Oracle Cloud Infrastructure Documentation

VPN Connect Metrics

You can monitor the health, capacity, and performance of your VPN Connect by using metrics, alarms, and notifications. For more information, see Monitoring Overview and Notifications Overview.

This topic describes the metrics emitted by the metric namespace oci_vpn.

Resources: IPSec connections.

Overview of Metrics: oci_vpn

The available metrics help you determine quickly if your VPN Connect is up, how much data is flowing over the connection, and if packets are being dropped for unexpected errors.

A VPN Connect includes these resources:

  • An IPSec connection, which you can think of as the parent resource (identified by parentResourceId in the following discussion).
  • One or more individual tunnels associated with that IPSec connection (each identified by the tunnel's publicIp in the following discussion).

Required IAM Policy

To monitor resources, you must be given the required type of access in a An IAM document that specifies who has what type of access to your resources. It is used in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources. written by an administrator, whether you're using the Console or the REST API with an SDK, CLI, or other tool. The policy must give you access to the monitoring services as well as the resources being monitored. If you try to perform an action and get a message that you don’t have permission or are unauthorized, confirm with your administrator the type of access you've been granted and which A collection of related resources that can be accessed only by certain groups that have been given permission by an administrator in your organization. you should work in. For more information on user authorizations for monitoring, see the Authentication and Authorization section for the related service: Monitoring or Notifications.

Available Metrics: oci_vpn

The metrics listed in the following table are automatically available for any VPN Connect that you create. You do not need to enable monitoring on the resource to get these metrics.

You also can use the Monitoring service to create custom queries.

Each metric includes the following dimensions: 

parentResourceId
The An Oracle-assigned unique ID called an Oracle Cloud Identifier (OCID). This ID is included as part of the resource's information in both the Console and API. of the IPSec connection (the parent resource). The connection has multiple individual tunnels.
publicIp
Although each tunnel has its own An Oracle-assigned unique ID called an Oracle Cloud Identifier (OCID). This ID is included as part of the resource's information in both the Console and API., it can be easier to use the publicIp dimension to identify a specific IPSec tunnel in the connection. The value is the public IP address of the Oracle end of the tunnel (also known as the Oracle VPN headend).
Metric Metric Display Name Unit Description Dimensions

TunnelState

IPSec Tunnel State

Binary (1 or 0)

Whether the tunnel is up (1) or down (0).

parentResourceId

publicIp

PacketsReceived

Packets Received

Packets

Number of packets received at the Oracle end of the connection.

BytesReceived

Bytes Received

Bytes

Number of bytes received at the Oracle end of the connection.

PacketsSent

Packets Sent

Packets

Number of packets sent from the Oracle end of the connection.

BytesSent

Bytes Sent

Bytes

Number of bytes sent from the Oracle end of the connection.

PacketsError

Packets with Errors

Packets

Number of packets dropped at the Oracle end of the connection. Dropped packets indicate a misconfiguration in some part of the overall system. Check if there's been a change to the configuration of your VCN, the IPSec VPN, or your CPE.

Using the Console

To view default metrics charts for an individual tunnel in an IPSec connection
To view default metric charts for all IPSec connections in a compartment

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use the following APIs for monitoring: