PRTG Manual: Monitoring via SNMP

Monitoring via Simple Network Management Protocol (SNMP) is the most basic method
of gathering bandwidth and network usage data.

How SNMP Monitoring Works

SNMP is a set of standards for communication with devices in a TCP/IP network. SNMP
monitoring is useful if you are responsible for servers and network devices such as
hosts, routers, hubs, and switches. It enables you to keep an eye on network and
bandwidth usage, and monitor important issues such as uptime and traffic levels.

You can use SNMP to monitor the bandwidth usage of routers and switches on a port-
by-port basis, as well as device readings such as memory and CPU load. The target
devices must support SNMP. Most devices with enabled SNMP require the same
configuration like SNMP version and community string. To find out how to set up SNMP
on a specific device, search in the internet for your device name or model and SNMP
configuration. You will likely get plenty of information on how to configure SNMP.

Network Monitoring via SNMP

When you use a sensor with this technology, PRTG sends small data packets to devices,
for example, querying routers, switches, and servers for the traffic counters of each
port. These queries trigger reply packets from the device. Compared to PRTG's other
bandwidth monitoring technologies via flows, packet sniffing, or WMI, the SNMP option
creates the least CPU and network load.

Reasons to Choose SNMP Monitoring

SNMP is the most commonly used method mainly because it is easy to set up and
requires minimal bandwidth and CPU cycles. If your network devices support SNMP
and/or if you want to monitor large networks with several hundred or thousands of
sensors, we recommend that you start with SNMP.
 Besides network usage monitoring, another well-known feature of SNMP is the ability to
also watch other network parameters such as CPU load, disk usage, temperature, as
well as monitoring many other readings, depending on the queried device.

SNMP Network Issues

To use Simple Network Management Protocol (SNMP) for monitoring purposes, it is
imperative that UDP packets can travel from the machine running PRTG to the device
you want to monitor and back. This is usually the case in LANs and intranets. For
connections across the internet, to a Demilitarized Zone (DMZ), or for Wide Area
Network (WAN) connections, some changes to the traversed firewalls may be necessary.

Keep in mind that SNMP V1 and V2c are not secure protocols so you should not use
them across the internet or insecure data connections. Only SNMP version 3 supports
encryption.

Understanding SNMP Sensors

To better understand and set up SNMP sensors, you may want to learn more about the
principles of Object Identifiers (OID) and Management Information Base (MIB).
For more information about this topic, see this Knowledge Base article: How do SNMP,
MIBs and OIDs work?
For an overview and details about all SNMP sensors, see section List of Available
Sensor Types.
For more information about which SNMP sensor is best for your monitoring setup,
see section Choosing the Right SNMP Sensor.
SNMP Versions
PRTG supports three versions of the SNMP protocol: Version 1, version 2c, and version
3.
SNMP Version 1
This is the oldest and most basic version of SNMP.
 Pro: Supported by most SNMP-compatible devices; simple to set up.
 Con: Limited security because it only uses a simple password (community string) and sends data
in clear text (unencrypted). Because of this, you should only use it inside LANs behind firewalls,
but not in WANs. Version 1 only supports 32-bit counters, which are not enough for high-load
(gigabits/second) bandwidth monitoring.
SNMP Version 2c
This version adds 64-bit counters.
 Pro: Supports 64-bit counters to monitor bandwidth usage in networks with gigabits/second
loads.
 Con: Limited security (same as with SNMP V1).
SNMP Version 3
This version adds authentication and encryption to SNMP.
 Pro: Offers user accounts and authentication for multiple users and optional data packet
encryption, increasing available security; plus all advantages of Version 2c.
 Con: Difficult to configure and higher overhead for the probe, which will reduce the number of
devices that you can monitor (see here for more information).
 SNMP Traps
Various devices can send SNMP trap messages to notify you of system events.
 PRTG supports SNMP v1 and SNMP v2c traps.
 Destination for SNMP traps: IP address of the trap receiver, which is the IP of the PRTG probe
system (server with either a local or remote probe running on it) to which you add the SNMP
Trap Receiver Sensor.
Which SNMP Version Should I Choose?
The SNMP version to choose depends on your environment, but as a guideline:
 If your network is publicly accessible, you may want to use SNMP v3, which has encryption and
secure access. However security and encryption adds overhead, which results in less performance.
 If your network is isolated or well protected behind firewalls, the lower security of SNMP v1 or
SNMP v2c may be sufficient.
 From the PRTG perspective, if you have a lot of devices to monitor, the SNMP v2c is preferable. It
will allow you to monitor more devices on a shorter monitoring interval and supports 64-bit
counters.
The most important thing is to set the same SNMP version in the PRTG settings (for
example, on Root level) as you have configured in your target device. If you select an
SNMP version that is not supported by the server or device you want to monitor, you
receive an error message. Unfortunately, in most cases, these error messages do not
explicitly point to the possibility that you use the incorrect SNMP version. These
messages provide minimum information only, such as cannot connect or similar. Similar
errors occur when community strings, usernames, or passwords do not match.
For basic requirements for SNMP monitoring, see this Knowledge Base article: My
SNMP sensors don't work. What can I do?
SNMP Overload and Limitations of the SNMP System
SNMP V1 and V2 scale directly with the performance of the hardware and the speed of
the network. In our labs we are able to monitor 30,000 SNMP V1 sensors at a 60 second
interval with one PRTG server (core and local probe) plus two remote probes with
10,000 sensors each.

