Class: Google::Cloud::NetworkManagement::V1::DropInfo

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/networkmanagement/v1/trace.rb

Overview

Details of the final state "drop" and associated resource.

Defined Under Namespace

Modules: Cause

Instance Attribute Summary collapse

Instance Attribute Details

#cause::Google::Cloud::NetworkManagement::V1::DropInfo::Cause

Returns Cause that the packet is dropped.

Returns:


1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
# File 'proto_docs/google/cloud/networkmanagement/v1/trace.rb', line 1110

class DropInfo
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Drop cause types:
  module Cause
    # Cause is unspecified.
    CAUSE_UNSPECIFIED = 0

    # Destination external address cannot be resolved to a known target. If
    # the address is used in a Google Cloud project, provide the project ID
    # as test input.
    UNKNOWN_EXTERNAL_ADDRESS = 1

    # A Compute Engine instance can only send or receive a packet with a
    # foreign IP address if ip_forward is enabled.
    FOREIGN_IP_DISALLOWED = 2

    # Dropped due to a firewall rule, unless allowed due to connection
    # tracking.
    FIREWALL_RULE = 3

    # Dropped due to no matching routes.
    NO_ROUTE = 4

    # Dropped due to invalid route. Route's next hop is a blackhole.
    ROUTE_BLACKHOLE = 5

    # Packet is sent to a wrong (unintended) network. Example: you trace a
    # packet from VM1:Network1 to VM2:Network2, however, the route configured
    # in Network1 sends the packet destined for VM2's IP address to Network3.
    ROUTE_WRONG_NETWORK = 6

    # Route's next hop IP address cannot be resolved to a GCP resource.
    ROUTE_NEXT_HOP_IP_ADDRESS_NOT_RESOLVED = 42

    # Route's next hop resource is not found.
    ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND = 43

    # Route's next hop instance doesn't have a NIC in the route's network.
    ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK = 49

    # Route's next hop IP address is not a primary IP address of the next hop
    # instance.
    ROUTE_NEXT_HOP_INSTANCE_NON_PRIMARY_IP = 50

    # Route's next hop forwarding rule doesn't match next hop IP address.
    ROUTE_NEXT_HOP_FORWARDING_RULE_IP_MISMATCH = 51

    # Route's next hop VPN tunnel is down (does not have valid IKE SAs).
    ROUTE_NEXT_HOP_VPN_TUNNEL_NOT_ESTABLISHED = 52

    # Route's next hop forwarding rule type is invalid (it's not a forwarding
    # rule of the internal passthrough load balancer).
    ROUTE_NEXT_HOP_FORWARDING_RULE_TYPE_INVALID = 53

    # Packet is sent from the Internet to the private IPv6 address.
    NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV6_ADDRESS = 44

    # The packet does not match a policy-based VPN tunnel local selector.
    VPN_TUNNEL_LOCAL_SELECTOR_MISMATCH = 45

    # The packet does not match a policy-based VPN tunnel remote selector.
    VPN_TUNNEL_REMOTE_SELECTOR_MISMATCH = 46

    # Packet with internal destination address sent to the internet gateway.
    PRIVATE_TRAFFIC_TO_INTERNET = 7

    # Instance with only an internal IP address tries to access Google API and
    # services, but private Google access is not enabled in the subnet.
    PRIVATE_GOOGLE_ACCESS_DISALLOWED = 8

    # Source endpoint tries to access Google API and services through the VPN
    # tunnel to another network, but Private Google Access needs to be enabled
    # in the source endpoint network.
    PRIVATE_GOOGLE_ACCESS_VIA_VPN_TUNNEL_UNSUPPORTED = 47

    # Instance with only an internal IP address tries to access external hosts,
    # but Cloud NAT is not enabled in the subnet, unless special configurations
    # on a VM allow this connection.
    NO_EXTERNAL_ADDRESS = 9

    # Destination internal address cannot be resolved to a known target. If
    # this is a shared VPC scenario, verify if the service project ID is
    # provided as test input. Otherwise, verify if the IP address is being
    # used in the project.
    UNKNOWN_INTERNAL_ADDRESS = 10

    # Forwarding rule's protocol and ports do not match the packet header.
    FORWARDING_RULE_MISMATCH = 11

    # Forwarding rule does not have backends configured.
    FORWARDING_RULE_NO_INSTANCES = 12

    # Firewalls block the health check probes to the backends and cause
    # the backends to be unavailable for traffic from the load balancer.
    # For more details, see [Health check firewall
    # rules](https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules).
    FIREWALL_BLOCKING_LOAD_BALANCER_BACKEND_HEALTH_CHECK = 13

    # Packet is sent from or to a Compute Engine instance that is not in a
    # running state.
    INSTANCE_NOT_RUNNING = 14

    # Packet sent from or to a GKE cluster that is not in running state.
    GKE_CLUSTER_NOT_RUNNING = 27

    # Packet sent from or to a Cloud SQL instance that is not in running state.
    CLOUD_SQL_INSTANCE_NOT_RUNNING = 28

    # The type of traffic is blocked and the user cannot configure a firewall
    # rule to enable it. See [Always blocked
    # traffic](https://cloud.google.com/vpc/docs/firewalls#blockedtraffic) for
    # more details.
    TRAFFIC_TYPE_BLOCKED = 15

    # Access to Google Kubernetes Engine cluster master's endpoint is not
    # authorized. See [Access to the cluster
    # endpoints](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#access_to_the_cluster_endpoints)
    # for more details.
    GKE_MASTER_UNAUTHORIZED_ACCESS = 16

    # Access to the Cloud SQL instance endpoint is not authorized.
    # See [Authorizing with authorized
    # networks](https://cloud.google.com/sql/docs/mysql/authorize-networks) for
    # more details.
    CLOUD_SQL_INSTANCE_UNAUTHORIZED_ACCESS = 17

    # Packet was dropped inside Google Kubernetes Engine Service.
    DROPPED_INSIDE_GKE_SERVICE = 18

    # Packet was dropped inside Cloud SQL Service.
    DROPPED_INSIDE_CLOUD_SQL_SERVICE = 19

    # Packet was dropped because there is no peering between the originating
    # network and the Google Managed Services Network.
    GOOGLE_MANAGED_SERVICE_NO_PEERING = 20

