Re: Cisco ASR9902 SNMP polling ... is interesting

[Pedro Prado via NANOG <nanog () lists nanog org>]

Each device type will have different internals which might influence the results, but bottom line, SNMP doesn’t scale 
well for rich information retrieval plus frequent polling.
It’s similar to running a heavy SQL query in a database, often. But neither the SNMP servers nor the protocol are 
really optimized for it… The polling doesn’t cut it.

See if the devices support any form of telemetry, where the device itself will take care of collecting and sending to a 
central server.


Pedro Martins Prado
pedro.prado () gmail com / +353 83 036 1875

> On 1 Aug 2025, at 15:00, Drew Weaver via NANOG <nanog () lists nanog org> wrote:
>
> I don't know if you're speaking specifically about the ASR 9902 or all routers but I can tell you that after doing 
> this for 26 years I've never seen another router handle SNMP responses differently depending on what interface the 
> request comes in on. I can name 8 vendors and even models from Cisco that don't do this. So I'm not sure this is 
> standard practice as you seem to be implying.
>
> Thanks,
> -Drew
>
>
> -----Original Message-----
> From: Mel Beckman <mel () beckman org <mailto:mel () beckman org>> 
> Sent: Friday, August 1, 2025 9:43 AM
> To: nanog () lists nanog org <mailto:nanog () lists nanog org>
> Cc: Drew Weaver <drew.weaver () thenap com <mailto:drew.weaver () thenap com>>; nanog () lists nanog org 
> <mailto:nanog () lists nanog org>
> Subject: Re: Cisco ASR9902 SNMP polling ... is interesting
>
> Also, non-management interfaces do packet processing in silicon at the ASIC level and don’t have the capacity to do 
> anything more than statistical sampling of packets that require CPU-level processing to retrieve counters and 
> generate SNMP responses. 62 % is as good a sampling rate as any other.
>
> -mel
>
> > On Aug 1, 2025, at 6:38 AM, Mel Beckman <mel () beckman org> wrote:
> >
> > How often are you polling the interfaces? SNMP was never meant for high frequency polling (e.g., once per second), 
> > yet I often see people using SNMP as if it were a SCADA service, which is used in industrial automation for high 
> > frequency supervisory control and data acquisition. SNMP probes are typically anticipated by device designers to 
> > occur at 30 second or 60 second intervals.
> >
> > -mel
> >
> > > On Aug 1, 2025, at 6:10 AM, Drew Weaver via NANOG <nanog () lists nanog org> wrote:
> > >
> > > Hello,
> > >
> > > We purchased an ASR9902 I think almost 2 years ago now intending to replace 4 routers with them.
> > >
> > > We had a history of lets just say design decision quirks with the router that prevented us from deploying it until 
> > > recently.
> > >
> > > Then when we finally were able to implement it we've noticed something strange about how SNMP polling works in the 
> > > router.
> > >
> > > If we poll SNMP on any interface that isn't one of the built in management ethernet interfaces the response takes 
> > > 8x-16x longer to respond and exactly 62% of the polls time out.
> > >
> > > If we poll SNMP on the built-in MGMT interfaces the responses are still slower than the ASR9001s that we used to 
> > > use but they don't seem to time out.
> > >
> > > I've had a TAC case with Cisco open over this for weeks now and they are now saying that the slow responses and the 
> > > 62% poll timeouts are intentional and that they don't see any problem with the design.
> > >
> > > I understand the security implications of having control plane stuff responding on all interfaces but the part I 
> > > don't understand is why bind the SNMP daemon to the non MGMT* interfaces at all if they are making a moral or 
> > > ethical decision to not allow SNMP to work on non MGMT interfaces. Shouldn't it just not work at all then? Who came 
> > > up with 62% timeout as the right number?
> > >
> > > The larger implication is that I still can't find another router from another vendor that does this.
> > >
> > > Has anyone else run into this or did you guys all avoid the ASR 9902 like we should have?
> > >
> > > Thanks,
> > > -Drew
> > >
> > > _______________________________________________
> > > NANOG mailing list
> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.nanog.org_archives_list_nanog-40lists.nanog.org_message_HUP4BJYN3E7YQZKMDT6PLM3XBTK7DCJU_&d=DwIGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=Q2RyEqHfEgQ-X2KzSAl-_cydxhA0rlcApGAdZvdw5ve2NIJN86F-3a_rxvmBGX7G&s=tdz6udW6pvsXVnz3KKbQDKNwyYe3cjFT3ZOBcvyuiYo&e=
> > _______________________________________________
> > NANOG mailing list
> > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.nanog.org_archives_list_nanog-40lists.nanog.org_message_YFBCZDFSLVW6PY3LDSNAKM773KOGPVG6_&d=DwIGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=Q2RyEqHfEgQ-X2KzSAl-_cydxhA0rlcApGAdZvdw5ve2NIJN86F-3a_rxvmBGX7G&s=mV8VmIv4t-mt4QNXMHhkuE3mkNkA8Fn-JsviKeeFe9Q&e=
> _______________________________________________
> NANOG mailing list 
> https://lists.nanog.org/archives/list/nanog () lists nanog org/message/OEOY5K7FWW5XILLTM2WRS2TYFJSQXMZ3/

_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/ZH22D7QIKBU2G52BBZ4SILXYUYUUBK6D/