mag72

SNMP Traps Explained – A Full Breakdown of What it Does!

snmp traps explained and definition

Marc Wilson

Simple Network Management Protocol (SNMP) is used by different devices (Routers, Switches, Printers, etc.) on the network to check each other’s activity and communicate critical information.

Today, SNMP is one of the most widely accepted protocols for network monitoring, which enables many network devices to operate together.

SNMP relies on an architecture which consists of a manager and an agent. SNMP Managers can be any machine on the network that is running SNMP to collect and process information from the devices on either the LAN or WAN.

These network devices are Agents that can be Servers, Routers, Switches, Desktops, or any other Equipment.

snmp trap diagram

SNMP messages are categorized into five basic types such as TRAP, GET, GET-NEXT, GET-RESPONSE, and SET.

SNMP manager and SNMP agent use these messages to communicate with each other.

Devices That Support SNMP Traps

There is one of the two device types most commonly used to issue SNMP traps. Newer devices alert the SNMP manager on their own to send the traps when an issue occurs.

The older devices, on the other hand, do not support SNMP, so the SNMP RTU is used to collect the alert information from different devices which converts them into SNMP traps and transmits them back to the SNMP manager.

What are SNMP Traps?

SNMP Traps are the most frequently used alert messages sent from a remote SNMP-enabled device (an agent) to a central collector, the “SNMP manager.”

For instance, a Trap might report an event of overheating in a machine.

As mentioned earlier, the Trap messages are the main form of communication between an SNMP Agent and SNMP Manager.  They are used to inform an SNMP manager when a significant event occurs at the Agent level.

What makes the Trap unique from other messages is that they are triggered instantaneously by an agent, rather than waiting for a status request from the SNMP Manager.

snmp manager agent diagram

Types of SNMP Traps

There are two different methods used to encode alarm data in SNMP traps. The first one is to use what are known as “granular traps.” Granular traps each have a unique object identifier (OID) number so that SNMP managers can distinguish them from one another.

The SNMP manager getting the SNMP traps from the network devices or agents will store the OID in a translation file which is known as the Management Information Base or MIB.

Now, because the granular traps use unique numbers to support this method and all of the details are available in the MIB, no actual information about the alert needs to be contained within the SNMP trap.

So, the manager only needs OID to look up the information in MIB.

This approach prevents the SNMP traps from sending redundant information through the network, and they consume very little bandwidth.

In the second type, SNMP traps may be configured to contain information about the alerts as payloads. In this case, it’s very usual for all SNMP traps sent from the device to use the same OID.

To understand these types of traps, the SNMP manager needs to analyze the data contained in each Trap.

Data is stored within an SNMP trap in a simple key-value pair configuration. Each pair is known as a “variable binding” containing extra information related to the Trap.

As an example, a single SNMP trap may have the variable bindings for “site name,” “severity,” and “alarm description.”

Summary

SNMP trap is a popular mechanism used to manage and monitor devices’ activities across a small or a global network.

Routing platforms are capable of generating a range of events that can be highly useful to the network administrators.

Furthermore, it’s up to the operations team to select and configure the alerts for each event.

A proper SNMP deployment can:

  • Help to detect data loss and to achieve reliable data transmission.
  • Identify latency issues and packet loss
  • Keep bandwidth usage below predefined service levels
  • Avoiding network congestion and blackouts
  • Reducing the cost and Time of Network Troubleshooting
  • and a Lot More!