    # Packet was dropped because the Google-managed service uses Private
    # Service Connect (PSC), but the PSC endpoint is not found in the project.
    GOOGLE_MANAGED_SERVICE_NO_PSC_ENDPOINT = 38

    # Packet was dropped because the GKE cluster uses Private Service Connect
    # (PSC), but the PSC endpoint is not found in the project.
    GKE_PSC_ENDPOINT_MISSING = 36

    # Packet was dropped because the Cloud SQL instance has neither a private
    # nor a public IP address.
    CLOUD_SQL_INSTANCE_NO_IP_ADDRESS = 21

    # Packet was dropped because a GKE cluster private endpoint is
    # unreachable from a region different from the cluster's region.
    GKE_CONTROL_PLANE_REGION_MISMATCH = 30

    # Packet sent from a public GKE cluster control plane to a private
    # IP address.
    PUBLIC_GKE_CONTROL_PLANE_TO_PRIVATE_DESTINATION = 31

    # Packet was dropped because there is no route from a GKE cluster
    # control plane to a destination network.
    GKE_CONTROL_PLANE_NO_ROUTE = 32

    # Packet sent from a Cloud SQL instance to an external IP address is not
    # allowed. The Cloud SQL instance is not configured to send packets to
    # external IP addresses.
    CLOUD_SQL_INSTANCE_NOT_CONFIGURED_FOR_EXTERNAL_TRAFFIC = 33

    # Packet sent from a Cloud SQL instance with only a public IP address to a
    # private IP address.
    PUBLIC_CLOUD_SQL_INSTANCE_TO_PRIVATE_DESTINATION = 34

    # Packet was dropped because there is no route from a Cloud SQL
    # instance to a destination network.
    CLOUD_SQL_INSTANCE_NO_ROUTE = 35

    # Packet could be dropped because the Cloud Function is not in an active
    # status.
    CLOUD_FUNCTION_NOT_ACTIVE = 22

    # Packet could be dropped because no VPC connector is set.
    VPC_CONNECTOR_NOT_SET = 23

    # Packet could be dropped because the VPC connector is not in a running
    # state.
    VPC_CONNECTOR_NOT_RUNNING = 24

    # Packet could be dropped because it was sent from a different region
    # to a regional forwarding without global access.
    FORWARDING_RULE_REGION_MISMATCH = 25

    # The Private Service Connect endpoint is in a project that is not approved
    # to connect to the service.
    PSC_CONNECTION_NOT_ACCEPTED = 26

    # The packet is sent to the Private Service Connect endpoint over the
    # peering, but [it's not
    # supported](https://cloud.google.com/vpc/docs/configure-private-service-connect-services#on-premises).
    PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK = 41

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule does not have
    # global access enabled.
    PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS = 48

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule has multiple ports
    # specified.
    PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS = 54

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group) targeting a Cloud SQL service attachment, but this
    # configuration is not supported.
    CLOUD_SQL_PSC_NEG_UNSUPPORTED = 58

    # No NAT subnets are defined for the PSC service attachment.
    NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT = 57

    # The packet sent from the hybrid NEG proxy matches a non-dynamic route,
    # but such a configuration is not supported.
    HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED = 55

    # The packet sent from the hybrid NEG proxy matches a dynamic route with a
    # next hop in a different region, but such a configuration is not
    # supported.
    HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED = 56

    # Packet sent from a Cloud Run revision that is not ready.
    CLOUD_RUN_REVISION_NOT_READY = 29

    # Packet was dropped inside Private Service Connect service producer.
    DROPPED_INSIDE_PSC_SERVICE_PRODUCER = 37

    # Packet sent to a load balancer, which requires a proxy-only subnet and
    # the subnet is not found.
    LOAD_BALANCER_HAS_NO_PROXY_SUBNET = 39

    # Packet sent to Cloud Nat without active NAT IPs.
    CLOUD_NAT_NO_ADDRESSES = 40

    # Packet is stuck in a routing loop.
    ROUTING_LOOP = 59
  end
end

#destination_ip::String

Returns Destination IP address of the dropped packet (if relevant).

Returns:

  • (::String)

    Destination IP address of the dropped packet (if relevant).


1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
# File 'proto_docs/google/cloud/networkmanagement/v1/trace.rb', line 1110

class DropInfo
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Drop cause types:
  module Cause
    # Cause is unspecified.
    CAUSE_UNSPECIFIED = 0

    # Destination external address cannot be resolved to a known target. If
    # the address is used in a Google Cloud project, provide the project ID
    # as test input.
    UNKNOWN_EXTERNAL_ADDRESS = 1

    # A Compute Engine instance can only send or receive a packet with a
    # foreign IP address if ip_forward is enabled.
    FOREIGN_IP_DISALLOWED = 2

    # Dropped due to a firewall rule, unless allowed due to connection
    # tracking.
    FIREWALL_RULE = 3

    # Dropped due to no matching routes.
    NO_ROUTE = 4

    # Dropped due to invalid route. Route's next hop is a blackhole.
    ROUTE_BLACKHOLE = 5

    # Packet is sent to a wrong (unintended) network. Example: you trace a
    # packet from VM1:Network1 to VM2:Network2, however, the route configured
    # in Network1 sends the packet destined for VM2's IP address to Network3.
    ROUTE_WRONG_NETWORK = 6

    # Route's next hop IP address cannot be resolved to a GCP resource.
    ROUTE_NEXT_HOP_IP_ADDRESS_NOT_RESOLVED = 42

    # Route's next hop resource is not found.
    ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND = 43

    # Route's next hop instance doesn't have a NIC in the route's network.
    ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK = 49

    # Route's next hop IP address is not a primary IP address of the next hop
    # instance.
    ROUTE_NEXT_HOP_INSTANCE_NON_PRIMARY_IP = 50

    # Route's next hop forwarding rule doesn't match next hop IP address.
    ROUTE_NEXT_HOP_FORWARDING_RULE_IP_MISMATCH = 51

    # Route's next hop VPN tunnel is down (does not have valid IKE SAs).
    ROUTE_NEXT_HOP_VPN_TUNNEL_NOT_ESTABLISHED = 52

    # Route's next hop forwarding rule type is invalid (it's not a forwarding
    # rule of the internal passthrough load balancer).
    ROUTE_NEXT_HOP_FORWARDING_RULE_TYPE_INVALID = 53