However, SNMP V3 has performance limitations due to the SSL encryption. The main
limiting factor is CPU power (as well as the other general limits for PRTG). Because of this
limitation, you can monitor only a limited number of sensors per second using SNMP V3. Currently,
PRTG is able to handle about 40 requests per second and computer core, depending on your system.
This means that, on a common 1.x GHz computer with two cores, you can run about 5,000 SNMP v3
sensors with a 60 seconds scanning interval; on a system with four cores, you can monitor around
10,000 sensors with 60 seconds interval. The CPU load is at about 50% then. We do not recommend
more.
Furthermore, the PRTG core server and probes should run on different computers. If you
experience increased values in the Interval Delay SNMP or Open Requests channels of the Probe
Health Sensor (values above 0 % indicate that the SNMP requests cannot be performed at
the desired interval), you need to distribute the load over multiple probes. SNMP V1 and V2 do not
have this limitation.
If you run into SNMP overload problems, you have three options:
 Increase the monitoring interval of the SNMP V3 sensors.
 Distribute the SNMP V3 sensors over two or more probes.
 Switch to SNMP V1 or V2 if you can go without encryption.
 What is the SNMP Community String?
The SNMP Community String is similar to a user ID or password that allows access to the
statistics of a router or another device. PRTG Network Monitor sends the community
string along with all SNMP requests. If the correct community string is provided, the
device responds with the requested information. If the community string is incorrect,
the device simply discards the request and does not respond.
SNMP community strings are only used by devices that support SNMP V1 and SNMP
V2c protocols. SNMP V3 uses safer username/password authentication, along with an
encryption key.

By convention, most SNMP V1/V2c equipment ships with a read-only community string
set to the value public. It is standard practice for network managers to change all the
community strings to customized values during device setup.
More
Tools: Paessler MIB Importer and SNMP Tester
 https://www.paessler.com/tools/
Knowledge Base: How do SNMP, MIBs and OIDs work?
 https://kb.paessler.com/en/topic/653
Paessler White Papers: Introducing SNMP and Putting SNMP into Practice
 https://www.paessler.com/press/whitepapers/introducing_snmp
German: Paessler White Paper: Einführung in SNMP und SNMP praktisch anwenden
 http://www.de.paessler.com/press/whitepapers/introducing_snmp
Video Tutorial: SNMP Basics
 https://www.paessler.com/support/videos/prtg-basics/snmp-basics
Video Tutorial: Debugging SNMP
 https://www.paessler.com/support/videos/prtg-basics/snmp-debugging
Knowledge Base: My SNMP sensors don't work. What can I do?
 https://kb.paessler.com/en/topic/46863
Knowledge Base: The interface numbers on my switch keep changing. What can I do?
 https://kb.paessler.com/en/topic/62217
Knowledge Base: What can I check if SNMP and SSH sensors throw timeout and auth
errors?
 https://kb.paessler.com/en/topic/63794
Knowledge Base: What can I monitor with the SNMP Custom Table sensor?
 https://kb.paessler.com/en/topic/68539