Simple Network Management Protocol, or SNMP in short, is an Internet standard protocol to know about other devices within a network.
This protocol collects extensive information about managed devices on an IP network and allows this information to be modified to control the working and performance of a particular device.
Since it collects information and gives an insight into the working and performance of other devices, it is extensively used in network monitoring.
How does SNMP Work?
There are three major components in SNMP and they are:
- Managed devices:
Which are the devices that support SNMP and could include your routers, modems, servers, printers, workstations, and other devices. These managed devices allow a unidirectional or bidirectional flow of node-specific information, which means, the information can be both read-only or read and write.
which is the software that runs on the managed devices. It has information about local knowledge and helps to convert SNMP-specific information.
- Network management system:
The software that runs on the server or manager. It handles the bulk of the processing and memory required for SNMP, and most networks contain two or more NMS, depending on the network size and the number of devices connected to it.
The managed devices are also agents because they have the agent software installed in them. Typically, messages are sent from the NMS to the agents and in turn, the agents respond to these messages.
Most likely, the messages sent by the server are related to the availability and performance of the agents, and in turn, the agents keep updating their information, so they send out the latest copy of the information when they receive a request from the server.
Types of SNMP Messages
Broadly speaking, there are five different types of messages sent and received between the server and the agent, and they are:
This type of message is sent from the manager to the agent to request the value of a variable among the pre-defined list of variables. The agent responds with a specific value.
This message is sent from a manager to an agent to set the value of a particular variable. Needless to say, the manager sends the value of the variable in the message. The agent responds by sending the new value back to the manager to denote that the change is made.
This request from a manager to agent requests for the value of the next variable in the list that’s based on lexicographic order. The agent sends the value as a response.
This is the kind of message used by the agent to acknowledge the receipt of the other three messages and also, uses it to send the values of variables.
SNMP traps are different from the above messages as they are asynchronous notifications from the agent to the manager to notify the manager of a particular event.
Traps are not responses to requests from the manager but are sent as an unsolicited message from the agent.
These traps can be initiated only by the agent while the rest are initiated by the manager.
This uniqueness is what makes SNMP traps so useful in today’s network as it gives the agent a chance to inform the manager that all is not well with it.
Types of SNMP Traps
There are two broad types of SNMP traps and this difference stems from the way an alarm is encoded by a device.
In granular traps, each device has a unique Object Identifier (OID). When a particular device sends a message, the manager compares the OID with its list to know which device is sending the message.
Since the OID is enough to alert the manager, no specific information about the status or any other alarm data is necessary. The biggest advantage of this type of SNMP trap is that it consumes less bandwidth.
In the second type, the actual alert data is encoded in the message and the manager has to decode this message to understand which device is sending a trap and the reason for it. The encoding and decoding process follows a typical key-value pairing called variable binding and they contain information regarding the trap.
This type of trap consumes more bandwidth because it has to send detailed information.
What can an SNMP trap do for you?
SNMP can make life easy for you in many ways. Here are a few of its benefits.
- It provides read/write abilities, which means, you can easily reset the password or reconfigure the IP address of a remote device using SNMP traps.
- You get to know how much bandwidth is being used by a particular device, so you can plan accordingly.
- It collects error reports into a log that can be used for troubleshooting and detailed analysis.
- Helps you stay on top of different parameters such as CPU usage, memory use, and more. In addition, you get to know when any of these thresholds are breached.
In all, SNMP traps are a great way to stay on top of the performance and availability of your connected devices as the onus of reporting an error rests on the devices and not the manager.
Limitations of SNMP traps
Despite its wide-ranging benefits, SNMP traps come with certain limitations too. Here’s a look at some of them.
- When there is a fatal error and the device stops working, it can’t send an SNMP trap to the manager.
- SNMP trap gives no proof or acknowledgment that the message has been received by the manager. Some of the latest versions do have a type of message called “inform” where the message sent by the agent is confirmed by the manager.
- The asynchronous nature of SNMP traps means that there is no automatic way to know if a particular device is online and working.
- SNMP is not compatible with other protocols such as DNP3, so you may need an additional SNMP converter.
To conclude, SNMP traps are an integral part of network monitoring as you can get instant alerts when certain performance thresholds are breached. This simplicity, ease of use, and effectiveness are some reasons for major networking monitoring products to use SNMP traps to gather information about the health and working of different devices and present the same to end-users in a visually appealing way.