    # Packet is sent from the Internet to the private IPv6 address.
    NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV6_ADDRESS = 44

    # The packet does not match a policy-based VPN tunnel local selector.
    VPN_TUNNEL_LOCAL_SELECTOR_MISMATCH = 45

    # The packet does not match a policy-based VPN tunnel remote selector.
    VPN_TUNNEL_REMOTE_SELECTOR_MISMATCH = 46

    # Packet with internal destination address sent to the internet gateway.
    PRIVATE_TRAFFIC_TO_INTERNET = 7

    # Instance with only an internal IP address tries to access Google API and
    # services, but private Google access is not enabled in the subnet.
    PRIVATE_GOOGLE_ACCESS_DISALLOWED = 8

    # Source endpoint tries to access Google API and services through the VPN
    # tunnel to another network, but Private Google Access needs to be enabled
    # in the source endpoint network.
    PRIVATE_GOOGLE_ACCESS_VIA_VPN_TUNNEL_UNSUPPORTED = 47

    # Instance with only an internal IP address tries to access external hosts,
    # but Cloud NAT is not enabled in the subnet, unless special configurations
    # on a VM allow this connection.
    NO_EXTERNAL_ADDRESS = 9

    # Destination internal address cannot be resolved to a known target. If
    # this is a shared VPC scenario, verify if the service project ID is
    # provided as test input. Otherwise, verify if the IP address is being
    # used in the project.
    UNKNOWN_INTERNAL_ADDRESS = 10

    # Forwarding rule's protocol and ports do not match the packet header.
    FORWARDING_RULE_MISMATCH = 11

    # Forwarding rule does not have backends configured.
    FORWARDING_RULE_NO_INSTANCES = 12

    # Firewalls block the health check probes to the backends and cause
    # the backends to be unavailable for traffic from the load balancer.
    # For more details, see [Health check firewall
    # rules](https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules).
    FIREWALL_BLOCKING_LOAD_BALANCER_BACKEND_HEALTH_CHECK = 13

    # Packet is sent from or to a Compute Engine instance that is not in a
    # running state.
    INSTANCE_NOT_RUNNING = 14

    # Packet sent from or to a GKE cluster that is not in running state.
    GKE_CLUSTER_NOT_RUNNING = 27

    # Packet sent from or to a Cloud SQL instance that is not in running state.
    CLOUD_SQL_INSTANCE_NOT_RUNNING = 28

    # The type of traffic is blocked and the user cannot configure a firewall
    # rule to enable it. See [Always blocked
    # traffic](https://cloud.google.com/vpc/docs/firewalls#blockedtraffic) for
    # more details.
    TRAFFIC_TYPE_BLOCKED = 15

    # Access to Google Kubernetes Engine cluster master's endpoint is not
    # authorized. See [Access to the cluster
    # endpoints](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#access_to_the_cluster_endpoints)
    # for more details.
    GKE_MASTER_UNAUTHORIZED_ACCESS = 16

    # Access to the Cloud SQL instance endpoint is not authorized.
    # See [Authorizing with authorized
    # networks](https://cloud.google.com/sql/docs/mysql/authorize-networks) for
    # more details.
    CLOUD_SQL_INSTANCE_UNAUTHORIZED_ACCESS = 17

    # Packet was dropped inside Google Kubernetes Engine Service.
    DROPPED_INSIDE_GKE_SERVICE = 18

    # Packet was dropped inside Cloud SQL Service.
    DROPPED_INSIDE_CLOUD_SQL_SERVICE = 19

    # Packet was dropped because there is no peering between the originating
    # network and the Google Managed Services Network.
    GOOGLE_MANAGED_SERVICE_NO_PEERING = 20

    # Packet was dropped because the Google-managed service uses Private
    # Service Connect (PSC), but the PSC endpoint is not found in the project.
    GOOGLE_MANAGED_SERVICE_NO_PSC_ENDPOINT = 38

    # Packet was dropped because the GKE cluster uses Private Service Connect
    # (PSC), but the PSC endpoint is not found in the project.
    GKE_PSC_ENDPOINT_MISSING = 36

    # Packet was dropped because the Cloud SQL instance has neither a private
    # nor a public IP address.
    CLOUD_SQL_INSTANCE_NO_IP_ADDRESS = 21

    # Packet was dropped because a GKE cluster private endpoint is
    # unreachable from a region different from the cluster's region.
    GKE_CONTROL_PLANE_REGION_MISMATCH = 30

    # Packet sent from a public GKE cluster control plane to a private
    # IP address.
    PUBLIC_GKE_CONTROL_PLANE_TO_PRIVATE_DESTINATION = 31

    # Packet was dropped because there is no route from a GKE cluster
    # control plane to a destination network.
    GKE_CONTROL_PLANE_NO_ROUTE = 32

    # Packet sent from a Cloud SQL instance to an external IP address is not
    # allowed. The Cloud SQL instance is not configured to send packets to
    # external IP addresses.
    CLOUD_SQL_INSTANCE_NOT_CONFIGURED_FOR_EXTERNAL_TRAFFIC = 33

    # Packet sent from a Cloud SQL instance with only a public IP address to a
    # private IP address.
    PUBLIC_CLOUD_SQL_INSTANCE_TO_PRIVATE_DESTINATION = 34

    # Packet was dropped because there is no route from a Cloud SQL
    # instance to a destination network.
    CLOUD_SQL_INSTANCE_NO_ROUTE = 35

    # Packet could be dropped because the Cloud Function is not in an active
    # status.
    CLOUD_FUNCTION_NOT_ACTIVE = 22

    # Packet could be dropped because no VPC connector is set.
    VPC_CONNECTOR_NOT_SET = 23

    # Packet could be dropped because the VPC connector is not in a running
    # state.
    VPC_CONNECTOR_NOT_RUNNING = 24

    # Packet could be dropped because it was sent from a different region
    # to a regional forwarding without global access.
    FORWARDING_RULE_REGION_MISMATCH = 25

    # The Private Service Connect endpoint is in a project that is not approved
    # to connect to the service.
    PSC_CONNECTION_NOT_ACCEPTED = 26

    # The packet is sent to the Private Service Connect endpoint over the
    # peering, but [it's not
    # supported](https://cloud.google.com/vpc/docs/configure-private-service-connect-services#on-premises).
    PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK = 41

