SNMP Trap FAQ: Basics for Telecom Network Monitoring

If you're a professional who manages a significant telecom/corporate network, you'll likely need to use the SNMP protocol. This basic FAQ list will get your started. If your interest is merely to learn about SNMP in a general sense, please remember that the answers below were written with enterprise-grade systems in mind.

A multi-protocol master monitoring SNMP and other devices simultaneously
An integrated manager can monitor SNMP and
non-SNMP devices, unifying your entire network.

What is an SNMP trap?

An SNMP trap is a warning event sent by a managed device over a network when a change-of-state (COS) event occurs. Some events that will trigger a device to send SNMP traps include power outages and security breaches. However, devices will also send traps for simple status events, such as doors opening and closing. These traps are sent across the network in the same manner, and are given no priority when using a standard SNMP manager.

SNMP trap requests can fall under two groups: polled or autonomous.

When an SNMP manager operates using polled SNMP traps, it will periodically request updates from all managed devices. This is accomplished according to a single time frame, such as every half hour, or every five minutes. When traps are autonomous, they are automatically sent to the manager any time a COS event occurs. Rather than updating the manager on the status of a door every few minutes, autonomous SNMP traps are sent every time a door opens or closes.

How can an SNMP trap alarm be identified?

SNMP traps sent from devices usually conform to 1 of 2 major trap systems: granular or variable bindings. When a trap message is assembled in the granular format, each single trap is specified a trap identifier rather than a Variable Binding Style (VBS). This identifier is a number that is accepted by the SNMP manager to indicate a particular state change, such as a single door opening. The messages are set apart by providing a different detail message for each trap, such as indicating a door is open, or a battery charge is low.

What are some SNMP Trap issues?

It is often the case that SNMP problems are caused by the content of SNMP traps being sent. Therefore, it is important to check for these SNMP trap issues.

  • Incompatible trap versions
    If your SNMP manager is configured to accept v1 traps and your device is sending v2 traps, you will encounter problems. Likewise, some managers that are configured to receive v2 traps will not accurately parse v1 traps. Configure your RTU to send the version of traps that your manager is setup to accept, or configure your manager to accept the type of traps that your remote gear is sending. In essence, most v2 managers can be configured to receive v1 traps. The latest SNMP version is SNMPv3.
  • Non-standard trap formats.
    It can also be problematic if a device is sending non-standard traps. Even though SNMP is a standard protocol, some people have modified formats of their traps to suite special needs.

Why would I need to use an SNMP trap device in my network?

SNMP is primarily used when sending trap communications through a network to the device manager.

In some situations, SNMP relieves you of the job of requesting information from every device along a network individually. And managed devices send unsolicited alert in the form of autonomous traps to one common SNMP network monitoring application.

Once you receive the SNMP trap, you can take action based upon the event described by the SNMP trap. However, you cannot send an SNMP trap message back to a device, as SNMP trap communication only occurs from device to network manager. The management application must inform the appropriate person of the event.

How would I select an SNMP trap management system?

Look for these key features:

  • Complete Alarm collection and device management. Never settle for a limited SNMP trap management system. Acquire multi protocol support for every monitoring device in your network in addition to SNMP, plus discrete alarms, analog alarms, ping alarms, and redundant path reporting.
  • Alarm presentation and notification. Send detailed alarm descriptions and correction instructions to NOC and field technicians via pager notifications and web interfaces.
  • Alarm sorting and analysis. Make sense of alarm cascades with automatic intelligent alarm sorting, filtering, processing, and trend analysis.

Why is a typical SNMP manager not sufficient for monitoring my network?

The role of an SNMP manager is best used for performing an inventory of network devices and drilling down into gear details after your network monitoring system notifies you of an issue. SNMP is only one item in your network alarm monitoring toolkit, and it can be used more effectively when it is part of your total network monitoring solution.

Solely relying on an SNMP manager for your key network monitoring does not take into account the vast amount of legacy and non-SNMP equipment that is working perfectly fine in networks around the world.

What are some common mistakes typically made when integrating SNMP and non-SNMP monitoring?

  • Selecting an SNMP system that doesn't provide complete, precise alarm descriptions.
    A basic SNMP manager does not record the location, time, or detailed description of alarm events. In order to adapt an off-the-shelf SNMP manager to monitor these factors, you must generate and maintain a master alarm list representing all the monitored points in your network. Then generate and maintain a database associating all the SNMP traps that may be sent to the SNMP manager with the alarms on that list.
  • Settling for an SNMP system that cannot identify cleared alarms.

    Extensive database work is required to identify whether a trap matches to an alarm condition or a clear condition. Creating this addendum to the trap association database often requires analyzing a lot of variable bindings within the trap packet.

How does the communication work?

The SNMP manager sends a Get or GetNext message to read a variable and the agent's response contains the requested information if managed. The manager then sends a Set to change a variable and the agent's response confirms the change if allowed. The agent sends a Trap when a specific event occurs.

Get a Custom Application Diagram of Your Perfect-Fit Monitoring System

There is no other network on the planet that is exactly like yours. For that reason, you need to build a monitoring system that's the right fit for you.

"Buying more than you need" and "buying less than you need" are real risks. You also have to think about training, tech support, and upgrade availability.

Send me a quick online message about what you're trying to accomplish. I'll work with you to build a custom PDF application diagram that's a perfect fit for your network.