Creating a Path Analysis Test
Create a test that analyzes the network configuration to determine how the paths between the source and the destination function or fail.
- In the Console, confirm you're viewing the wanted region and compartment.
- Open the navigation menu, click Networking, and then click Network Path Analyzer, found in the Network Command Center group.
- Click Create Network Path Analysis.
-
Assign the following parameters and attributes to the analysis:
- Name: A descriptive name for the Network Path Analysis. It doesn't have to be unique, and it cannot be changed later in the Console. Avoid entering confidential information. If you don't choose a name, one is generated for you.
- Create in Compartment: The default is the current viewing compartment.
- Protocol: You can choose TCP, UDP, ICMP, SSH, or many other protocol types. You can also specify the source and destination ports.
-
Source: Select a resource that begins the path you are testing.
You can provide the IP address of the source, or you can find an OCI resource to use as the source. The supported OCI resource types include subnet IP address, VLAN IP address, VNIC on a compute instance, VNIC, LB, or NLB. Once you've selected a type, choose a specific resource from the list of resources with that type.
When subnet IP address is selected as an option, the specified IP address must belong to one of the subnet CIDRs. The IP itself does not have to be active.
This IP address is an on-premises endpoint: Select this option if you entered an on-premises IP address in the Source IPv4 address field.
-
Destination: Select a resource that ends the path you are testing.
You can provide the IP address of the destination, or you can find an OCI resource to use as the destination. The supported OCI resource types include subnet IP address, VLAN IP address, VNIC on a compute instance, VNIC, LB, or NLB. Once you've selected a type, choose a specific resource from the list of resources with that type. When designating an OCI LB or NLB as a destination, you need to specify which listener you would like to use for the analysis.
This IP address is an on-premises endpoint: Select this option if you entered an on-premises IP address in the Source IPv4 address field.
Note
When using IP addresses to select the source or destination of a path analysis, the following scenarios may occur due to your network configuration and create ambiguity that will prevent the NPA analysis or make an NPA analysis based on an unintended source or destination:- VCNs with overlapping CIDRs: In this situation, if you specify an IP address that belongs to the overlapped portion of the CIDR, NPA will not be able to determine which VCN and VCN subnet the IP address belongs to. NPA will not perform the path analysis. To resolve this issue, use the find resource option and select the source or destination by specifying its type and selecting from available resources of that type.
- VCN and On-premises network with overlapping CIDRs In this case, one or more VCNs have CIDRs that overlap with your on-premises network. If you select an IP address in the overlapped CIDR, NPA considers the endpoint as being from an OCI VCN CIDR. If the intended endpoint is to an on-premises network, then you must inform the service by selecting the This IP address is an on-premises endpoint option when you enter an on-premises IP address as a source or destination.
- Test direction: Choose between Bi-directional to test both the forward and reverse paths, or Uni-directional to test the forward path only. These choices are mutually exclusive.
- (Optional)
Tags: You can optionally apply a tag to the test you create, to do this click Show tagging options.
If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you're not sure whether to apply tags, skip this option or ask an administrator. You can apply tags later.
-
Click Run analysis.
The test you have configured runs, which might take up to a minute or more (depending on the total number of hops needed) to complete. See Running a Path Analysis Test for details on running tests. Since you might not want to save every test you run, you cannot save the test yet.
- (Optional) After you run the test, click Save analysis to save your new analysis parameters.
- (Optional) Click Cancel to exit the Path Analysis workflow without saving the test.
Use the path-analyzer-test create command and required parameters to create a path analyzer test:
oci vn-monitoring path-analyzer-test create --compartment-id compartment_OCID --destination-endpoint file://destination-endpoint.json --protocol protocol --source-endpoint file://source-endpoint.json ... [OPTIONS]
For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.
Run the CreatePathAnalyzerTest operation to create a path analyzer test.