings, such as changing only the source or destination diagnostic object. This helps you create a path faster.

  1. Go to ECS Console - Troubleshooting.

  2. In the upper-left corner of the page, select a region and resource group.地域

  3. On the Network Connectivity Diagnostics tab, find the path that you want to clone, and click Clone in the Operation column.

  4. Configure the path parameters and click Create.

    Parameter

    Description

    Path Name

    A path name must be 2 to 128 characters in length. The name can contain Chinese characters, English letters, digits, and the following special characters: periods (.), underscores (_), hyphens (-), and colons (:). The name cannot start with a special character, a digit, http://, or https://.

    VPC

    Select a VPC. At least one diagnostic object must be an ECS instance or elastic network interface in the selected VPC.

    Source and Destination

    Select the type of diagnostic object, and then specify the source and destination objects. The following types are supported:

    • ECS Instance: The diagnostic object is an existing ECS instance. The source and destination cannot be the same instance.

    • NIC: The diagnostic object is an existing elastic network interface. The source and destination cannot be the same elastic network interface, and they cannot belong to the same instance.

    • Public IP Address: The diagnostic object is a public IP address that you enter. The source and destination types cannot both be set to Public IP Address.

    Destination Port and Protocol

    Supported destination ports depend on the selected protocol:

    • If the protocol is Custom TCP or Custom UDP, you can select a destination port from the list of common ports or enter another port number.

      Common ports include SSH (22), telnet (23), HTTP (80), HTTPS (443), MS SQL (1433), Oracle (1521), MySQL (3306), RDP (3389), PostgreSQL (5432), and Redis (6379).

    • If the protocol is All ICMP (IPv4) or All GRE, the destination port must be -1/-1.

    After you clone the path, the system automatically starts a diagnostic task to check whether the source can access the specified port of the destination over the specified protocol.

    Note

    The diagnostic process may take a few minutes. You can view the execution status and wait for the results in the path list. You can also go to the path details page to view the execution status and detailed results of the diagnostic task. For more information, see Manage diagnostic tasks.

Diagnose an existing path

You can manually start a diagnostic task for an existing path. However, a path can have only one running diagnostic task at a time. If a task is already running, you cannot start another one.

  1. Go to ECS Console - Troubleshooting.

  2. In the upper-left corner of the page, select a region and resource group.地域

  3. On the Network Connectivity Diagnostics tab, find the target path, click Diagnose in the Operation column, and then click Continue in the dialog box that appears.

Manage diagnostic tasks

The path list displays the result of the latest diagnostic task. You may need to view the details of a task or historical tasks to troubleshoot an Unconnectable result. This section describes how to manage diagnostic tasks.

Note

The number of diagnostic tasks is limited. We recommend that you periodically delete tasks that are no longer needed.

  1. Go to ECS Console - Troubleshooting.

  2. In the upper-left corner of the page, select a region and resource group.地域

  3. On the Network Connectivity Diagnostics tab, find the ID of the path.

  4. Perform one of the following operations:

    • Start a new diagnostic task: If you need to check the latest network connectivity status while viewing the details, click Diagnose, and then click Continue.

    • Delete a historical diagnostic task: Click the ID of the target path. In the Diagnosis List section, click Delete in the Operation column of the task, and then click Continue.

    • View the details of a diagnostic task: Click the ID of the target path. In the Diagnosis List section, click the unfold icon.

      Note

      For more information about diagnostic items and suggestions, see Diagnostic items of Network Connectivity Diagnostics.

      Figure 1. Example of a Normal resultconnectable

      Figure 2. Example of an Unconnectable result不可连通示例

Delete a path

  1. Go to ECS Console - Troubleshooting.

  2. In the upper-left corner of the page, select a region and resource group.地域

  3. On the Network Connectivity Diagnostics tab, find the path that you want to delete and click Delete in the Operation column. In the dialog box that appears, click OK.

Previous:ECS Network Connectivity DiagnosticsNext:View diagnostic items