Monitor Network Connections

This page describes how to use the Cisco Cloud Observability user interface to monitor your network connections. It also lists the metrics that are displayed for Network Monitoring.

You can monitor network connections on the following entity-centric pages:

Clusters
Workloads
Namespaces

Clusters

You can monitor network connections from the Clusters detail view, which displays the network connections of a specific workload or namespace.

To navigate to the detail view:

Navigate to the Observe page.
Under Kubernetes, click Clusters. The Clusters list view is now displayed.
Click a Name to display the detail view.
Under Network Connections, you can use the Scope drop-down menu to to switch the scope of network monitoring to namespace or workload. The flow map and connection list will be updated based on your selection.
Then, use the Flow or List tab to monitor the network connections between your clusters:

The Flow tab displays a flow map that visualizes the relationships between your workloads or namespaces. You can:

Action	Description
Zoom in	View the entity name. Identify the type of network connection based on the type of icon. Unknown IPs icons appear when a UDP (not related to DNS request) or TCP connection is made by an entity in the cluster to an IP address that is not part of the cluster. DNS Server icons appear when an entity in the cluster makes a DNS request.
View the color of an entity icon	The color of the icon specifies the health of the entity's network connections. See Health and Status Violation in the UI.
Single-click on an entity	View outgoing and incoming metrics, tags, annotations, and properties.
Double-click on an entity	Navigate to the detail view for that entity.

The List tab displays a list of all incoming and outgoing network connections from the entity, their health status, and their outgoing and incoming metrics. You can click on a network connections row to display:

Incoming and outgoing connections
Properties
Metric visualizations

Workloads

You can monitor network connections from the Workloads list view or detail view.

List View

The Workloads list view displays the network connections of all workloads, with the option to view the details for a specific workload. To navigate to this view:

Navigate to the Observe page.
Under Kubernetes, click Workloads. The Workloads list view is now displayed.
The Workloads tab is selected by default. It displays the list of workloads and a summary of their metrics.
Click Network Connections to monitor the network connections between your workloads. From this page, you can select between two views using the Flow tab and the List tab.

Action	Description
Zoom in	View the workload name. Identify the type of network connection based on the type of workload icon. Unknown IPs icons appear when a UDP (not related to DNS request) or TCP connection is made by a workload in the cluster to an IP address that is not part of the cluster. DNS Server icons appear when a workload in the cluster makes a DNS request.
View the color of a workload icon	The color of the workload icon specifies the health of its network connections. See Health and Status Violation in the UI.
Single-click on a workload	View outgoing and incoming metrics, tags, annotations, and properties.
Double-click on a workload	Navigate to the detail view for that workload.

The List tab displays a list of all network connections between workloads, their health status, and their outgoing and incoming metrics. You can click on a network connection row to display:

Incoming and outgoing connections
Properties
Metric visualizations

Detail View

The Workloads detail view displays the network connections of a specific workload. To navigate to this view:

Navigate to the Observe page.
Under Kubernetes, click Workloads. The Workloads list view is now displayed.
The Workloads tab is selected by default. It displays the list of workloads and a summary of their metrics. Click a Name to display the detail view.
Under Network Connections, use the Flow or List tab to monitor the network connections between your workloads.

Action	Description
View the type of workload icon	The type of the workload icon specifies the type of network connection. Unknown IPs icons appear when a UDP (not related to DNS request) or TCP connection is made by a workload in the cluster to an IP address that is not part of the cluster. DNS Server icons appear when a workload in the cluster makes a DNS request.
View the color of a workload icon	The color of the workload icon specifies the health of its network connections. See Health and Status Violation in the UI.
Single-click on a workload	View outgoing and incoming metrics, tags, annotations, and properties.
Double-click on a workload	Navigate to the detail view for that workload.

The List tab displays a list of all network connections between workloads, their health status, and their outgoing and incoming metrics. You can click on a network connection row to display:

Incoming and outgoing connections
Properties
Metric visualizations

Namespaces

You can monitor network connections from the Namespaces list view or detail view.

List View

The Namespaces list view displays the network connections of all namespaces, with the option to view the details for a specific namespace. To navigate to this view:

Navigate to the Observe page.
Under Kubernetes, click Namespaces. The Namespaces list view is now displayed.
The Namespaces tab is selected by default. It displays the list of namespaces and a summary of their metrics.
Click Network Connections to monitor the network connections between your namespaces. From this page, you can select between two views using the Flow tab and the List tab.

Action	Description
Zoom in	View the namespace name. Identify the type of network connection based on the type of icon. Unknown IPs icons appear when a UDP (not related to DNS request) or TCP connection is made by a namespace in the cluster to an IP address that is not part of the cluster. DNS Server icons appear when a namespace in the cluster makes a DNS request.
View the color of a namespace icon	The color of the icon specifies the health of the namespace's network connections. See Health and Status Violation in the UI.
Single-click on a namespace	View outgoing and incoming metrics, tags, annotations, and properties.
Double-click on a namespace	Navigate to the detail view for that namespace.

The List tab displays a list of all network connections between namespaces, their health status, and their outgoing and incoming metrics. You can click on a network connection row to display:

Incoming and outgoing connections
Properties
Metric visualizations

Detail View

The Namespaces detail view displays the network connections of a specific namespace. To navigate to this view:

Navigate to the Observe page.
Under Kubernetes, click Namespaces. The Namespaces list view is now displayed.
The Namespaces tab is selected by default. It displays the list of namespaces and a summary of their metrics. Click a Name to display the detail view.
Under Network Connections, use the Flow or List tab to monitor the network connections between your namespaces.

Action	Description
View the type of icon	The type of icon specifies the type of network connection. Unknown IPs icons appear when a UDP (not related to DNS request) or TCP connection is made by a namespace in the cluster to an IP address that is not part of the cluster. DNS Server icons appear when a namespace in the cluster makes a DNS request.
View the color of an icon	The color of the icon specifies the health of the namespace's network connections. See Health and Status Violation in the UI.
Single-click on a namespace	View outgoing and incoming metrics, tags, annotations, and properties.
Double-click on a namespace	Navigate to the detail view for that namespace.

The List tab displays a list of all network connections between namespaces, their health status, and their outgoing and incoming metrics. You can click on a network connection row to display:

Incoming and outgoing connections
Properties
Metric visualizations

Metrics and Key Performance Indicators

The following network connection metrics are visible on the Clusters detail view, the Workloads list or detail view, and the Namespaces list or detail view:

Display Name	Metric Name	Description
Connection Throughput (KiB/Sec)
Total	`tcp.bytes` `udp.bytes`	The total number of TCP and UDP bytes between the source and destination measured for the prior thirty seconds.
TCP	`tcp.bytes`	The total number of TCP bytes between the source and destination measured for the prior thirty seconds.
UDP	`udp.bytes`	The total number of UDP bytes between the source and destination measured for the prior thirty seconds.
Active Connections (Count)
Total	`tcp.active` `udp.active`	The number of TCP and UDP connections considered to be open and alive between the source and destination at the point the measurement was taken.
TCP	`tcp.active`	The number of TCP connections considered to be open and alive between the source and destination at the point the measurement was taken.
UDP	`udp.active`	The number of UDP connections considered to be open and alive between the source and destination at the point the measurement was taken.
Application Layer Connections (Count)
Total	`http.active_sockets` `dns.active_sockets`	The number of unencrypted HTTPv1 connections and DNS connections for which measurements were taken in the prior thirty seconds.
HTTP	`http.active_sockets`	The number of unencrypted HTTPv1 connections for which measurements were taken in the prior thirty seconds.
DNS	`dns.active_sockets`	The number of DNS connections for which measurements were taken in the prior thirty seconds.
New TCP Connections (Count)
New TCP Connections	`tcp.new_sockets`	The total number of new TCP sockets opened between the source and destination measured for the prior thirty seconds.
Total Packets (Count)
Total	`tcp.packets` `udp.packets`	The total number of TCP and UDP packets between the source and destination measured for the prior thirty seconds.
TCP	`tcp.packets`	The total number of TCP packets between the source and destination measured for the prior thirty seconds.
UDP	`udp.packets`	The total number of UDP packets between the source and destination measured for the prior thirty seconds.
Errors (Count)
TCP - Retransmissions	`tcp.retrans`	The total number of TCP retransmission requests between the source and destination measured for the prior thirty seconds.
TCP - SYN Timeouts	`tcp.syn.timeouts`	The total number of TCP SYN timeouts between the source and destination measured for the prior thirty seconds.
TCP - Resets	`tcp.resets`	The total number of TCP resets sent between the source and destination measured for the prior thirty seconds.
UDP - Dropped Packets	`udp.drops`	The total number of UDP connections dropped between the source and destination measured for the prior thirty seconds.
DNS - Timeouts	`dns.timeouts`	The total number of DNS timeouts between the source and destination measured for the prior thirty seconds.
Average Response Time (ms)
TCP - Round Trip Time	`tcp.rtt.average`	The computed average round trip time between the source and destination as measured in microseconds.
HTTP - Server	`http.server.duration.average`	The average duration in microseconds for the server to respond to a request received locally. Does not include the network latency from or to the client. Computed by the summation of all times, divided by the HTTP metric.
HTTP - Client	`http.client.duration.average`	The average duration in microseconds from when the client sends an HTTP request, until the response is received back from the server. Includes the communication round-trip times, plus the server processing latency. Computed by the summation of all times, divided by the HTTP metric.
DNS - Server	`dns.server.duration.average`	The average duration in microseconds from when the client sends a DNS request, until the response is received back from the server. Includes the communication round-trip times, plus the server processing latency. Computed by the summation of all times, divided by the DNS Responses metric.
DNS - Client	`dns.client.duration.average`	The average duration in microseconds for the server to respond to a request received locally. Does not include the network latency from or to the client. Computed by the summation of all times, divided by the DNS Responses metric.
HTTP Response Code (Count)
HTTP Response Code	`http.status_code`	For a given class of response code, the number of times an unencrypted server sent an HTTPv1 status code between the source and destination measured for the prior thirty seconds.
DNS Responses (Count)
DNS Responses	`dns.responses`	The total number of DNS responses sent between the source and destination measured for the prior thirty seconds.