3516

The Basics of SNMP Trap Messages

Simple Network Management Protocol (SNMP) Traps are alert messages sent from a remote SNMP-enabled device to a central collector, the "SNMP manager". In more technical terms, SNMP Traps are asynchronous, unpacked messages used to notify an entity in your network management system, i.e. central management, of significant issues and events.

SNMP OID tree
A traditional SNMP poll (left) vs an async SNMP trap example (right) in a monitored network.

A Trap might tell you that a managed device is overheating, for example. Trap messages are the main form of communication between SNMP monitoring tools - an SNMP Agent and an SNMP Manager.

As you'll recall, SNMP is one possible protocol that managers and agents can use to communicate.

Incoming traps are used to inform an SNMP manager when an important event happens at the Agent level. A benefit of using Traps for monitoring and managing alarms is that they trigger instantaneously, rather than waiting for a status request from the manager.

What network devices send SNMP traps?

SNMP traps are most commonly issued by one of two device types. Newer monitoring devices are able to send traps on their own to alert an SNMP trap manager when they experience a problem. For older devices that do not support SNMP, an SNMP RTU may be used to collect alarms from multiple legacy devices, convert them to SNMP traps, and transmit them (most commonly over LAN) back to your SNMP manager.

Are there different SNMP trap types?

Yes. The most important thing to keep in mind is SNMP versions, like v1, v2c, and v3. Each version has different pros and cons, and you need to think about compatibility when managing your network.

SNMPv3 supports encryption for security, while SNMPv1 is very simple to set up. If you have standardized on SNMPv3, for example, you're going to need SNMPv3 devices. Older devices will need to be upgraded. You can also install a translation device to convert between SNMP versions.

How are alarms encoded in traps?

There are two different methods for encoding alarm data in SNMP traps.

One is to use what are known as granular traps". Granular traps each have a unique OID so that you can tell them apart from one another. The SNMP manager getting the SNMP traps from the device will look up the OID in a translation file called a management information base or MIB.

Because granular traps use unique numbers to support this lookup method, no actual alarm data needs to be contained within the SNMP trap. This reduces bandwidth consumed by SNMP traps because they are not sending redundant information through the network.

What are the limitations of SNMP traps?

Unlike other protocols, an SNMP trap provides no proof that the message is received by the SNMP manager. Newer versions of SNMP include a new type of message called an "inform" message. An SNMP inform message is confirmed by the SNMP manager. If SNMP agent does not see confirmation from the SNMP manager that its SNMP inform message has been received, it will resend the inform message.

Because SNMP is asynchronous (messages are sent only when something must be reported), there's also no automatic way to be sure a device is still online. This is a disadvantage compared to polled protocols, where the central master is frequently asking each device for an update.

Because SNMP is one specific protocol it's incompatible with others, like Modbus or DNP3. To solve this problem, you'll need an SNMP conversion device:

Converting other protocols to SNMP

It's not prominent in SNMP textbooks, but real-world network administrators know that making multiple protocols work together is part of the job. Here's an example of protocol conversion, as configured in an RTU web interface:

Real-World SNMP RTU Example

To make it easier to understand how you can monitor SNMP traps, let's look at a real-world example: the NetGuardian 832A.

This RTU sends SNMP traps based on many inputs. Typically, the 832A will send traps to your manager when one of its 32 discrete alarm inputs is triggered by a contact closure output from one of your devices. This could indicate anything from generator failure to a door open, to a motion sensor.

This 832A can also send SNMP traps based on the current status of its eight analog current or voltage inputs. Since analog inputs are never completely on or off, but rather a value in a range, the firmware and user configuration are used to decide when to send traps. Helpful software and good build quality are reasons it has been used at many telecommunications, utility, and transit companies.

Do You Want to Know More About SNMP?

The Fast Track Introduction to SNMP by Marshall DenHartog is a quick, 12-page introduction to SNMP. You'll learn about traps, message formats, the MIB, and other fundamental SNMP concepts.
PDF Download SNMP Tutorial PDF

Get Answers to All of Your SNMP Questions

At DPS, we're totally focused on remote monitoring, including SNMP protocol. We've worked on thousands of projects that involve SNMP in one form or another.

That experience means that we have SNMP experts on staff. Send us a quick online message (or just give us a call) and we'll answer any SNMP question you have.

Related Topics:

Best SNMP Trap Receiver

How SNMP Works

How SNMPWalk Works

Learn More

DPS is here to help.

1-800-693-0351

Have a specific question? Ask our team of expert engineers and get a specific answer!

Ask an Expert DPS Telecom Get a Fast Answer!

Click here for more information.

Get the SNMP Fast Track GuideBook

Download our free SNMP White Paper. Featuring SNMP Expert Marshall DenHartog.

This guidebook has been created to give you the information you need to successfully implement SNMP-based alarm monitoring in your network.

SNMP White Paper Download White Paper

Click here for more information.

Having trouble finding the perfect solution?

Get Help

No other network on the planet is exactly like yours. We manufacture hundreds of product variations per year that are customized to our clients' exact spec, all while providing training, tech support, and upgrade availability.

Send us a quick online message about what you're trying to accomplish. We'll give you a call and work with you to design a perfect-fit solution for your network.

Hours: Monday - Friday
7:00 a.m. - 6:00 p.m. PST
Tech Support: (559) 454-1600 / support@dpstele.com
Sales: Domestic: (800) 693-0351
International: 1+ (559) 454-1600