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule does not have
    # global access enabled.
    PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS = 48

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule has multiple ports
    # specified.
    PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS = 54

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group) targeting a Cloud SQL service attachment, but this
    # configuration is not supported.
    CLOUD_SQL_PSC_NEG_UNSUPPORTED = 58

    # No NAT subnets are defined for the PSC service attachment.
    NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT = 57

    # The packet sent from the hybrid NEG proxy matches a non-dynamic route,
    # but such a configuration is not supported.
    HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED = 55

    # The packet sent from the hybrid NEG proxy matches a dynamic route with a
    # next hop in a different region, but such a configuration is not
    # supported.
    HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED = 56

    # Packet sent from a Cloud Run revision that is not ready.
    CLOUD_RUN_REVISION_NOT_READY = 29

    # Packet was dropped inside Private Service Connect service producer.
    DROPPED_INSIDE_PSC_SERVICE_PRODUCER = 37

    # Packet sent to a load balancer, which requires a proxy-only subnet and
    # the subnet is not found.
    LOAD_BALANCER_HAS_NO_PROXY_SUBNET = 39

    # Packet sent to Cloud Nat without active NAT IPs.
    CLOUD_NAT_NO_ADDRESSES = 40

    # Packet is stuck in a routing loop.
    ROUTING_LOOP = 59
  end
end

#region::String

Returns Region of the dropped packet (if relevant).

Returns:

  • (::String)

    Region of the dropped packet (if relevant).


1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
# File 'proto_docs/google/cloud/networkmanagement/v1/trace.rb', line 1110

class DropInfo
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Drop cause types:
  module Cause
    # Cause is unspecified.
    CAUSE_UNSPECIFIED = 0

    # Destination external address cannot be resolved to a known target. If
    # the address is used in a Google Cloud project, provide the project ID
    # as test input.
    UNKNOWN_EXTERNAL_ADDRESS = 1

    # A Compute Engine instance can only send or receive a packet with a
    # foreign IP address if ip_forward is enabled.
    FOREIGN_IP_DISALLOWED = 2

    # Dropped due to a firewall rule, unless allowed due to connection
    # tracking.
    FIREWALL_RULE = 3

    # Dropped due to no matching routes.
    NO_ROUTE = 4

    # Dropped due to invalid route. Route's next hop is a blackhole.
    ROUTE_BLACKHOLE = 5

    # Packet is sent to a wrong (unintended) network. Example: you trace a
    # packet from VM1:Network1 to VM2:Network2, however, the route configured
    # in Network1 sends the packet destined for VM2's IP address to Network3.
    ROUTE_WRONG_NETWORK = 6

    # Route's next hop IP address cannot be resolved to a GCP resource.
    ROUTE_NEXT_HOP_IP_ADDRESS_NOT_RESOLVED = 42

    # Route's next hop resource is not found.
    ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND = 43

    # Route's next hop instance doesn't have a NIC in the route's network.
    ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK = 49

    # Route's next hop IP address is not a primary IP address of the next hop
    # instance.
    ROUTE_NEXT_HOP_INSTANCE_NON_PRIMARY_IP = 50

    # Route's next hop forwarding rule doesn't match next hop IP address.
    ROUTE_NEXT_HOP_FORWARDING_RULE_IP_MISMATCH = 51

    # Route's next hop VPN tunnel is down (does not have valid IKE SAs).
    ROUTE_NEXT_HOP_VPN_TUNNEL_NOT_ESTABLISHED = 52

    # Route's next hop forwarding rule type is invalid (it's not a forwarding
    # rule of the internal passthrough load balancer).
    ROUTE_NEXT_HOP_FORWARDING_RULE_TYPE_INVALID = 53

    # Packet is sent from the Internet to the private IPv6 address.
    NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV6_ADDRESS = 44

    # The packet does not match a policy-based VPN tunnel local selector.
    VPN_TUNNEL_LOCAL_SELECTOR_MISMATCH = 45

    # The packet does not match a policy-based VPN tunnel remote selector.
    VPN_TUNNEL_REMOTE_SELECTOR_MISMATCH = 46

    # Packet with internal destination address sent to the internet gateway.
    PRIVATE_TRAFFIC_TO_INTERNET = 7

    # Instance with only an internal IP address tries to access Google API and
    # services, but private Google access is not enabled in the subnet.
    PRIVATE_GOOGLE_ACCESS_DISALLOWED = 8

    # Source endpoint tries to access Google API and services through the VPN
    # tunnel to another network, but Private Google Access needs to be enabled
    # in the source endpoint network.
    PRIVATE_GOOGLE_ACCESS_VIA_VPN_TUNNEL_UNSUPPORTED = 47

    # Instance with only an internal IP address tries to access external hosts,
    # but Cloud NAT is not enabled in the subnet, unless special configurations
    # on a VM allow this connection.
    NO_EXTERNAL_ADDRESS = 9

    # Destination internal address cannot be resolved to a known target. If
    # this is a shared VPC scenario, verify if the service project ID is
    # provided as test input. Otherwise, verify if the IP address is being
    # used in the project.
    UNKNOWN_INTERNAL_ADDRESS = 10

    # Forwarding rule's protocol and ports do not match the packet header.
    FORWARDING_RULE_MISMATCH = 11

    # Forwarding rule does not have backends configured.
    FORWARDING_RULE_NO_INSTANCES = 12

    # Firewalls block the health check probes to the backends and cause
    # the backends to be unavailable for traffic from the load balancer.
    # For more details, see [Health check firewall
    # rules](https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules).
    FIREWALL_BLOCKING_LOAD_BALANCER_BACKEND_HEALTH_CHECK = 13

    # Packet is sent from or to a Compute Engine instance that is not in a
    # running state.
    INSTANCE_NOT_RUNNING = 14

    # Packet sent from or to a GKE cluster that is not in running state.
    GKE_CLUSTER_NOT_RUNNING = 27

    # Packet sent from or to a Cloud SQL instance that is not in running state.
    CLOUD_SQL_INSTANCE_NOT_RUNNING = 28

    # The type of traffic is blocked and the user cannot configure a firewall
    # rule to enable it. See [Always blocked
    # traffic](https://cloud.google.com/vpc/docs/firewalls#blockedtraffic) for
    # more details.
    TRAFFIC_TYPE_BLOCKED = 15

