|
I believe it is. There are many reasons why - just a few here....
1. It checks all the interfaces with one status poll. The status poll not
only contains the status (up or down) of each interface but the intended status
(Admin status).
2. SNMP is directed at one target address. This results in Network
management network traffic sticking to one path instead of pinging all over the
place. In most shops, (or at least many shops) the default route for the company
is out the internet gateway to the internet. If you have any devices in your
network that you SNMP discover but ping for status poll, you will run into
devices with address ranges they shouldn't ought to be using. (Such as IBM SP2
which often uses 1.1, 2.2, 3.3 and 4.4 networks). Well, since those are internal
segments (thus non pingable) but you found them via discovery, guess what...
your default route carries those pings out to the internet and pretty soon
the actual owners of those addresses get mighty annoyed with you trying to
manage the internet for them.
3. Fewer security "exceptions". Only one exchange of data necessary - pings
would have to hit every interface and thus be open via firewall to each
interface. Very messy and in some cases dangerous.
4. ICMP packets are inherently the target of hacker attacks (ICMP echo
reply explotation). SNMP has it's vulnerabilties as well, but it's darn easy to
shut off an snmp agent then compared plugging every place a ping can get
through.
5. Some devices that are non-functional (Solaris in particular) can be
pingable but dead. SNMP requires a little CPU power so if the box can't answer
SNMP it probably isn't working but it might well answer pings.
In all fairness, SNMP is very expensive on bandwidth and on resource
consumption. But to be honest, if you do your homework, set rational limits and
optimize for it, you get much better views of your network than with pings. I
think they are more reliable and paint a more realistic picture of the health of
things.
-----Original Message-----
From:
owner-nv-l@lists.us.ibm.com on behalf of Christopher J Petrina
Sent: Mon 3/15/2004 2:55 PM
To: nv-l@lists.us.ibm.com
Cc:
Subject: RE: [nv-l] Unmanaged
interfaces
If all my
devices are SNMP enabled and capable what would be the reason to ever bother
with PING'ing these devices vs. always SNMP polling them.
And is SNMP polling a more robust (
most reliable) method for devising if a device is trully "up" or not?
-Chris Petrina
|