09-08-2017 07:14 AM
Can someone tell me the actual flow of emails when they are set up at the switch level in SAN Network Advisor. It appears to me that the switch is the device that actually sends the email alerts out and not SNA. SNA is only the tool to configure email alerting.
The reason I'm asking is that we have IP restrictions in place that limits the amount of devices that can email relay. Would I have to allow every switch address to send emails to the relay agent, or is SNA relaying the alert from the switch to the email system. Also it appears that when i use the send test button in SNA we do not recieve an email, although SNS shows a completion.
Any logging that can be looked at to confirm message transmittal.?
09-08-2017 08:03 AM
the switches, when configured to alert via e-mail, are sending out mail to the configured mail relay server (IP) OR the MX server configured in DNS, dependent on your configuration of the switches. The BNA (SNA) server can also be used to send out mail based on action and states of BNA, but yoiur BNA server is not receiving mail from the switches. If you like to use your BNA server for relaying mail, you need install mail relay software on the bna server and configure the switch to use the BNA server as mail relay.
the switch relay configuration is done via CLI relayconfig.
For the logging / confirmation of the mail, I need to take a look.
09-11-2017 10:19 AM
Thanks, we got this resolved. What I found out was on the director level switches have 3 IP addresses, (I did not set them up) and we had to allocate all 3 addresses to use email relay. We restrict access to the email relay devices.
09-12-2017 05:40 AM
Martin, thanks for the answer and sorry to bother you again. My boss is not a fan of adding all our switches to email relay. So I need to understand that the only way for the MAPS enabled switchs to send mail through BNA is to make it a mail relay server? I guess previously under Fabric Watch the BNA server sent the messages out.
Problem with that is it could represent an additional level of security requirements. We don't normally make our servers email realy capable.
Any other suggestions?
09-12-2017 07:29 AM
fabric watch did also have the same setup for mail, if you wanted. You have a few options here
1. install a mail-relay server on the bna server and configure switches to send mail bna server mail relay
2. disable mail from switches and only use raslog, snmp to bna server, and have bna server send mail for certain triggers - "Email Event Notification" and "Defining Filters" see (from 12.4 but same for 14.x)
by using bna, you can also apply some filtering - notification interval etc.
09-13-2017 07:00 AM
Martin, unfortunately I'm not sure if i completely understand. Let me see if I can explain our configuration.
We have been on BNA ever since the old DCFM version probably over 7 years ago.
I've always used the SNMP alerting that was availablee and send email notifications via the user console as you mentioned below. I have it set up to send emails to a group email address so a few of us are aware of the messages. I have limited filters applied but alert on Emergency, Alert, Critical, Error etc.
Now we have implemented MAPS on our switches that are capable of utilizing it. Are you saying that if I disable MAPS email that the alerts will still be generated to BNA via SNMP and BNA will send the alerts just like before?
We were doing testing and found that if I disconnect a power connection from one of our new director switces no alerts were being generated via email. I saw the errors in the switch log, but the errors did not role up into the BNA Event logs. It appears the only way I got this working was to enable the MAPS email, add the switch to our email permissions group and emails were recieved.
If one of the power cables is disconnected from director switch I assume that the classification on the alert would be critical and should generate a BNA event and generate an email.
So I guess my basic question is will all MAPS generated alerts be forwarded to BNA and then alerting handled by it. Why does it appear that every switch log alert, is not forwarded to BNA?
I hope this is understandable.
09-14-2017 05:57 AM
MAPS can use different kind of action when a rule trigger. You can in FOS 7.4 have the following actions
• E-mail alerts on page 65
• FICON alerts on page 65
• Port fencing and port decommissioning on page 65
• RASLog messages on page 68
• SFP marginal on page 68
• Slow Drain Device Quarantine on page 68
• SNMP traps on page 69
• Switch critical on page 69
• Switch marginal on page 69
• Port toggling on page 70
For you setup - you would set RASLOG (retrieved / seen my BNA) or SNMP trap to BNA, and then BNA call send mail as before. No need to setup switch to send mail out for MAPS, but have do the forwarding as before.
You can enable/disable maps action on a global level
mapsConfig --actions raslog, snmp
and then mail will not be used.