All Products
Search
Document Center

Cloud Enterprise Network:Work with the reachability analyzer

更新時間:Oct 10, 2023

Cloud Enterprise Network (CEN) is interfaced with Network Intelligence Service (NIS), which supports the reachability analyzer. You can use the reachability analyzer to test the network connectivity between resources.

Background information

When the reachability analyzer tests the network connectivity between resources, it generates detailed information about the network paths between the source and destination resources. If the destination is unreachable, the reachability analyzer pinpoints the error and the cause of error. The reachability analyzer mainly checks instance status and network configurations, including the status of network instances, configurations of security groups, configurations of network access control lists (ACLs), configurations of route tables, and configurations of Server Load Balancer (SLB) instances. The reachability analyzer does not send data packets or analyze the data plane. You only need to specify a path through which data is transferred from the source to the destination. For more information, see Work with the reachability analyzer.

The following examples show how to use the reachability analyzer to test the connectivity between ECS instances in the same region and between ECS instances in different regions.

Example 1: Test the connectivity between ECS instances in the same region

路径分析-同地域

Assume that you use CEN to enable network communication between VPC1 and VPC2 that are in the same region. Before you enable data transmission, you can use the reachability analyzer to specify a path between ECS1 and ECS3, between ECS1 and ECS4, between ECS2 and ECS3, and between ECS2 and ECS4. Then, the reachability analyzer tests the connectivity between the ECS instances in VPC1 and in VPC2.

The following procedure demonstrates how to specify a path between ECS1 and ECS3 and use the reachability analyzer to test the connectivity between ECS1 and ECS3. You can follow the same procedure to test the connectivity between ECS1 and ECS4, between ECS2 and ECS3, and between ECS2 and ECS4.

Specify a path between ECS1 and ECS3

  1. Log on to the CEN console.

  2. On the Instances page, click the ID of the CEN instance that you want to manage.

  3. On the CEN details page, click the Path Analysis tab.

    If NIS is not activated, follow the instructions to activate NIS.

  4. On the Path Analysis tab, set the parameters and click Start Analyzing.

    Note

    The following table describes the parameters that are used to test the connectivity between ECS1 and ECS3. Port 80 is used as the destination port. When you configure the reachability analyzer, specify a protocol based on your business requirements.

    Parameter

    Description

    Source

    Select a source. NIS supports multiple types of sources. For more information, see Create a path.

    In this example, Source Type is set to ECS, and ECS1 is selected.

    Destination

    Select a destination.

    In this example, Destination Type is set to ECS, and ECS3 is selected.

    Protocol

    Select a protocol for the test.

    In this example, TCP is selected.

    Destination Port

    Select a destination port.

    In this example, port 80 is selected.

    Storage Path

    Select whether to save the configurations of the path. If you save the path, it can be retested without configurations.

    The default value is No, which specifies that the path is not saved.

  5. You can view the analysis result on the Path Analysis tab, fix issues based on the analysis result, and then create a path for the reachability analyzer to run another test to make sure that the destination is reachable.

    路径分析-结果

Example 2: Test the connectivity between ECS instances in different regions

路径分析-跨地域

Assume that you use CEN to enable network communication between VPC1 and VPC2 that are in different regions. Before you enable data transmission, you can use the reachability analyzer to specify a path between ECS1 and ECS3, between ECS1 and ECS4, between ECS2 and ECS3, and between ECS2 and ECS4. Then, the reachability analyzer tests the connectivity between the ECS instances in VPC1 and in VPC2.

The following procedure demonstrates how to specify a path between ECS1 and ECS3 and use the reachability analyzer to test the connectivity between ECS1 and ECS3. You can follow the same procedure to test the connectivity between ECS1 and ECS4, between ECS2 and ECS3, and between ECS2 and ECS4.

Specify a path between ECS1 and ECS3

  1. Log on to the CEN console.

  2. On the Instances page, click the ID of the CEN instance that you want to manage.

  3. On the CEN details page, click the Path Analysis tab.

    If NIS is not activated, follow the instructions to activate NIS.

  4. On the Path Analysis tab, set the parameters and click Start Analyzing.

    Note

    The following table describes the parameters that are used to test the connectivity between ECS1 and ECS3. Internet Control Message Protocol (ICMP) is used as the network protocol. When you configure the reachability analyzer, specify a protocol based on your business requirements.

    Parameter

    Description

    Source

    Select a source. NIS supports multiple types of sources. For more information, see Create a path.

    In this example, Source Type is set to ECS, and ECS1 is selected.

    Destination

    Select a destination.

    In this example, Destination Type is set to ECS, and ECS3 is selected.

    Protocol

    Select a network protocol.

    In this example, ICMP is selected.

    Destination Port

    Select a destination port.

    This parameter is optional when Protocol is set to ICMP.

    Storage Path

    Select whether to save the configurations of the path. If you save the path, it can be retested without configurations.

    The default value is No, which specifies that the path is not saved.

  5. You can view the analysis result on the Path Analysis tab, fix issues based on the analysis result, and then create a path for the reachability analyzer to run another test to make sure that the destination is reachable.

    In the first test, the transit router in the China (Shanghai) region does not have a route that points to VPC2. The result shows that ECS1 cannot access ECS3. The cause is the lack of inter-region connections between the transit routers in the China (Shanghai) and China (Shenzhen) regions. The transit routers cannot learn VPC routes from each other.

    After an inter-region connection is established between the transit routers in the China (Shanghai) and China (Shenzhen) regions, the transit routers can automatically learn VPC routes from each other. In addition, the transit routers have all advanced features enabled. Then, the reachability analyzer detects a route between ECS1 and ECS3. ECS1 can access ECS3.

    路径分析-跨地域