On 2025-08-01 08:09, Drew Weaver via NANOG wrote:
Hello,
We purchased an ASR9902 I think almost 2 years ago now intending to
replace 4 routers with them.
We had a history of lets just say design decision quirks with the
router that prevented us from deploying it until recently.
Then when we finally were able to implement it we've noticed something
strange about how SNMP polling works in the router.
If we poll SNMP on any interface that isn't one of the built in
management ethernet interfaces the response takes 8x-16x longer to
respond and exactly 62% of the polls time out.
If we poll SNMP on the built-in MGMT interfaces the responses are still
slower than the ASR9001s that we used to use but they don't seem to
time out.
I've had a TAC case with Cisco open over this for weeks now and they
are now saying that the slow responses and the 62% poll timeouts are
intentional and that they don't see any problem with the design.
I understand the security implications of having control plane stuff
responding on all interfaces but the part I don't understand is why
bind the SNMP daemon to the non MGMT* interfaces at all if they are
making a moral or ethical decision to not allow SNMP to work on non
MGMT interfaces. Shouldn't it just not work at all then? Who came up
with 62% timeout as the right number?
The larger implication is that I still can't find another router from
another vendor that does this.
Has anyone else run into this or did you guys all avoid the ASR 9902
like we should have?
Hi Drew,
We recently stood up a couple pairs of ASR 9902's. We poll SNMP heavily
in-band to a loopback interface, never the management LAN ports. Not
seeing the issue you've mentioned when testing with a few snmpwalks to
each router.
We've got lots of different ASR9k models. 9902 doesn't seem to be any
different as far as SNMP querying goes. We use default LPTS settings for
these units.
I also hit up my teammate working on that deployment, and he hasn't seen
any issues.
We're using XR 24.3.2 if that helps.
Thanks,
-Drew
HTH,
-Brian
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/2QCQK34DKKDOUA7BLEULPK22T4O2L3YJ/
