nanog mailing list archives

RE: Cisco ASR9902 SNMP polling ... is interesting

From: Drew Weaver via NANOG <nanog () lists nanog org>
Date: Fri, 1 Aug 2025 14:17:19 +0000

They have the configuration. They seem to be saying that there is just some invisible hand inside the router 
controlling the responses on a per interface basis.

It’s pretty heavy handed tbh.

-Drew


From: Arie Vayner <ariev () vayner net>
Sent: Friday, August 1, 2025 10:15 AM
To: North American Network Operators Group <nanog () lists nanog org>
Cc: Mel Beckman <mel () beckman org>; Drew Weaver <drew.weaver () thenap com>
Subject: Re: Cisco ASR9902 SNMP polling ... is interesting

Could this be somehow related to control plane policing? You might be hitting some default policy threshold, and may 
have to adjust it to allow snmp from your specific sources at a higher rate.

IIRC on ios-xr that's called lots or sdr (but I had been a while...)

On Fri, Aug 1, 2025, 6:59 AM Drew Weaver via NANOG <nanog () lists nanog org<mailto:nanog () lists nanog org>> wrote:
90 seconds... but also we can poll Supervisor 720s at the same rate and they don't time out or delay responses.

😊


-----Original Message-----
From: Mel Beckman <mel () beckman org<mailto:mel () beckman org>>
Sent: Friday, August 1, 2025 9:37 AM
To: nanog () lists nanog org<mailto:nanog () lists nanog org>
Cc: Drew Weaver <drew.weaver () thenap com<mailto:drew.weaver () thenap com>>; nanog () lists nanog org<mailto:nanog () 
lists nanog org>
Subject: Re: Cisco ASR9902 SNMP polling ... is interesting

How often are you polling the interfaces? SNMP was never meant for high frequency polling (e.g., once per second), yet 
I often see people using SNMP as if it were a SCADA service, which is used in industrial automation for high frequency 
supervisory control and data acquisition. SNMP probes are typically anticipated by device designers to occur at 30 
second or 60 second intervals.

 -mel

On Aug 1, 2025, at 6:10 AM, Drew Weaver via NANOG <nanog () lists nanog org<mailto:nanog () lists nanog org>> wrote:

Hello,

We purchased an ASR9902 I think almost 2 years ago now intending to replace 4 routers with them.

We had a history of lets just say design decision quirks with the router that prevented us from deploying it until 
recently.

Then when we finally were able to implement it we've noticed something strange about how SNMP polling works in the 
router.

If we poll SNMP on any interface that isn't one of the built in management ethernet interfaces the response takes 
8x-16x longer to respond and exactly 62% of the polls time out.

If we poll SNMP on the built-in MGMT interfaces the responses are still slower than the ASR9001s that we used to use 
but they don't seem to time out.

I've had a TAC case with Cisco open over this for weeks now and they are now saying that the slow responses and the 
62% poll timeouts are intentional and that they don't see any problem with the design.

I understand the security implications of having control plane stuff responding on all interfaces but the part I 
don't understand is why bind the SNMP daemon to the non MGMT* interfaces at all if they are making a moral or ethical 
decision to not allow SNMP to work on non MGMT interfaces. Shouldn't it just not work at all then? Who came up with 
62% timeout as the right number?

The larger implication is that I still can't find another router from another vendor that does this.

Has anyone else run into this or did you guys all avoid the ASR 9902 like we should have?

Thanks,
-Drew

_______________________________________________
NANOG mailing list
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.nanog.org_archives_list_nanog-40lists.nanog.org_message_HUP4BJYN3E7YQZKMDT6PLM3XBTK7DCJU_&d=DwIGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=ysryPUJQffffnj7NA86CIwOOPWsLq5M3v5_s4HOyDNvnNLv1f3rVKsrdYPpBqkBS&s=4ACrFXyyWFX_bxDa3z7o9aQNmNy6DiDi3Xn9hjKjKJY&e=

_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog () lists nanog 
org/message/C3BD4D2RCOWC75EMNUOHE62T3P3KWYJ6/<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.nanog.org_archives_list_nanog-40lists.nanog.org_message_C3BD4D2RCOWC75EMNUOHE62T3P3KWYJ6_&d=DwMFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=hSvelHcbjt0uOKdrnI8NWE2BBlPEcwlaooUIKa3JQYEe6fURn7gch6VsaAEZavum&s=vQiVC-7WZkRZyMCNMIkg4dFr_0IR5AthYj4ikCJ9ogk&e=>
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/CWX6KUS3YXQCFHWYN3W7NCKYYNB46B4I/

Current thread:

RE: Cisco ASR9902 SNMP polling ... is interesting, (continued)
- - - RE: Cisco ASR9902 SNMP polling ... is interesting Drew Weaver via NANOG (Aug 07)
    - Re: Cisco ASR9902 SNMP polling ... is interesting Phil Bedard via NANOG (Aug 07)
    - Re: Cisco ASR9902 SNMP polling ... is interesting Chris Griffin via NANOG (Aug 08)
    - Re: Cisco ASR9902 SNMP polling ... is interesting Pedro Prado via NANOG (Aug 08)
    - RE: Cisco ASR9902 SNMP polling ... is interesting Drew Weaver via NANOG (Aug 08)
    - RE: Cisco ASR9902 SNMP polling ... is interesting LJ Wobker (lwobker) via NANOG (Aug 07)
    - Re: Cisco ASR9902 SNMP polling ... is interesting Mel Beckman via NANOG (Aug 01)
    - Re: Cisco ASR9902 SNMP polling ... is interesting Saku Ytti via NANOG (Aug 02)
  - RE: Cisco ASR9902 SNMP polling ... is interesting Drew Weaver via NANOG (Aug 01)
    - Re: Cisco ASR9902 SNMP polling ... is interesting Arie Vayner via NANOG (Aug 01)
    - RE: Cisco ASR9902 SNMP polling ... is interesting Drew Weaver via NANOG (Aug 01)
    - Re: [EXTERNAL] Re: Cisco ASR9902 SNMP polling ... is interesting Rampley, Jim F via NANOG (Aug 01)
- Re: Cisco ASR9902 SNMP polling ... is interesting Brian Knight via NANOG (Aug 01)
- Re: Cisco ASR9902 SNMP polling ... is interesting James Bensley via NANOG (Aug 03)
  - Re: Cisco ASR9902 SNMP polling ... is interesting Tom Beecher via NANOG (Aug 03)