Connectivity Tests is a diagnostics tool that lets you check connectivity between network endpoints. It analyzes your configuration and, in some cases, performslive data plane analysis between the endpoints. An endpoint is a source or destination of network traffic, such as a Cloud SQL instance.

Use the Connectivity Tests tool for any of the following purposes:

• To verify connectivity between a Cloud SQL instance and another resource, such as a Virtual Machine (VM), or between aread replica instance and a primary instance.
• To troubleshoot any connectivity issues associated with different types of source and destination settings.
• To determine whether there's an issue in your VPC network that's used for the Cloud SQL-related resources.

Configuration errors that the tool can diagnose include connectivity to a Cloud SQL instance blocked by:

• VPC firewall rules, hierarchical firewall policies, and global network firewall policies
• A routing issue (for example, an incorrect route to a destination network is used or no dynamic routes are available)
• An issue associated with VPC peering between your VPC network and the Google-managed service network
• The instance not running
• An incorrect port or protocol being used by theCloud SQL Auth Proxy to access the instance
• A failure occurring withauthorized networks set up for the instance

For more information about the Connectivity Tests tool, seeConnectivity Tests overview.

Note: The procedures on this page explain how to use the Google Cloud console to manage connectivity tests. You can also manage these tests by usinggcloud CLI or theCloud SQL Admin API.

Before you begin

Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

Roles required to select or create a project

• Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
• Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

Note: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.

Go to project selector

Verify that billing is enabled for your Google Cloud project.

In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

Roles required to select or create a project

• Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
• Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

Note: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.

Go to project selector

Verify that billing is enabled for your Google Cloud project.

1. Enable the Network Management API. You must enable this API so that you can run connectivity tests.
2. Make sure you assign theNetwork Management Admin role and associated permissions to your user account.

   Go to the IAM page

Create a connectivity test

To create a connectivity test, follow these steps:

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. Click the Cloud SQL instance for which you want to create a connectivity test.

   If no instances appear on the page,create an instance.

3. From the side navigation menu, clickConnections.
4. Click theConnectivity tests tab, and then clickCreate.

5. In theTest name field, enter a name for the test.

   The test name can contain lowercase letters, numbers, and hyphens only.

6. From theProtocol list, select a protocol for the test.
7. If this Cloud SQL instance is the source for the test, do the following:
   1. In theSource region, click theCurrent Cloud SQL instance option.
   2. In theDestination region, clickOther, and then specify information about the endpoint for the destination.
8. If the instance is the destination for the test, do the following:
   1. In theSource region, clickOther, and then specify information about the source's endpoint.
   2. In theDestination region, click theCurrent Cloud SQL instance option.
9. In theDestination port field, enter a port for the destination.
10. ClickCreate.

After the test finishes, theConnectivity tests tab loads and displays a list of configured tests.

View information about a connectivity test

High-level information about a connectivity test that you can view includes the following information:

• Name, protocol, source, and destination for the test.
• Google Cloud projects associated with the source and destination.
• Port reserved for the destination.
• Last date and time that the test was run.
• Result of the data plane analysis check that signifies how many packets of data were transmitted from the source to the destination.
• Result of the configuration analysis check that signifies whether a connection can be established between the source and destination so that packets of data can be transferred to the destination.
• Details about the test.

In addition to viewing high-level information about a connectivity test, you can click a test to see additional information about the results of the test, including the following information:

• One-way latency values associated with thelive data plane analysis check.
• Detailed information about the configuration analysis check. This information includes the status of the check, Cloud SQL instance, and so on.
• REST API response for the connectivity test being run.

View high-level and detailed information

To view high-level and detailed information a connectivity test, follow these steps:

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. Click the Cloud SQL instance for which you want to view information about a connectivity test.

3. From the side navigation menu, clickConnections.
4. Click theConnectivity tests tab. High-level information about all tests associated with the instance appears.

5. Click a test about which you want to view detailed information.

   TheConnectivity test details page appears. On this page, you can view the overall result and result cards for each Google Cloud resource in the testing path. You can click a link to the details page for some Google Cloud resources, such as VM instances or routes. If the test contains multiple traces, you can select a trace from the Trace result list.

   If the test iseligible for data plane analysis, you can view the packet loss and latency metrics.

   To interpret the test results, seeConfiguration analysis states.

6. To view detailed information about the configuration analysis check, in theLast configuration analysis result section, clickView.
7. To view the REST API response for the test, scroll to the bottom of the page, and then clickEquivalent REST.

Modify a connectivity test

To modify a connectivity test, follow these steps:

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. Click the Cloud SQL instance for which you want to modify a connectivity test.
3. From the side navigation menu, clickConnections.
4. Click theConnectivity tests tab.
5. Click the test that you want to modify.
6. On theConnectivity test details page, clickEdit.
7. Modify the test. You can modify the protocol, source and destination endpoints, and destination port.
8. ClickSave.

Test connectivity

You can test connectivity to a Cloud SQL instance withPrivate Service Connect enabled. To test inbound connectivity to the instance, set the IP address of the Private Service Connect endpoint that's used to connect to the instance to be the destination IP address.

gcloudnetwork-managementconnectivity-testscreateCONNECTIVITY_TEST_NAME\--source-instance=SOURCE_INSTANCE\--destination-cloud-sql-instance=DESTINATION_CLOUD_SQL_INSTANCE\--destination-network=DESTINATION_NETWORK\--destination-port=DESTINATION_PORT\--protocol=tcp

Run connectivity tests again

If you change the network configuration of resources associated with a connectivity test and want to see the results for the latest configuration, you can run a test again. You can rerun one or more tests at the same time.

A connectivity test is based on a snapshot of the network configuration at the time that the test is run. Running a test again overwrites the previous test's results. If you want to keep older results, create a new test.

To run one or more connectivity tests again, follow these steps:

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. Click the Cloud SQL instance for which you want to run connectivity tests again.
3. From the side navigation menu, clickConnections.
4. Click theConnectivity tests tab.
5. Select the check box next to each test that you want to run again.
6. ClickRerun.
7. In the dialog box, clickRerun.

Delete connectivity tests

If you no longer need a connectivity test, delete it. You can delete one or more tests at the same time.

To delete connectivity tests, follow these steps:

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. Click the Cloud SQL instance for which you want to delete connectivity tests.
3. From the side navigation menu, clickConnections.
4. Click theConnectivity tests tab.
5. Select the check box next to each test that you want to delete.
6. ClickDelete.
7. In the dialog box, clickDelete.

For more information about troubleshooting common issues with connectivity tests, seeTroubleshoot Connectivity Tests.

What's next

• Connectivity Tests overview
• Create and run Connectivity Tests
• Network Analyzer overview