PRTG Manual: Monitoring via SNMP

Monitoring via the Simple Network Management Protocol (SNMP) is the most basic method of gathering bandwidth and network usage data.

How SNMP Monitoring Works

Simple Network Management Protocol (SNMP) is a set of standards for communication with devices in a Transmission Control Protocol (TCP)/IP network. SNMP monitoring is useful if you are responsible for servers and network devices such as hosts, routers, hubs, and switches. It enables you to keep an eye on network and bandwidth usage, and monitor important issues such as uptime and traffic levels.

You can use SNMP to monitor the bandwidth usage of routers and switches on a port-by-port basis, as well as device readings such as memory and CPU load. The target devices must support SNMP. Most devices with enabled SNMP require the same configuration like SNMP version and community string. To find out how to set up SNMP on a specific device, search the internet for your device name or model and SNMP configuration.

Network Monitoring via SNMP

Network Monitoring via SNMP

When you use a sensor with this technology, PRTG sends small data packets to devices, for example, querying routers, switches, and servers for the traffic counters of each port. These queries trigger reply packets from the device. Compared to other bandwidth monitoring technologies via flows, packet sniffing, or Windows Management Instrumentation (WMI), the SNMP option creates the least CPU and network load.

Reasons to Choose SNMP Monitoring

SNMP is the most commonly used method because it requires minimal bandwidth and CPU cycles. If your network devices support SNMP and/or if you want to monitor large networks with several hundred or thousands of sensors, we recommend that you start with SNMP.

Besides network usage monitoring, another well-known feature of SNMP is the ability to also monitor other network parameters such as CPU load, disk usage, temperature, as well as many other readings, depending on the queried device.

SNMP Network Issues

To use SNMP for monitoring purposes, it is necessary that User Datagram Protocol (UDP) packets can be sent bidirectional from the PRTG core server to the device that you want to monitor. This is usually the case in LANs and intranets. For connections across the internet, to a perimeter network (also known as DMZ, demilitarized zone, and screened subnet), or for WAN connections, some changes to the traversed firewalls may be necessary.

Keep in mind that SNMP v1 and v2c are no secure protocols, so you should not use them on the internet or with data connections that are not secure. Only SNMP v3 supports encryption.

Understanding SNMP Sensors

To better understand and set up SNMP sensors, you may want to learn more about the principles of object identifiers (OID) and Management Information Base (MIB) files.

icon-book-bulbFor more information about this topic, see the Knowledge Base: How do SNMP, MIBs and OIDs work?

icon-book-arrowsFor an overview and details about all SNMP sensors, see section List of Available Sensor Types.

icon-book-arrowsFor more information about which SNMP sensor is best for your monitoring setup, see section Choosing the Right SNMP Sensor.

SNMP Versions

PRTG supports three versions of the Simple Network Management Protocol (SNMP) protocol: version 1, version 2c, and version 3.

SNMP v1

This is the oldest and most basic version of SNMP.

  • Pro: Supported by most SNMP-compatible devices.
  • Con: Limited security because it only uses a simple password (community string) and sends data in clear text (unencrypted). Because of this, you should only use it inside LANs behind firewalls, but not in WANs. Version 1 only supports 32-bit counters, which are not enough for high-load (gigabits/second) bandwidth monitoring.

SNMP v2c

This version adds 64-bit counters.

  • Pro: Supports 64-bit counters to monitor bandwidth usage in networks with gigabits/second loads.
  • Con: Limited security (same as with SNMP v1).

SNMP v3

This version adds authentication and encryption to SNMP.

  • Pro: Offers user accounts and authentication for multiple users and optional data packet encryption to increase the available security, and has all advantages of Version 2c in addition.
  • Con: Difficult to configure and higher overhead for the probe, which reduces the number of devices that you can monitor (see here for more information).

SNMP Traps

Various devices can send SNMP trap messages to notify you of system events.

  • PRTG supports SNMP v1 and SNMP v2c traps.
  • The destination for SNMP traps is the IP address of the trap receiver, which is the IP of the probe system to which you add the SNMP Trap Receiver sensor.

Which SNMP Version Should I Choose?

The SNMP version you should choose depends on your environment. Here are some guidelines:

  • If your network is publicly accessible, you may want to use SNMP v3, which has encryption and secure access. However, security and encryption add overhead, which results in less performance.
  • If your network is isolated or well-protected behind firewalls, the lower security level of SNMP v1 or SNMP v2c may be sufficient.
  • From the perspective of monitoring with PRTG, SNMP v2c is preferable if you have a lot of devices to monitor. This lets you monitor more devices with a shorter scanning interval, and it supports 64-bit counters.

The most important aspect is to set the same SNMP version in the PRTG settings (for example, on Root level) as you have configured in your target device. If you select an SNMP version that is not supported by the server or device that you want to monitor, you receive an error message. Unfortunately, these error messages, in most cases, do not explicitly point to the possibility that you are using the incorrect SNMP version. These messages provide minimum information only, such as cannot connect. Similar errors occur when community strings, usernames, or passwords do not match.

icon-book-bulbFor more information about basic requirements for SNMP monitoring, see this Knowledge Base article: My SNMP sensors don't work. What can I do?

SNMP Overload and Limitations of the SNMP System

SNMP v1 and v2 scale directly with the performance of the hardware and the speed of the network. In our labs, we can monitor 30,000 SNMP v1 sensors at a 60-second scanning interval with one PRTG server (core and local probe) plus two remote probes with 10,000 sensors each.

However, SNMP v3 has performance limitations because of the Secure Sockets Layer (SSL) encryption. The main limiting factor is CPU power (as well as the other general limits for PRTG). Because of this limitation, you can monitor only a limited number of sensors per second using SNMP v3. Currently, PRTG can handle about 40 requests per second and computer core, depending on your system. This means that, on a common 1.x GHz computer with two cores, you can run about 5,000 SNMP v3 sensors with a 60-second scanning interval. On a system with four cores, you can monitor around 10,000 sensors with a 60-second scanning interval. The CPU load is at about 50% then. We do not recommend more.

Furthermore, the PRTG core server and probes should run on different computers. If you experience increased values in the Interval Delay SNMP or Open Requests channels of the Probe Health sensor (values above 0 % indicate that the SNMP requests cannot be performed at the desired interval), you need to distribute the load among multiple probes. SNMP v1 and v2 do not have this limitation.

If you run into SNMP overload problems, you have three options:

  • Increase the monitoring interval of the SNMP v3 sensors.
  • Distribute the SNMP v3 sensors among two or more probes.
  • Switch to SNMP v1 or v2 if you can go without encryption.

What is the SNMP Community String?

The SNMP Community String is similar to a user ID or password that allows access to the statistics of a router or another device. PRTG Network Monitor sends the community string along with all SNMP requests. If the correct community string is provided, the device responds with the requested information. If the community string is incorrect, the device discards the request and does not respond.

icon-i-roundSNMP community strings are only used by devices that support SNMP v1 and SNMP v2c. SNMP v3 uses safer username/password authentication, along with an encryption key.

By convention, most SNMP v1/v2c equipment ships with a read-only community string set to the value public. It is standard practice for network managers to change all the community strings to customized values during device setup.

More

Knowledge Base: What SNMP sensors does PRTG offer?

Knowledge Base: How do SNMP, MIBs and OIDs work?

Knowledge Base: My SNMP sensors don't work. What can I do?

Knowledge Base: The interface numbers on my switch keep changing. What can I do?

Knowledge Base: What can I check if SNMP and SSH sensors throw timeout and auth errors?

Knowledge Base: What can I monitor with the SNMP Custom Table Sensor?

Paessler Website: MIB Importer and SNMP Tester

Paessler White Paper: Introducing SNMP and Putting SNMP into Practice

Video Tutorial: SNMP Basics

Video Tutorial: SNMP Debugging