为什么 SNMP 通常运行在 UDP 而不是 TCP/IP 上? [英] Why is SNMP usually run over UDP and not TCP/IP?

问题描述

今天早上，工作中出现了很大的问题，因为 SNMP 陷阱没有通过"，因为 SNMP 是通过 UDP 运行的.我记得在大学的网络课上，UDP 不能像 TCP/IP 那样保证交付.维基百科说 SNMP 可以在 TCP/IP 上运行，但 UDP 更常见.

This morning, there were big problems at work because an SNMP trap didn't "go through" because SNMP is run over UDP. I remember from the networking class in college that UDP isn't guaranteed delivery like TCP/IP. And Wikipedia says that SNMP can be run over TCP/IP, but UDP is more common.

我知道 UDP 优于 TCP/IP 的一些优势是速度、广播和多播.但在我看来，保证交付对于网络监控来说比广播能力更重要.特别是当有严重的高安全需求时.我的一位同事告诉我，当流量变大时，UDP 数据包最先被丢弃.这是网络监控 (IMO) 首选 TCP/IP 而不是 UDP 的另一个原因.

I get that some of the advantages of UDP over TCP/IP are speed, broadcasting, and multicasting. But it seems to me that guaranteed delivery is more important for network monitoring than broadcasting ability. Particularly when there are serious high-security needs. One of my coworkers told me that UDP packets are the first to be dropped when traffic gets heavy. That is yet another reason to prefer TCP/IP over UDP for network monitoring (IMO).

那么为什么 SNMP 使用 UDP?我想不通，也无法在 Google 上找到充分的理由.

So why does SNMP use UDP? I can't figure it out and can't find a good reason on Google either.

推荐答案

在有损网络(或拥塞的网络)中，实际上预计 UDP 比 TCP 工作得更好.TCP 在传输大量数据方面要好得多，但是当网络出现故障时，UDP 更有可能通过.(事实上​​，我最近做了一项测试，发现当正确设置 UDP 超时时，在有损网络中，基于 UDP 的 SNMP 比基于 TCP 的 SNMP 成功得多).通常，TCP 在大约 5% 的数据包丢失时开始表现不佳，在 33%(ish)时变得完全无用，而 UDP 仍然会成功(最终).

UDP is actually expected to work better than TCP in lossy networks (or congested networks). TCP is far better at transferring large quantities of data, but when the network fails it's more likely that UDP will get through. (in fact, I recently did a study testing this and it found that SNMP over UDP succeeded far better than SNMP over TCP in lossy networks when the UDP timeout was set properly). Generally, TCP starts behaving poorly at about 5% packet loss and becomes completely useless at 33% (ish) and UDP will still succeed (eventually).

因此，一如既往，正确的做法是为正确的工作选择正确的工具.如果您正在对大量数据进行例行监控，您可能会考虑使用 TCP.但要准备好回退到 UDP 来解决问题.现在的大多数堆栈实际上都可以使用 TCP 和 UDP.

So the right thing to do, as always, is pick the right tool for the right job. If you're doing routine monitoring of lots of data, you might consider TCP. But be prepared to fall back to UDP for fixing problems. Most stacks these days can actually use both TCP and UDP.

至于发送 TRAP，是的，TRAP 是不可靠的，因为它们没有得到确认.但是，SNMP INFORM 是 SNMP TRAP 的确认版本.因此，如果您想知道通知接收者收到了消息，请使用 INFORMs.请注意，TCP没有解决这个问题，因为它只提供第 3 层通知消息已被接收.无法保证通知接收者确实得到了它.SNMP INFORM 执行应用程序级别的确认，并且比假设 TCP 确认表明他们得到它更值得信赖.

As for sending TRAPs, yes TRAPs are unreliable because they're not acknowledged. However, SNMP INFORMs are an acknowledged version of a SNMP TRAP. Thus if you want to know that the notification receiver got the message, please use INFORMs. Note that TCP does not solve this problem as it only provides layer 3 level notification that the message was received. There is no assurance that the notification receiver actually got it. SNMP INFORMs do application level acknowledgement and are much more trustworthy than assuming a TCP ack indicates they got it.

这篇关于为什么 SNMP 通常运行在 UDP 而不是 TCP/IP 上?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！