What is SNMP Polling – Definition, Threshold Polling, Alternatives

what is SNMP polling and how does it work
5 min

SNMP Polling Definition

SNMP polling is the process of querying an SNMP-enabled device for information. This information could include its current state, configuration, and statistics. SNMP polling is the actual process of the query, rather than the information obtained.

What Is SNMP Polling?

Networked devices, services, and hardware systems may need to check on their peers. To gather metrics and perform administrative tasks, SNMP polling is the way it’s done. Furthermore, this is because most network devices support SNMP polling. 

Let’s think of SNMP polling in a different way. Think of an MSP or network administration as a doctor trying to make sense of a patient with a lot of confusing symptoms. When potentially worrying problems crop up, you want to prioritize and treat them first, so it helps to filter the information. 

Now imagine going from being a doctor in charge of an individual to becoming an attending physician with way more patients. You have some student doctors and residents, but you’re still only one person. Establishing an organized chain of reporting is a must. 

Polling in network monitoring

Our network monitoring software uses SNMP polling in our network monitoring system. SNMP polling is not a functionality of SNMP per se. Moreover, SNMP polling is a way to monitor SNMP sensors on devices. 

SNMP polling means the frequency you choose for our software to monitor the OIDs. Learn more in our guide to SNMP monitoring on Domotz.

For example, on Domotz you can select the SNMP polling intervals you which. You can choose to poll devices via SNMP every 2 minutes and 30 minutes. Once you select your SNMP polling time interval, we will monitor all the SNMP sensors with that frequency. The recurring monitoring by our network monitoring is actually the SNMP polling.

SNMP Threshold Polling

When it comes to SNMP polling, another concept often written about is SNMP Threshold Polling. While we use SNMP polling to monitor the OID values, you can also select a threshold for triggering an alert. For example, you can set an SNMP Threshold alert for when the black ink level of a printer falls below 5%. Moreover, you’ll get alters when the SNMP Threshold falls below the level you’ve chosen.

Example of Polling in Monitoring

A network administrator’s computer sends an SNMP request message to a remote server, inquiring about the server’s recent ethernet traffic. It receives a response containing a data time series and lets the admin know the server has downloaded a few gigs of data over the last hour.

SNMP protocol’s meta-information about network and device health makes it easier to track these metrics. Here’s how it works in an increasingly crowded world of IoT modules, mobile gadgets, and other hardware.

Why do many device vendors use SNMP polling?

Many networks use Simple Network Management Protocol, or SNMP, for managing devices such as routers, switches, and servers. SNMP allows IT administrators to monitor and manage network devices remotely, and most networked devices support one of its variants.

Using SNMP polling lets admins check in using a standardized, thoroughly tested application-layer protocol. SNMP has officially been around since 1990 and produced its share of RFCs since then, so the protocol is considered more than stable.

In a typical SNMP-configured network you’ll typically have a router or switch acting as the manager. It will poll the managed devices, or agents, to find out about their statuses. The manager can also set the variables stored by the agents.

SNMP commands are issued from the top-down hierarchically. The protocol lets the manager send requests to the agent’s dedicated port (161), and the return messages come back to the same port the manager used for the initial transmission.

The Alternative to SNMP Polling

Not all messages go from the manager to the agents – After all, network administration would be a lot more work if you had to sit around asking for feedback reports all day. Managers keep another port (162) open for two types of asynchronous unsolicited messages from agents (and other managers):

  • Trap messages let agents shoot messages at the manager, such as when they need attention. For instance, a mission-critical IoT device in a factory might send a trap message when it experiences a power supply issue that forces it to reboot. Some devices send trap messages at regular intervals.
  • InformRequest messages work similarly to traps. The key difference is that they force the manager to acknowledge their receipt, making them more likely to be used for critical packets.

Keeping SNMP Secure

SNMP wasn’t always so popular as early versions lacked some security considerations. Those days, however, are decades past, and delving into the differences between SNMP versions could take lifetimes (although you can catch the highlights in this particular RFC right here). Here are a few of the overarching design decisions that made SNMP polling such an effective way to monitor device statuses:

Firstly, SNMP strategies have always been centered on the idea of getting a lot done with minimal system loading. For polling, this manifests in rules like limiting the number of unsolicited messages the manager will accept.

Secondly, SNMP is a UDP protocol – devices don’t waste time awaiting a reply to the vast majority of messages they send. As a result, there are more computing cycles left for other applications to use.

Thirdly, SNMP’s latest version, SNMPv3, came with security improvements that focused on message integrity, confidentiality, and authentication. In other words, v3 devices are less prone to SNMP messages being altered in transit, read by unauthorized users, or identity-spoofed. Learn more about SNMP v2 vs v3

Some of these benefits were undoubtedly tied to the limited computing resources of the late 1980s when the protocol was conceived. Others got tacked on over time, while others were removed entirely. In short, the versions aren’t all cross-compatible, so it’s common to encounter multiple flavors of SNMP support on the same infrastructure.

This may be more common with devices that employ lower-cost hardware. Also, chip shortage aside, there’s still plenty of old overstock hardware cluttering up the supply chain, and some of these components make their way into IoT boards, peripherals, and mass-produced consumer goods. Older devices that only support v1 and v2 of the protocol lack some of the high-security SNMP polling features we mentioned as being part of v3.

A Note on OIDS and MIBs

In SNMP, an OID is an object identifier. It’s like a unique lookup index for a managed node in an SNMP network – and the data it’s been recording.

A Management Information Base (MIB) is a database used by a network manager to store information about managed devices. SNMP standards describe a MIB that stores information about managed devices that can be accessed via the protocol.

When a network node (associated with an OID) stores a value, the OID acts as the key. It’s not quite in a human-decipherable format though. It’s structured similarly to an IP address, but for efficient data lookups.

The MIB stores the last critical piece of the equation. It transforms the OID into a helpful label. Furthermore your admin monitor app can display in front of a statistic, like “case fan 2 speed.”

Conclusion on SNMP polling

SNMP polling is a commonly used, low-overhead tactic for staying updated on network assets. It’s likely already a part of your oversight tooling. What’s more is thatit doesn’t hurt to have other options in the bag as well. Complement your SNMP workflows with Domotz network monitoring software.

Learn more about Domotz SNMP monitoring features.Read more about what is SNMP and how it works.

Share via Social Networks

You might also like…

Read more top posts in this category

Want more tips on Network Monitoring?

Ready to get started with Domotz?

  • Powerful
  • Automated
  • Simple
  • Affordable
Start Your Free Trial Contact Sales