Showing results for 
Search instead for 
Did you mean: 

Throttle SNMP traps

What is the best way to throttle snmp traps? I have an HP NNM (Network Node Manger) server that is currently receiving traps from a number of network devices. Sometimes traps get sent from these devices at a higher rate than the NNM server can handle. When this happens the NNM server is basically so overwhelmed it gets hung.

I have a Cisco 1811 ISR that is acting as my remote tunnel device. The monitored devices (switches, firewalls, routers, etc.) are on the local LAN behind the ISR and all monitoring traffic is sent to the NNM server through the IPSec tunnel.

Is there a way to either batch process snmp traps or throttle/cap the rate that the messages get sent? I would prefer to do this somehow on the ISR as it will keep the number of configurations I have to do way down.



Everyone's tags (3)

Re: Throttle SNMP traps

Luckily you have NNM. As long as you're running NNM 6.4 or later (up to 7.53 that I can testify for), you can configure throttling there. Instead of rehashing it, I point to the post by Prashant over at HP ITRC:

Note that I don't personally adopt Step 3 in Prashant's post, of blocking individual offending IP addrs specifically in ovtrapd.conf. Without that step, I simply configure ovtrapd.lrf to give whichever IP addr that crosses the "-B -r ##" threshold a temporary "time out". Once that offender's trap rate drops below the configured threshold, NNM unblocks it, until the next violation.

This is not a perfect "throttle", because all traps (interesting ones and noises) from the offending IP are tuned out during the blockade.


Re: Throttle SNMP traps


Thanks for your response. I'm still hoping to find a solution from the networking perspective but I'll take a look at the NNM.



Re: Throttle (rate-limit) SNMP traps

Still looking around. I keep coming across this command:

snmp-server trap rate-limit

but it's not on available on my router:

router(config)#snmp-server trap ?

  authentication  fine-tune enable/disable of authentication traps

  link            Assign SNMP traps based on ietf rfc2233 standard

I have an 1811 running version 12.4(24)T2 adv IP services. Does anyone know if this command is available for an 1800 ISR? I'm also looking into using FPM to filter the traps.


Re: Throttle (rate-limit) SNMP traps

"snmp-server trap rate-limit" appears to be a valid config on the Motorola BSR CMTS.

There's something similar for the Cisco GSS only: "snmp-server trap-limit [answer-trap|dns-clause-trap|keepalive-trap] value", but it's not applicable to any other platform.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards