I don't know if you're speaking specifically about the ASR 9902 or all routers but I can tell you that after doing this for 26 years I've never seen another router handle SNMP responses differently depending on what interface the request comes in on. I can name 8 vendors and even models from Cisco that don't do this. So I'm not sure this is standard practice as you seem to be implying.
Thanks, -Drew -----Original Message----- From: Mel Beckman <[email protected]> Sent: Friday, August 1, 2025 9:43 AM To: [email protected] Cc: Drew Weaver <[email protected]>; [email protected] Subject: Re: Cisco ASR9902 SNMP polling ... is interesting Also, non-management interfaces do packet processing in silicon at the ASIC level and don’t have the capacity to do anything more than statistical sampling of packets that require CPU-level processing to retrieve counters and generate SNMP responses. 62 % is as good a sampling rate as any other. -mel > On Aug 1, 2025, at 6:38 AM, Mel Beckman <[email protected]> wrote: > > How often are you polling the interfaces? SNMP was never meant for high > frequency polling (e.g., once per second), yet I often see people using SNMP > as if it were a SCADA service, which is used in industrial automation for > high frequency supervisory control and data acquisition. SNMP probes are > typically anticipated by device designers to occur at 30 second or 60 second > intervals. > > -mel > >> On Aug 1, 2025, at 6:10 AM, Drew Weaver via NANOG <[email protected]> >> wrote: >> >> Hello, >> >> We purchased an ASR9902 I think almost 2 years ago now intending to replace >> 4 routers with them. >> >> We had a history of lets just say design decision quirks with the router >> that prevented us from deploying it until recently. >> >> Then when we finally were able to implement it we've noticed something >> strange about how SNMP polling works in the router. >> >> If we poll SNMP on any interface that isn't one of the built in management >> ethernet interfaces the response takes 8x-16x longer to respond and exactly >> 62% of the polls time out. >> >> If we poll SNMP on the built-in MGMT interfaces the responses are still >> slower than the ASR9001s that we used to use but they don't seem to time out. >> >> I've had a TAC case with Cisco open over this for weeks now and they are now >> saying that the slow responses and the 62% poll timeouts are intentional and >> that they don't see any problem with the design. >> >> I understand the security implications of having control plane stuff >> responding on all interfaces but the part I don't understand is why bind the >> SNMP daemon to the non MGMT* interfaces at all if they are making a moral or >> ethical decision to not allow SNMP to work on non MGMT interfaces. Shouldn't >> it just not work at all then? Who came up with 62% timeout as the right >> number? >> >> The larger implication is that I still can't find another router from >> another vendor that does this. >> >> Has anyone else run into this or did you guys all avoid the ASR 9902 like we >> should have? >> >> Thanks, >> -Drew >> >> _______________________________________________ >> NANOG mailing list >> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.nanog.org_archives_list_nanog-40lists.nanog.org_message_HUP4BJYN3E7YQZKMDT6PLM3XBTK7DCJU_&d=DwIGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=Q2RyEqHfEgQ-X2KzSAl-_cydxhA0rlcApGAdZvdw5ve2NIJN86F-3a_rxvmBGX7G&s=tdz6udW6pvsXVnz3KKbQDKNwyYe3cjFT3ZOBcvyuiYo&e= > _______________________________________________ > NANOG mailing list > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.nanog.org_archives_list_nanog-40lists.nanog.org_message_YFBCZDFSLVW6PY3LDSNAKM773KOGPVG6_&d=DwIGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=Q2RyEqHfEgQ-X2KzSAl-_cydxhA0rlcApGAdZvdw5ve2NIJN86F-3a_rxvmBGX7G&s=mV8VmIv4t-mt4QNXMHhkuE3mkNkA8Fn-JsviKeeFe9Q&e= _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/OEOY5K7FWW5XILLTM2WRS2TYFJSQXMZ3/
