nv-l
[Top] [All Lists]

RE: [nv-l] Unmanaged interfaces

To: <nv-l@lists.us.ibm.com>, <nv-l@lists.us.ibm.com>
Subject: RE: [nv-l] Unmanaged interfaces
From: "Barr, Scott" <Scott_Barr@csgsystems.com>
Date: Mon, 15 Mar 2004 23:04:36 -0600
Delivery-date: Tue, 16 Mar 2004 05:17:23 +0000
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com
Thread-index: AcQK7l/GSqYcCiS+RkKy53+/5YRNZwAJBDa8
Thread-topic: [nv-l] Unmanaged interfaces
I believe it is. There are many reasons why - just a few here....
 
1. It checks all the interfaces with one status poll. The status poll not only contains the status (up or down) of each interface but the intended status (Admin status).
 
2. SNMP is directed at one target address. This results in Network management network traffic sticking to one path instead of pinging all over the place. In most shops, (or at least many shops) the default route for the company is out the internet gateway to the internet. If you have any devices in your network that you SNMP discover but ping for status poll, you will run into devices with address ranges they shouldn't ought to be using. (Such as IBM SP2 which often uses 1.1, 2.2, 3.3 and 4.4 networks). Well, since those are internal segments (thus non pingable) but you found them via discovery, guess what... your default route carries those pings out to the internet and pretty soon the actual owners of those addresses get mighty annoyed with you trying to manage the internet for them.
 
3. Fewer security "exceptions". Only one exchange of data necessary - pings would have to hit every interface and thus be open via firewall to each interface. Very messy and in some cases dangerous.
 
4. ICMP packets are inherently the target of hacker attacks (ICMP echo reply explotation). SNMP has it's vulnerabilties as well, but it's darn easy to shut off an snmp agent then compared plugging every place a ping can get through.
 
5. Some devices that are non-functional (Solaris in particular) can be pingable but dead. SNMP requires a little CPU power so if the box can't answer SNMP it probably isn't working but it might well answer pings.
 
In all fairness, SNMP is very expensive on bandwidth and on resource consumption. But to be honest, if you do your homework, set rational limits and optimize for it, you get much better views of your network than with pings. I think they are more reliable and paint a more realistic picture of the health of things.
 
-----Original Message-----
From: owner-nv-l@lists.us.ibm.com on behalf of Christopher J Petrina
Sent: Mon 3/15/2004 2:55 PM
To: nv-l@lists.us.ibm.com
Cc:
Subject: RE: [nv-l] Unmanaged interfaces


If all my devices are SNMP enabled and capable what would be the reason to ever bother with PING'ing these devices vs. always SNMP polling them.  
And is SNMP polling a more robust ( most reliable) method for devising if a device is trully "up" or not?

-Chris Petrina
<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web