- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Re: Will SNMP degrade switch or router performance...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-30-2014 07:49 AM
тАО08-30-2014 07:49 AM
Will SNMP degrade switch or router performance ?
Hi,
Im just wondering whether enabling SNMP on HP switches (COMWARE-Based / Procurve) will effect LAN performance? I have a customer with full HP solution (Switches and Router) now they plan to monitor their network performance.
Anyway that I can know the bandwidth utilization of SNMP traffic?
Regards
Michael
- Tags:
- snmp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2014 11:24 AM
тАО08-31-2014 11:24 AM
Re: Will SNMP degrade switch or router performance ?
Longer answer: Most of the packets never see the system CPU, they are handled by the ASIC/FPGA closer to the interface.
For example this design applies internally: Interfaces(s) <-> ASIC/FPGA <-> System CPU.
Most of the packets (both forwarded and routed) will just go: InterfaceX <-> ASIC/FPGA <-> InterfaceY.
The SNMP is a process runned in the System CPU and will take some percent depending on how many queries it will get.
Note however that the same way as DNS and NTP can be used for amplification DDoS attacks SNMP can be part of those too. So in that case enabling SNMP and not properly secure it could in worst case make your device become an amplification node for a DDoS-attack and that would in most cases make your device feel sluggish for other traffic.
Here is an example on how you can protect your SNMP:
#
acl number 2003 name v4-MGMT-SNMP
hardware-count enable
rule 5 permit source <REMOVED> 0
rule 10 deny
#
acl ipv6 number 2003 name v6-MGMT-SNMP
hardware-count enable
rule 0 deny fragment
rule 5 deny routing
rule 10 deny
#
snmp-agent
snmp-agent local-engineid <REMOVED>
snmp-agent community read <REMOVED> acl ipv6 2003 acl 2003
snmp-agent sys-info contact <REMOVED>
snmp-agent sys-info location <REMOVED>
snmp-agent sys-info version v1 v2c
snmp-agent trap source LoopBack0
#
For added security you can also disable v1 and v2c and only use v3 with encryption.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2014 03:40 PM
тАО08-31-2014 03:40 PM
Re: Will SNMP degrade switch or router performance ?
Just to add to that - the additional load on the network from SNMP is minor at each device that is sending traps or responding to queries, but all these small traffic flows become concentrated at the device that is doing the monitoring. Even so, it has been my experience that the bottleneck is the internal resources of the device doing the collecting, not the network resources.
Do what I did - add your devices a few at a time and observe the results.
The biggest factor isn't really the total number of devices, it's the extent of the data you configure it to collect: increase the granularity of the SNMP stats you collect (ie, select every switchport and increase to 5s av rather than 3 min av) and observe the results. This is when you should see the biggest performance hit.