    # Access to Google Kubernetes Engine cluster master's endpoint is not
    # authorized. See [Access to the cluster
    # endpoints](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#access_to_the_cluster_endpoints)
    # for more details.
    GKE_MASTER_UNAUTHORIZED_ACCESS = 16

    # Access to the Cloud SQL instance endpoint is not authorized.
    # See [Authorizing with authorized
    # networks](https://cloud.google.com/sql/docs/mysql/authorize-networks) for
    # more details.
    CLOUD_SQL_INSTANCE_UNAUTHORIZED_ACCESS = 17

    # Packet was dropped inside Google Kubernetes Engine Service.
    DROPPED_INSIDE_GKE_SERVICE = 18

    # Packet was dropped inside Cloud SQL Service.
    DROPPED_INSIDE_CLOUD_SQL_SERVICE = 19

    # Packet was dropped because there is no peering between the originating
    # network and the Google Managed Services Network.
    GOOGLE_MANAGED_SERVICE_NO_PEERING = 20

    # Packet was dropped because the Google-managed service uses Private
    # Service Connect (PSC), but the PSC endpoint is not found in the project.
    GOOGLE_MANAGED_SERVICE_NO_PSC_ENDPOINT = 38

    # Packet was dropped because the GKE cluster uses Private Service Connect
    # (PSC), but the PSC endpoint is not found in the project.
    GKE_PSC_ENDPOINT_MISSING = 36

    # Packet was dropped because the Cloud SQL instance has neither a private
    # nor a public IP address.
    CLOUD_SQL_INSTANCE_NO_IP_ADDRESS = 21

    # Packet was dropped because a GKE cluster private endpoint is
    # unreachable from a region different from the cluster's region.
    GKE_CONTROL_PLANE_REGION_MISMATCH = 30

    # Packet sent from a public GKE cluster control plane to a private
    # IP address.
    PUBLIC_GKE_CONTROL_PLANE_TO_PRIVATE_DESTINATION = 31

    # Packet was dropped because there is no route from a GKE cluster
    # control plane to a destination network.
    GKE_CONTROL_PLANE_NO_ROUTE = 32

    # Packet sent from a Cloud SQL instance to an external IP address is not
    # allowed. The Cloud SQL instance is not configured to send packets to
    # external IP addresses.
    CLOUD_SQL_INSTANCE_NOT_CONFIGURED_FOR_EXTERNAL_TRAFFIC = 33

    # Packet sent from a Cloud SQL instance with only a public IP address to a
    # private IP address.
    PUBLIC_CLOUD_SQL_INSTANCE_TO_PRIVATE_DESTINATION = 34

    # Packet was dropped because there is no route from a Cloud SQL
    # instance to a destination network.
    CLOUD_SQL_INSTANCE_NO_ROUTE = 35

    # Packet could be dropped because the Cloud Function is not in an active
    # status.
    CLOUD_FUNCTION_NOT_ACTIVE = 22

    # Packet could be dropped because no VPC connector is set.
    VPC_CONNECTOR_NOT_SET = 23

    # Packet could be dropped because the VPC connector is not in a running
    # state.
    VPC_CONNECTOR_NOT_RUNNING = 24

    # Packet could be dropped because it was sent from a different region
    # to a regional forwarding without global access.
    FORWARDING_RULE_REGION_MISMATCH = 25

    # The Private Service Connect endpoint is in a project that is not approved
    # to connect to the service.
    PSC_CONNECTION_NOT_ACCEPTED = 26

    # The packet is sent to the Private Service Connect endpoint over the
    # peering, but [it's not
    # supported](https://cloud.google.com/vpc/docs/configure-private-service-connect-services#on-premises).
    PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK = 41

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule does not have
    # global access enabled.
    PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS = 48

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule has multiple ports
    # specified.
    PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS = 54

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group) targeting a Cloud SQL service attachment, but this
    # configuration is not supported.
    CLOUD_SQL_PSC_NEG_UNSUPPORTED = 58

    # No NAT subnets are defined for the PSC service attachment.
    NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT = 57

    # The packet sent from the hybrid NEG proxy matches a non-dynamic route,
    # but such a configuration is not supported.
    HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED = 55

    # The packet sent from the hybrid NEG proxy matches a dynamic route with a
    # next hop in a different region, but such a configuration is not
    # supported.
    HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED = 56

    # Packet sent from a Cloud Run revision that is not ready.
    CLOUD_RUN_REVISION_NOT_READY = 29

    # Packet was dropped inside Private Service Connect service producer.
    DROPPED_INSIDE_PSC_SERVICE_PRODUCER = 37

    # Packet sent to a load balancer, which requires a proxy-only subnet and
    # the subnet is not found.
    LOAD_BALANCER_HAS_NO_PROXY_SUBNET = 39

    # Packet sent to Cloud Nat without active NAT IPs.
    CLOUD_NAT_NO_ADDRESSES = 40

    # Packet is stuck in a routing loop.
    ROUTING_LOOP = 59
  end
end

#resource_uri::String

Returns URI of the resource that caused the drop.

Returns:

  • (::String)

    URI of the resource that caused the drop.


1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
# File 'proto_docs/google/cloud/networkmanagement/v1/trace.rb', line 1110

class DropInfo
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Drop cause types:
  module Cause
    # Cause is unspecified.
    CAUSE_UNSPECIFIED = 0

    # Destination external address cannot be resolved to a known target. If
    # the address is used in a Google Cloud project, provide the project ID
    # as test input.
    UNKNOWN_EXTERNAL_ADDRESS = 1

    # A Compute Engine instance can only send or receive a packet with a
    # foreign IP address if ip_forward is enabled.
    FOREIGN_IP_DISALLOWED = 2

    # Dropped due to a firewall rule, unless allowed due to connection
    # tracking.
    FIREWALL_RULE = 3

    # Dropped due to no matching routes.
    NO_ROUTE = 4

    # Dropped due to invalid route. Route's next hop is a blackhole.
    ROUTE_BLACKHOLE = 5

    # Packet is sent to a wrong (unintended) network. Example: you trace a
    # packet from VM1:Network1 to VM2:Network2, however, the route configured
    # in Network1 sends the packet destined for VM2's IP address to Network3.
    ROUTE_WRONG_NETWORK = 6

