Simple Network Management Protocol (SNMP) Traffic Measurements and Trace Exchange Formats
RFC 5345

 
Document Type RFC - Informational (October 2008; Errata)
Last updated 2013-03-02
Stream IRTF
Formats plain text pdf html
Stream IRTF state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 5345 (Informational)
Telechat date
Responsible AD Dan Romascanu
Send notices to j.schoenwaelder@jacobs-university.de, draft-irtf-nmrg-snmp-measure@ietf.org, bertietf@bwijnen.net
Network Working Group                                   J. Schoenwaelder
Request for Comments: 5345                      Jacobs University Bremen
Category: Informational                                     October 2008

               Simple Network Management Protocol (SNMP)
            Traffic Measurements and Trace Exchange Formats

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

IESG Note

   The IESG thinks that this work is related to IETF work done in the
   Operations and Management Area related to SNMP, but this does not
   prevent publishing.  This RFC is not a candidate for any level of
   Internet Standard.  The IETF disclaims any knowledge of the fitness
   of this RFC for any purpose and notes that the decision to publish is
   not based on IETF review apart from the IETF Last Call on the
   allocation of a URI by IANA and the IESG review for conflict with
   IETF work.  The RFC Editor has chosen to publish this document at its
   discretion.  See RFC 3932 for more information.

Abstract

   The Simple Network Management Protocol (SNMP) is widely deployed to
   monitor, control, and (sometimes also) configure network elements.
   Even though the SNMP technology is well documented, it remains
   relatively unclear how SNMP is used in practice and what typical SNMP
   usage patterns are.

   This document describes an approach to carrying out large-scale SNMP
   traffic measurements in order to develop a better understanding of
   how SNMP is used in real-world production networks.  It describes the
   motivation, the measurement approach, and the tools and data formats
   needed to carry out such a study.

   This document was produced within the IRTF's Network Management
   Research Group (NMRG), and it represents the consensus of all of the
   active contributors to this group.

Schoenwaelder                Informational                      [Page 1]
RFC 5345               SNMP Traffic Measurements            October 2008

Table of Contents

   1. Introduction ....................................................3
   2. Measurement Approach ............................................4
      2.1. Capturing Traffic Traces ...................................5
      2.2. Converting Traffic Traces ..................................6
      2.3. Filtering Traffic Traces ...................................7
      2.4. Storing Traffic Traces .....................................7
      2.5. Analyzing Traffic Traces ...................................8
   3. Analysis of Traffic Traces ......................................9
      3.1. Basic Statistics ...........................................9
      3.2. Periodic versus Aperiodic Traffic ..........................9
      3.3. Message Size and Latency Distributions .....................9
      3.4. Concurrency Levels ........................................10
      3.5. Table Retrieval Approaches ................................10
      3.6. Trap-Directed Polling - Myths or Reality? .................10
      3.7. Popular MIB Definitions ...................................11
      3.8. Usage of Obsolete Objects .................................11
      3.9. Encoding Length Distributions .............................11
      3.10. Counters and Discontinuities .............................11
      3.11. Spin Locks ...............................................12
      3.12. Row Creation .............................................12
   4. Trace Exchange Formats .........................................12
      4.1. XML Representation ........................................12
      4.2. CSV Representation ........................................17
   5. Security Considerations ........................................18
   6. IANA Considerations ............................................19
   7. Acknowledgements ...............................................19
   8. References .....................................................20
      8.1. Normative References ......................................20
      8.2. Informative References ....................................20

Schoenwaelder                Informational                      [Page 2]
RFC 5345               SNMP Traffic Measurements            October 2008

1.  Introduction

   The Simple Network Management Protocol (SNMP) was introduced in the
   late 1980s [RFC1052] and has since then evolved to what is known
   today as the SNMP version 3 Framework (SNMPv3) [RFC3410].  While SNMP
   is widely deployed, it is not clear what protocol versions are being
   used, which protocol features are being used, how SNMP usage differs
   in different types of networks or organizations, which information is
Show full document text