23

A lot of things about SNMP seemed cumbersome to me even 15 years ago. One example is the concept of MIB being a local resource to "make sense" of the otherwise numeric OIDs.

Has SNMP been modernized or mutated into something else? Is it still a must-have feature for network equipment?

Ilya
  • 341
  • 2
  • 5
  • All TV transmitters in every country (goverment owned, antenna based ones) use SNMP as a form of control, mostly V2 and i dont see this getting changed anytime soon. – Vajura Jul 29 '15 at 07:15

3 Answers3

31

Sadly, SNMP is still in common usage. Later versions of the protocol have addressed numerous issues in SNMPv1, but those have almost entirely been directed at fixing the security model. As a result, SNMP traffic is now comparitively bloaty, but they have not addressed what I consider to be the glaring shortcoming in SNMP - that data stored in the MIB resides outside the monitoring/monitored device exchange.

The separation of the MIB-stored data from that exchange, and the consequent use of numeric OIDs on the wire, made sense in SNMPv1, as it kept most exchanges to a single UDP datagram in each direction. As of v3, it no longer makes any sense, to my mind - but I'm not the IETF.

Sadly, SNMP is still a sort of lowest-common-denominator management protocol, and I'm constantly surprised how many devices I see out there where the easiest way to extract monitoring data from them is good old RO-community-string-in-UDP-based SNMPv1.

Edit (2018): because it's so germane, I quote from Geoff Huston's excellent article in the August 2018 edition of the Internet Protocol Journal:

The Internet converged on using the Simple Network Management Protocol (SNMP) a quarter of a century ago, and despite its security weaknesses, its inefficiency, its incredibly irritating use of Abstract Syntax Notation One (ASN.1), and its use in sustaining some forms of Distributed Denial-of-Service (DDoS) attacks, it still enjoys widespread use.

MadHatter
  • 78,442
  • 20
  • 178
  • 229
  • 1
    Sad but true. In a heterogeneous environment it's often the one way to get disparate devices talking to one another, especially if installing 'agents' of one kind or another on a device is a no-go for whatever reason. – Rob Moir Jul 28 '15 at 17:22
  • Storing the MIB in the user interface is not a huge drawback, because the UI needs additional information for presentation anyway, but it saves considerable amounts of space on embedded systems -- and the stateless protocol is a huge bonus too. – Simon Richter Jul 29 '15 at 00:10
  • @SimonRichter Is it really stateless? I don't know anything about SNMP v3 but I see a sequence diagram in RFC3411 and I guess stateless encryption is not easy. – AndreKR Jul 29 '15 at 01:54
  • Yes, the sequence diagrams show the different layers interacting in the processing of a single packet. With v3, a lot of things change, but TBH I've seen only few people use v3 so far. – Simon Richter Jul 29 '15 at 03:03
  • 4
    SNMPv3, much like IPv6, is a semi-mythical beast akin to Bigfoot. There have been many reports of it in the wild but little direct evidence. Whereas SNMPv2, and sometimes v1, is the standard monitoring protocol and as such is as ubiquitous as mosquitos in Minnesota. – Scott Pack Jul 29 '15 at 03:10
  • Nonsense, SNMPv3 is used by anyone concerned with security and compliance. It doesn't have the install base as v2, but it is coming around. – Bad Dos Jul 31 '15 at 17:36
  • I've seen orders of magnitude more IPv6 than SNMPv3. – Michael Hampton Aug 28 '15 at 01:59
4

I work on network monitoring systems, and SNMP is still heavily used and relied on for the for the following reasons:

  • The use of UDP as the underlying protocol makes SNMP very efficient. Since most monitoring/management is done within your own data center you don't need to be as concerned with packets getting lost over the public internet and TCPs acknowledgement and flow control are overkill. SNMPv2 addresses some of SNMP original inefficiencies, for example adding support for BULK GET.
  • SNMP is universal across networked devices. Almost all networking equipment implements a SNMP agent. Having MIBs ensures there is a global space where information can be added by different vendors in a controlled fashion and thus makes looking up information on what OIDs to query easier and mostly vendor agnostic.
  • Finally, there hasn't been a good candidate to drop in as a replacement. SNMP may not be great, but its good and good is good enough. Several network devices now have APIs to get the same and additional information, but as I stated in my second point, the ways of querying these APIs obviously varies across devices and no endpoints are standardized across devices.
Fred Thomsen
  • 161
  • 1
  • 4
3

All agree with @madhatter, regarding SNMPv2 not going away any time soon.

But regarding the future, several telecoms NEPs are starting to supply NETCONF interfaces (which are XML based) side-by-side with SNMP and it looks to be gaining momentum at expense of SNMP not just as a replacement for CLIs/TL1 but for FCAPS functionality too that was traditionally done via SNMP.

Also see this old (2013) infoworld article.

k1eran
  • 131
  • 3