    # Route's next hop IP address cannot be resolved to a GCP resource.
    ROUTE_NEXT_HOP_IP_ADDRESS_NOT_RESOLVED = 42

    # Route's next hop resource is not found.
    ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND = 43

    # Route's next hop instance doesn't have a NIC in the route's network.
    ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK = 49

    # Route's next hop IP address is not a primary IP address of the next hop
    # instance.
    ROUTE_NEXT_HOP_INSTANCE_NON_PRIMARY_IP = 50

    # Route's next hop forwarding rule doesn't match next hop IP address.
    ROUTE_NEXT_HOP_FORWARDING_RULE_IP_MISMATCH = 51

    # Route's next hop VPN tunnel is down (does not have valid IKE SAs).
    ROUTE_NEXT_HOP_VPN_TUNNEL_NOT_ESTABLISHED = 52

    # Route's next hop forwarding rule type is invalid (it's not a forwarding
    # rule of the internal passthrough load balancer).
    ROUTE_NEXT_HOP_FORWARDING_RULE_TYPE_INVALID = 53

    # Packet is sent from the Internet to the private IPv6 address.
    NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV6_ADDRESS = 44

    # The packet does not match a policy-based VPN tunnel local selector.
    VPN_TUNNEL_LOCAL_SELECTOR_MISMATCH = 45

    # The packet does not match a policy-based VPN tunnel remote selector.
    VPN_TUNNEL_REMOTE_SELECTOR_MISMATCH = 46

    # Packet with internal destination address sent to the internet gateway.
    PRIVATE_TRAFFIC_TO_INTERNET = 7

    # Instance with only an internal IP address tries to access Google API and
    # services, but private Google access is not enabled in the subnet.
    PRIVATE_GOOGLE_ACCESS_DISALLOWED = 8

    # Source endpoint tries to access Google API and services through the VPN
    # tunnel to another network, but Private Google Access needs to be enabled
    # in the source endpoint network.
    PRIVATE_GOOGLE_ACCESS_VIA_VPN_TUNNEL_UNSUPPORTED = 47

    # Instance with only an internal IP address tries to access external hosts,
    # but Cloud NAT is not enabled in the subnet, unless special configurations
    # on a VM allow this connection.
    NO_EXTERNAL_ADDRESS = 9

    # Destination internal address cannot be resolved to a known target. If
    # this is a shared VPC scenario, verify if the service project ID is
    # provided as test input. Otherwise, verify if the IP address is being
    # used in the project.
    UNKNOWN_INTERNAL_ADDRESS = 10

    # Forwarding rule's protocol and ports do not match the packet header.
    FORWARDING_RULE_MISMATCH = 11

    # Forwarding rule does not have backends configured.
    FORWARDING_RULE_NO_INSTANCES = 12

    # Firewalls block the health check probes to the backends and cause
    # the backends to be unavailable for traffic from the load balancer.
    # For more details, see [Health check firewall
    # rules](https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules).
    FIREWALL_BLOCKING_LOAD_BALANCER_BACKEND_HEALTH_CHECK = 13

    # Packet is sent from or to a Compute Engine instance that is not in a
    # running state.
    INSTANCE_NOT_RUNNING = 14

    # Packet sent from or to a GKE cluster that is not in running state.
    GKE_CLUSTER_NOT_RUNNING = 27

    # Packet sent from or to a Cloud SQL instance that is not in running state.
    CLOUD_SQL_INSTANCE_NOT_RUNNING = 28

    # The type of traffic is blocked and the user cannot configure a firewall
    # rule to enable it. See [Always blocked
    # traffic](https://cloud.google.com/vpc/docs/firewalls#blockedtraffic) for
    # more details.
    TRAFFIC_TYPE_BLOCKED = 15

    # Access to Google Kubernetes Engine cluster master's endpoint is not
    # authorized. See [Access to the cluster
    # endpoints](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#access_to_the_cluster_endpoints)
    # for more details.
    GKE_MASTER_UNAUTHORIZED_ACCESS = 16

    # Access to the Cloud SQL instance endpoint is not authorized.
    # See [Authorizing with authorized
    # networks](https://cloud.google.com/sql/docs/mysql/authorize-networks) for
    # more details.
    CLOUD_SQL_INSTANCE_UNAUTHORIZED_ACCESS = 17

    # Packet was dropped inside Google Kubernetes Engine Service.
    DROPPED_INSIDE_GKE_SERVICE = 18

    # Packet was dropped inside Cloud SQL Service.
    DROPPED_INSIDE_CLOUD_SQL_SERVICE = 19

    # Packet was dropped because there is no peering between the originating
    # network and the Google Managed Services Network.
    GOOGLE_MANAGED_SERVICE_NO_PEERING = 20

    # Packet was dropped because the Google-managed service uses Private
    # Service Connect (PSC), but the PSC endpoint is not found in the project.
    GOOGLE_MANAGED_SERVICE_NO_PSC_ENDPOINT = 38

    # Packet was dropped because the GKE cluster uses Private Service Connect
    # (PSC), but the PSC endpoint is not found in the project.
    GKE_PSC_ENDPOINT_MISSING = 36

    # Packet was dropped because the Cloud SQL instance has neither a private
    # nor a public IP address.
    CLOUD_SQL_INSTANCE_NO_IP_ADDRESS = 21

    # Packet was dropped because a GKE cluster private endpoint is
    # unreachable from a region different from the cluster's region.
    GKE_CONTROL_PLANE_REGION_MISMATCH = 30

    # Packet sent from a public GKE cluster control plane to a private
    # IP address.
    PUBLIC_GKE_CONTROL_PLANE_TO_PRIVATE_DESTINATION = 31

    # Packet was dropped because there is no route from a GKE cluster
    # control plane to a destination network.
    GKE_CONTROL_PLANE_NO_ROUTE = 32

    # Packet sent from a Cloud SQL instance to an external IP address is not
    # allowed. The Cloud SQL instance is not configured to send packets to
    # external IP addresses.
    CLOUD_SQL_INSTANCE_NOT_CONFIGURED_FOR_EXTERNAL_TRAFFIC = 33

    # Packet sent from a Cloud SQL instance with only a public IP address to a
    # private IP address.
    PUBLIC_CLOUD_SQL_INSTANCE_TO_PRIVATE_DESTINATION = 34

    # Packet was dropped because there is no route from a Cloud SQL
    # instance to a destination network.
    CLOUD_SQL_INSTANCE_NO_ROUTE = 35

    # Packet could be dropped because the Cloud Function is not in an active
    # status.
    CLOUD_FUNCTION_NOT_ACTIVE = 22

    # Packet could be dropped because no VPC connector is set.
    VPC_CONNECTOR_NOT_SET = 23

    # Packet could be dropped because the VPC connector is not in a running
    # state.
    VPC_CONNECTOR_NOT_RUNNING = 24

    # Packet could be dropped because it was sent from a different region
    # to a regional forwarding without global access.
    FORWARDING_RULE_REGION_MISMATCH = 25

    # The Private Service Connect endpoint is in a project that is not approved
    # to connect to the service.
    PSC_CONNECTION_NOT_ACCEPTED = 26

    # The packet is sent to the Private Service Connect endpoint over the
    # peering, but [it's not
    # supported](https://cloud.google.com/vpc/docs/configure-private-service-connect-services#on-premises).
    PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK = 41

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule does not have
    # global access enabled.
    PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS = 48

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule has multiple ports
    # specified.
    PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS = 54

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group) targeting a Cloud SQL service attachment, but this
    # configuration is not supported.
    CLOUD_SQL_PSC_NEG_UNSUPPORTED = 58

    # No NAT subnets are defined for the PSC service attachment.
    NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT = 57

    # The packet sent from the hybrid NEG proxy matches a non-dynamic route,
    # but such a configuration is not supported.
    HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED = 55

    # The packet sent from the hybrid NEG proxy matches a dynamic route with a
    # next hop in a different region, but such a configuration is not
    # supported.
    HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED = 56

    # Packet sent from a Cloud Run revision that is not ready.
    CLOUD_RUN_REVISION_NOT_READY = 29

    # Packet was dropped inside Private Service Connect service producer.
    DROPPED_INSIDE_PSC_SERVICE_PRODUCER = 37

    # Packet sent to a load balancer, which requires a proxy-only subnet and
    # the subnet is not found.
    LOAD_BALANCER_HAS_NO_PROXY_SUBNET = 39

    # Packet sent to Cloud Nat without active NAT IPs.
    CLOUD_NAT_NO_ADDRESSES = 40

    # Packet is stuck in a routing loop.
    ROUTING_LOOP = 59
  end
end

#source_ip::String

Returns Source IP address of the dropped packet (if relevant).

Returns:

  • (::String)

    Source IP address of the dropped packet (if relevant).


1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
# File 'proto_docs/google/cloud/networkmanagement/v1/trace.rb', line 1110

class DropInfo
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Drop cause types:
  module Cause
    # Cause is unspecified.
    CAUSE_UNSPECIFIED = 0

    # Destination external address cannot be resolved to a known target. If
    # the address is used in a Google Cloud project, provide the project ID
    # as test input.
    UNKNOWN_EXTERNAL_ADDRESS = 1

    # A Compute Engine instance can only send or receive a packet with a
    # foreign IP address if ip_forward is enabled.
    FOREIGN_IP_DISALLOWED = 2

    # Dropped due to a firewall rule, unless allowed due to connection
    # tracking.
    FIREWALL_RULE = 3

    # Dropped due to no matching routes.
    NO_ROUTE = 4

    # Dropped due to invalid route. Route's next hop is a blackhole.
    ROUTE_BLACKHOLE = 5

    # Packet is sent to a wrong (unintended) network. Example: you trace a
    # packet from VM1:Network1 to VM2:Network2, however, the route configured
    # in Network1 sends the packet destined for VM2's IP address to Network3.
    ROUTE_WRONG_NETWORK = 6

    # Route's next hop IP address cannot be resolved to a GCP resource.
    ROUTE_NEXT_HOP_IP_ADDRESS_NOT_RESOLVED = 42

    # Route's next hop resource is not found.
    ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND = 43

    # Route's next hop instance doesn't have a NIC in the route's network.
    ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK = 49

    # Route's next hop IP address is not a primary IP address of the next hop
    # instance.
    ROUTE_NEXT_HOP_INSTANCE_NON_PRIMARY_IP = 50

    # Route's next hop forwarding rule doesn't match next hop IP address.
    ROUTE_NEXT_HOP_FORWARDING_RULE_IP_MISMATCH = 51

    # Route's next hop VPN tunnel is down (does not have valid IKE SAs).
    ROUTE_NEXT_HOP_VPN_TUNNEL_NOT_ESTABLISHED = 52

    # Route's next hop forwarding rule type is invalid (it's not a forwarding
    # rule of the internal passthrough load balancer).
    ROUTE_NEXT_HOP_FORWARDING_RULE_TYPE_INVALID = 53

    # Packet is sent from the Internet to the private IPv6 address.
    NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV6_ADDRESS = 44

    # The packet does not match a policy-based VPN tunnel local selector.
    VPN_TUNNEL_LOCAL_SELECTOR_MISMATCH = 45

    # The packet does not match a policy-based VPN tunnel remote selector.
    VPN_TUNNEL_REMOTE_SELECTOR_MISMATCH = 46

    # Packet with internal destination address sent to the internet gateway.
    PRIVATE_TRAFFIC_TO_INTERNET = 7

    # Instance with only an internal IP address tries to access Google API and
    # services, but private Google access is not enabled in the subnet.
    PRIVATE_GOOGLE_ACCESS_DISALLOWED = 8

    # Source endpoint tries to access Google API and services through the VPN
    # tunnel to another network, but Private Google Access needs to be enabled
    # in the source endpoint network.
    PRIVATE_GOOGLE_ACCESS_VIA_VPN_TUNNEL_UNSUPPORTED = 47

    # Instance with only an internal IP address tries to access external hosts,
    # but Cloud NAT is not enabled in the subnet, unless special configurations
    # on a VM allow this connection.
    NO_EXTERNAL_ADDRESS = 9

    # Destination internal address cannot be resolved to a known target. If
    # this is a shared VPC scenario, verify if the service project ID is
    # provided as test input. Otherwise, verify if the IP address is being
    # used in the project.
    UNKNOWN_INTERNAL_ADDRESS = 10

    # Forwarding rule's protocol and ports do not match the packet header.
    FORWARDING_RULE_MISMATCH = 11

    # Forwarding rule does not have backends configured.
    FORWARDING_RULE_NO_INSTANCES = 12

    # Firewalls block the health check probes to the backends and cause
    # the backends to be unavailable for traffic from the load balancer.
    # For more details, see [Health check firewall
    # rules](https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules).
    FIREWALL_BLOCKING_LOAD_BALANCER_BACKEND_HEALTH_CHECK = 13

    # Packet is sent from or to a Compute Engine instance that is not in a
    # running state.
    INSTANCE_NOT_RUNNING = 14

    # Packet sent from or to a GKE cluster that is not in running state.
    GKE_CLUSTER_NOT_RUNNING = 27

    # Packet sent from or to a Cloud SQL instance that is not in running state.
    CLOUD_SQL_INSTANCE_NOT_RUNNING = 28

    # The type of traffic is blocked and the user cannot configure a firewall
    # rule to enable it. See [Always blocked
    # traffic](https://cloud.google.com/vpc/docs/firewalls#blockedtraffic) for
    # more details.
    TRAFFIC_TYPE_BLOCKED = 15

    # Access to Google Kubernetes Engine cluster master's endpoint is not
    # authorized. See [Access to the cluster
    # endpoints](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#access_to_the_cluster_endpoints)
    # for more details.
    GKE_MASTER_UNAUTHORIZED_ACCESS = 16

    # Access to the Cloud SQL instance endpoint is not authorized.
    # See [Authorizing with authorized
    # networks](https://cloud.google.com/sql/docs/mysql/authorize-networks) for
    # more details.
    CLOUD_SQL_INSTANCE_UNAUTHORIZED_ACCESS = 17

    # Packet was dropped inside Google Kubernetes Engine Service.
    DROPPED_INSIDE_GKE_SERVICE = 18

    # Packet was dropped inside Cloud SQL Service.
    DROPPED_INSIDE_CLOUD_SQL_SERVICE = 19

    # Packet was dropped because there is no peering between the originating
    # network and the Google Managed Services Network.
    GOOGLE_MANAGED_SERVICE_NO_PEERING = 20

    # Packet was dropped because the Google-managed service uses Private
    # Service Connect (PSC), but the PSC endpoint is not found in the project.
    GOOGLE_MANAGED_SERVICE_NO_PSC_ENDPOINT = 38

    # Packet was dropped because the GKE cluster uses Private Service Connect
    # (PSC), but the PSC endpoint is not found in the project.
    GKE_PSC_ENDPOINT_MISSING = 36

    # Packet was dropped because the Cloud SQL instance has neither a private
    # nor a public IP address.
    CLOUD_SQL_INSTANCE_NO_IP_ADDRESS = 21

    # Packet was dropped because a GKE cluster private endpoint is
    # unreachable from a region different from the cluster's region.
    GKE_CONTROL_PLANE_REGION_MISMATCH = 30

    # Packet sent from a public GKE cluster control plane to a private
    # IP address.
    PUBLIC_GKE_CONTROL_PLANE_TO_PRIVATE_DESTINATION = 31

    # Packet was dropped because there is no route from a GKE cluster
    # control plane to a destination network.
    GKE_CONTROL_PLANE_NO_ROUTE = 32

    # Packet sent from a Cloud SQL instance to an external IP address is not
    # allowed. The Cloud SQL instance is not configured to send packets to
    # external IP addresses.
    CLOUD_SQL_INSTANCE_NOT_CONFIGURED_FOR_EXTERNAL_TRAFFIC = 33

    # Packet sent from a Cloud SQL instance with only a public IP address to a
    # private IP address.
    PUBLIC_CLOUD_SQL_INSTANCE_TO_PRIVATE_DESTINATION = 34

    # Packet was dropped because there is no route from a Cloud SQL
    # instance to a destination network.
    CLOUD_SQL_INSTANCE_NO_ROUTE = 35

    # Packet could be dropped because the Cloud Function is not in an active
    # status.
    CLOUD_FUNCTION_NOT_ACTIVE = 22

    # Packet could be dropped because no VPC connector is set.
    VPC_CONNECTOR_NOT_SET = 23

    # Packet could be dropped because the VPC connector is not in a running
    # state.
    VPC_CONNECTOR_NOT_RUNNING = 24

    # Packet could be dropped because it was sent from a different region
    # to a regional forwarding without global access.
    FORWARDING_RULE_REGION_MISMATCH = 25

    # The Private Service Connect endpoint is in a project that is not approved
    # to connect to the service.
    PSC_CONNECTION_NOT_ACCEPTED = 26

    # The packet is sent to the Private Service Connect endpoint over the
    # peering, but [it's not
    # supported](https://cloud.google.com/vpc/docs/configure-private-service-connect-services#on-premises).
    PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK = 41

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule does not have
    # global access enabled.
    PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS = 48

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group), but the producer PSC forwarding rule has multiple ports
    # specified.
    PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS = 54

    # The packet is sent to the Private Service Connect backend (network
    # endpoint group) targeting a Cloud SQL service attachment, but this
    # configuration is not supported.
    CLOUD_SQL_PSC_NEG_UNSUPPORTED = 58

    # No NAT subnets are defined for the PSC service attachment.
    NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT = 57

    # The packet sent from the hybrid NEG proxy matches a non-dynamic route,
    # but such a configuration is not supported.
    HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED = 55

    # The packet sent from the hybrid NEG proxy matches a dynamic route with a
    # next hop in a different region, but such a configuration is not
    # supported.
    HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED = 56

    # Packet sent from a Cloud Run revision that is not ready.
    CLOUD_RUN_REVISION_NOT_READY = 29

    # Packet was dropped inside Private Service Connect service producer.
    DROPPED_INSIDE_PSC_SERVICE_PRODUCER = 37

    # Packet sent to a load balancer, which requires a proxy-only subnet and
    # the subnet is not found.
    LOAD_BALANCER_HAS_NO_PROXY_SUBNET = 39

    # Packet sent to Cloud Nat without active NAT IPs.
    CLOUD_NAT_NO_ADDRESSES = 40

    # Packet is stuck in a routing loop.
    ROUTING_LOOP = 59
  end
end