SNMP TRAP and INFORM message are used in case of any fault or error occurrence in the devices being monitored or managed. Let’s discuss both
SNMP TRAP
Traps are the alert notification messages sent from SNMP Agents to Manager.These messages are generated whenever any failure or fault has been occurred in the monitored device or service.
You can configure the agents to send any particular types of trap which are important to be noticed. For example agents can be configured to send the trap whenever the device is overheated. Traps are generated spontaneously without being requested by the Manager.
Many devices come with Pre-Installed SNMP agents which must needs to be enabled and configured. Traps are very unreliable because they don’t have any acknowledgement mechanism in place. Agents /sender never gets to know whether the trap has been reached to the Manager/receiver or not. Thus, they are also known as unacknowledged event notifications.
SNMP INFORM
This is the message triggered by SNMP agents to inform about any event in case of any failure or error occurrence in the devices or service being managed or when some devices/service start consuming the system resources more than the assigned limit or threshold.
This is nothing but an acknowledged TRAP messages which means upon receiving the INFORM message from SNMP agents, SNMP manager sends back the response to agent. That’s why they are reliable as compared to SNMP TRAP.
If SNMP Manager does not receive the INFORM message, then it will not send acknowledgment to the agent/sender and if the sender does not receive any acknowledgement from Manager then it will again send the same INFORM message to the manager. An INFORM request is held in the router/system memory until the agent receives an acknowledgment or the request is timed out. That means there are more chance for an event notification to reach to the manager when sent via SNMP INFORM as compare to SNMP TRAP.
As we have understood that INFORM message will be sent again and again until the agent receives a response for event reception or the request gets timed out, which make this process more network resource consuming. This continuous retry of INFORM message increase the network traffic which leads to the network overhead.
This means INFORM messages comes with better reliability as compare to TRAP but at the cost of more resource utilization in the form of network traffic and memory consumption.
One should use the TRAP or INFORM message after considering the above-mentioned facts.
Which is better to use SNMP TRAP or INFORM ?
You can use a mix of both messages (TRAP and INFORM) in your solution. For example, wherever your priority is the confirmation of delivery for event notification there you can use INFORM message and wherever you do not need the delivery confirmation there you can use TRAP message. This way you can save the unnecessary utilization of network and memory resource.
SNMP Trap Vs INFORM messages
Below are the main differences listed between SNMP TRAP and INFORM messages.
| Sr. No | SNMP TRAP | SNMP INFORM |
| 1. | SNMP TRAP message was introduced in SNMPv1 | SNMP INFORM message was introduced in SNMPv2c |
| 2. | TRAP is an unacknowledged message i.e. when agent sends an event or alert notification to manager, then manager does not send any acknowledgement response back to it. | INOFRM is an acknowledged message i.e. when agent sends an event or alert notification to manager, then manager sends the acknowledgement response back to it. |
| 3. | This is unreliable because agent never gets to know whether the event notification has been reached to the manager or not. | This is more reliable as the agent continues to resend the INFROM message to manager until it gets the acknowledgment or request gets timed out. Which means there are more chances for INFORM requests to reach their destination. |
| 4. | This consumes less network and memory resources as it gets discarded from the router memory as soon as it is sent. Thus, it never retries for sending and therefore no network traffic. | This consumes more network and memory resources. As it is held in the memory until the acknowledgment response is received or requests gets timed out. This continuous retry of sending message increase the network traffic which further increase the overhead on network. |
| 5. | This can be used where the delivery confirmation of event notification is not necessary. | This can be used where we must need to receive the delivery confirmation of event notifications. |
Other Useful Links
- What is SNMP? How does it Work? What’s the default SNMP Port Number?
- Difference Between SNMPv1, v2c and v3
I am a software QA Professional with 10 + years of Industry experience in the domain of Servers, Storage, Networking, Cloud Computing and Containerization etc. I started this blog to share my knowledge and skills what i am learning from my profession. Being a QA guy, I love to Test and Review different IT products.