What is an SNMP port and how does it work?

What is an SNMP port and how does it work?
5 min

What is SNMP?

Simple Network Management Protocol (SNMP) is a set of protocols for network management and monitoring. To clarify, you mostly use SNMP to monitor devices on a network like firewalls, routers, switches, servers, printers, bridges, NAS drives, UPS, and more. 

In other words, SNMP is a protocol that sees wide use and it’s also an essential piece of any network management strategy. As a result, IT administrators use SNMP monitoring to detect and manage devices, gain insights into performance and availability, and ensure the health of their network.

How does SNMP work?

In short, SNMP allows devices with different hardware or software to share information with one another. Almost every network device answers SNMP requests. Thanks to SNMP, network management tools have access to information from nearly every device connected to a network. 

Find more information about how SNMP works on our blog.

Learn how to start using SNMP and take your Managed Service Provider (MSP) to the next level with SNMP.

What is an SNMP port number?

An SNMP port is an SNMP communication endpoint that identifies, sends are receive SNMP data transfers, commands, and messages.

Users utilize SNMP ports via two default User Diagram Protocols (UDPs) ports for sending commands and messages

The default SNMP ports for sending commands and messages are:

  • UDP port 161 connects the SNMP Managers with SNMP Agents (i.e. polling)
  • UDP port 162 sees use when SNMP Agents send unsolicited traps to the SNMP Manager

Usually, you install the SNMP manager on the managing entity.

How do you know if an SNMP port number is 161 TCP or UDP?

Typically, SNMP uses UDP as its transport protocol. 

However, SNMP can also run over Transmission Control Protocol (TCP), Ethernet, IPX, and other protocols. 

In conclusion, SNMP can be implemented over both protocols, UDP and TCP, via LAN but SNMP packets are typically sent over UDP.

Let’s look at the differences between TCP and UDP:

What is a TCP protocol?

TCP is a connection-oriented protocol that requires a logical connection to be established between the two processes before data is exchanged.

This protocol guarantees the delivery of data and that packets will be delivered in the same order in which they were sent.

Examples of services that use connection-oriented transport services are telnet, rlogin, ssh, and ftp.

What is a UDP protocol?

UDP is a connectionless protocol that allows data to be exchanged without setting up a link between processes.

This protocol does not guarantee reliable communication because it assumes that error-checking and recovery services are not required.

Examples of applications that use connectionless transport services are broadcasting, and time-sensitive applications, such as audio/video streaming, real-time gaming, and tftp

What is the difference between TCP and UDP?

The key difference between TCP and UDP is guaranteed communication and delivery. Of course, UDP may not have all the functionality of TCP but it’s faster and this makes it actually better for some applications.

Here is a full list of TCP and UDP port numbers

Summing up, you can use both protocols, TCP and UDP, in combination with the Internet Protocol to facilitate the transmission of datagrams from one computer to applications on another computer.

How do SNMP ports work?

In short, SNMP ports wrap SNMP messages via UDP.

First, let’s clarify that all SNMP messages are sent and received between two entities:

1) Servers, called SNMP managers

An SNMP Manager is a centralized system used to communicate with the SNMP Agent implemented within network devices. It manages SNMP agents by issuing requests, getting responses, and listening for and processing agent-issued traps.

2) Clients, called SNMP agents

An SNMP Agent is any type of device or device component connected to the network such as computers, printers, phones, and network switches.

The SNMP agents are typically installed on the managed devices.

Second, let’s have a look at the SNMP basic commands used to simplify network management:

1) Commands sent by the SNMP Manager

  • GET: Get one or more values from the managed device.
  • SET: Modify or assign the value on the managed device
  • GET NEXT: Get the next OID value from the MIB tree
  • GET BULK: Recall bulk data from a large MIB table

2) Commands sent by the SNMP Agent:

  • TRAP: The Agent sends a command to the Manager when events occur
  • INFORM: The Manager confirms receiving a message (similar to TRAPS)
  • RESPONSE: This sees use to carry back the signal of actions directed by the Manager

Finally, here is how the process works:

How SNMP ports work

The SNMP Manager at the head of your system sends commands down to a network device, or SNMP agent, using destination port 161.

When the Agent wants to report something or respond to a command, the Agent will send an SNMP trap on port 162 to the SNMP Manager. 

There are two methodologies of how the SNMP Manager can interact with the SNMP Agent:

1) REQUEST/RESPONSE:

The SNMP Manager sends requests to Agent’s UDP Port 161 and receive responses on the same source port that the request was sent.

Each of the requests sends one SNMP command (GET, GETNEXT, GETBULK, SET, etc) with the specified OID.

Check out how to find OIDs for SNMP monitoring on our blog.

2) TRAP (unsolicited events):

The SNMP agent initiates this communication and generates notifications from any available port to UDP port 162 using the commands TRAP and INFORM. 

Here, pay attention to previously configure the SNMP Agent to let know which is the SNMP Manager.

As a result, SNMP uses the UDP port 161 of the SNMP Agent for sending and receiving requests. On the other hand, port 162 of the SNMP Manager is used for receiving traps from managed devices. 

To conclude, every device that implements SNMP must use these port numbers as the defaults. As a matter of fact, these two ports are the same in all versions of SNMP, since SNMP v1. However, even though not very common, some vendors allow you to change the default ports in the agent’s configuration.

Why is SNMP monitoring important? 

The primary use of SNMP monitoring is to exchange management information between network devices. IT administrators usually use a variety of SNMP commands to monitor and configure devices, change settings and report back to the monitoring systems.

An SNMP monitoring and management system helps MSPs and service providers to:

  • Automatically discover, monitor, and manage network devices.
  • Monitor key performance metrics at the device and interface level.
  • Obtain complete visibility and granularity into the performance of network devices.
  • Configure threshold limits and generate alerts in case of anomalies.

In addition, admins can track the availability and performance of SNMP network devices to maintain their network’s health, based on the insights provided by the SNMP monitoring.

How MSPs and service providers can benefit from SNMP service monitoring? 

You can use SNMP in any size network, but it’s best for larger networks, where its benefits are most obvious.

Thanks to SNMP, MSPs can monitor important properties of the devices in their networks. You can exploit a network monitoring system to continuously check these properties and provide features like historical data visualization and alerting.

Manage any SNMP (v1, v2, v3) OID values or availability of TCP Service on any port with SNMP and TCP Service Monitoring

Examples of how MSPs can use SNMP monitoring provided by Domotz:

  • SNMP Suggested OID and MIB browsing/search

Domotz stores more than 2300 different publicly available MIBs so that you can easily search for OID to monitor through SNMP. A simple-to-use search engine on Domotz helps you to identify all the available OID sensors that you can monitor on every device supporting SNMP. Above all, the library of available MIBs is in continuous evolution, and every user can contribute to its growth.

  • SNMP OID sensor history

We represent the data we collect through SNMP, with historical values (either graphs for numbers or lists for text fields).

With SNMP, administrators of large networks don’t need to waste valuable time and resources manually logging into hundreds, or potentially thousands, of nodes. Combined with network monitoring software, SNMP lets you view, monitor, and manage the nodes via one interface.  

Further reading:

Illustration from Markus Spiske

Share via Social Networks

You might also like…

Read more top posts in this category

Want more tips on Network Monitoring?

Ready to get started with Domotz?

  • Powerful
  • Automated
  • Simple
  • Affordable
Start Your Free Trial Contact Sales