SNMP Sensor Types (PRTG 7 User Manual)

SNMP Sensor Types

The Simple Network Management Protocol (SNMP) is the most basic method of gathering bandwidth and network usage data.

How SNMP Monitoring works

SNMP can be used to monitor bandwidth usage of routers and switches on a port-by-port basis, as well as device readings such as memory, CPU load etc.

When this technology is used, PRTG queries the devices (e.g. routers, switches and servers) for the traffic counters of each port with quite small data packets. These are triggering reply packets from the device. Compared to PRTG's other bandwidth monitoring techologies (xFlow/NetFlow, Packet Sniffing and WMI) the SNMP option creates the least CPU and network load.

Reasons To Choose SNMP Monitoring

SNMP is the most commonly used method mainly because it is easy to set up and requires minimal bandwidth and CPU cycles. If your network devices support SNMP and/or if you want to monitor large networks with several hundred or thousands of sensors, we recommend you start with SNMP. Besides network usage monitoring, another well-known feature of SNMP is the ability to also watch other network parameters such as CPU loads, disk usage, temperatures, as well monitoring many other readings (depending on the device).

Important information about network issues: In order to use SNMP for monitoring purposes, it is imperative that UDP packets are allowed to travel from the machine running PRTG, to the device you want to monitor and back, which is usually the case in LANs and Intranets. This is not usually the case for Internet connections, DMZ and WAN connections. Here, some changes to the traversed firewalls may be necessary. Keep in mind that SNMP V1 and V2c are not secure protocols and should not be used across the Internet or insecure data connections. Only SNMP version 3 supports encryption.

SNMP Sensors Types

To better understand and set up SNMP sensor types, you may want to learn more about the principle of Object Identifiers (OID) and Management Information Base (MIB). For more information about this, please refer to the Knowledge Base article linked below (section "See also").

The following sensors use the Simple Network Management Protocol (supports SNMP V1, V2c and V3):

SNMP Traffic: Supports monitoring bandwidth (bits/s) and volume (bytes), as well as the number of packets and errors via SNMP for a port or a network card on PCs, servers, switches, firewalls, printers.
SNMP Custom: Monitors one specific OID supplied by the user.
SNMP Library: SNMP libraries make it easy to create system-specific sensors based on MIBs (some are included and new ones can be created from standard SNMP MIB files using the free MIB importer tool, see below).
SNMP Uptime: Monitors the uptime of a device (time since last reboot)
SNMP Custom: Monitors a specific OID.
SNMP Custom String: Monitors a string specified by an OID.
SNMP Trap Receiver: Opens a UDP port on a probe and waits for SNMP Traps, then processes the information.

SNMP Version 1, 2c and 3

PRTG supports three versions of the SNMP protocol:

SNMP Version 1: The oldest and most basic version of SNMP.

Pros: Supported by most SNMP-compatible devices; simple to set up.

Cons: Limited security as it only uses a simple password ("community string") and data is sent in clear text (unencrypted). It should therefore only be used inside LANs behind firewalls, not in WANs; only supports 32-bit counters which is not enough for high-load (gigabits/second) bandwidth monitoring.

SNMP Version 2c: Adds 64-bit counters.

Pros: Supports 64-bit counters to monitor bandwidth usage in networks with gigabits/second loads.
Cons: Limited security (same as with SNMP V1).

SNMP Version 3: Adds authentication and encryption.

Pros: Offers user accounts and authentication for multiple users and optional data packet encryption, increasing available security; plus all advantages of Version 2c.
Cons: Difficult to configure. Not suitable for large networks (see below for more information).

It is important to know that if you select an SNMP version which is not supported by the server or device you want to monitor, you will receive an error message. Unfortunately, most of the time these error messages do not explicitly mention the possibility of using the incorrect SNMP version. These messages provide minimum information only, such as "cannot connect" or similar. The same situation exists if community strings, usernames or passwords are incorrect.

SNMP Overload and Limitations of the SNMP System

SNMP V1 and V2 scale directly with the performance of the hardware and the speed of the network. In our labs we were able to monitor 30.000 SNMP V1 sensors at 60 second interval with one PRTG server (core and local probe) plus two remote probes (10.000 sensors on each probe).

But SNMP V3 has software dependent performance limitations due to the SSL encryption. Due to internal limitations you can only monitor a limited number of sensors per second using SNMP V3. The limit is somewhere between 1 and 50 sensors per second (depending on the SNMP latency of your network). This means that using an interval of 60 seconds you are limited to between 60 and 3,000 SNMP V3 sensors for each probe. If you experience an increased "SNMP Interval Delay" or "Open Requests" reading of the probe health sensor (Values above 0 % indicate that the SNMP requests cannot be performed at the desired interval) you need to distribute the load over multiple probes. SNMP V1 and V2 do not have this limitation.

If you run into SNMP Overload problems you have three options:

Increase the monitoring interval of the SNMP V3 sensors.
Distribute the SNMP V3 sensors over two or more probes.
Switch to SNMP V1 or V2 if you can live without encryption.

What is the "SNMP Community String"?

The "SNMP Community String" is similar to a user ID or password that allows access to a router's or other device's statistics. PRTG Network Monitor forwards the community string along with all SNMP requests. If the correct community string is provided, the device responds with the requested information. If the community string is incorrect, the device simply discards the request and does not respond.

Note: SNMP community strings are only used by devices that support SNMP V1 and SNMP V2c protocols. SNMP V3 uses safer username/password authentication, along with an encryption key.

By convention, most SNMP V1/V2c equipment ships with a read-only community string set to "public". It is standard practice for network managers to change all the community strings to customized values within the device setup.

Tools

Paessler MIB Importer: Imports MIB (Management Information Base) files and converts them into OID libraries for use with PRTG Network Monitor.
http://www.paessler.com/tools/

Paessler SNMP Tester: SNMP Tester can run simple SNMP requests against a device in a network to debug SNMP requests down to the protocol level in order to find communication and/or data problems in SNMP monitoring configurations.
http://www.paessler.com/tools/