SNMP is frequently used to monitor systems for fault conditions such as temperature violations, hard drive failures. Management applications can monitor for these conditions by polling the appropriate OIDs with the Get command and analyzing the returned data. This method has its drawbacks. If it is done frequently, significant amounts of network bandwidth can be consumed. If it is done infrequently, the response to the fault condition may not occur in a timely fashion. SNMP traps avoid these limitations of the polling method.
An SNMP trap is an asynchronous event indicating that something significant has occurred. This is analogous to a pager receiving an important message, except that the SNMP trap frequently contains all the information needed to diagnose a fault.
Two drawbacks to SNMP traps are that they are sent using UDP, which is not a guaranteed delivery mechanism, and that they are not acknowledged by the receiver.
An SNMP trap message contains the trap’s enterprise OID, the agent IP address, a generic trap ID, the specific trap ID, a time stamp, and zero or more variable bindings (varbinds). The combination of an enterprise OID and a specific trap ID uniquely identifies each Server Administrator-defined trap. A varbind consists of an OID and its value and provides additional information about the trap.
In order for a management system to receive SNMP traps from a managed system, the node must be configured to send traps to the management system. Trap destination configuration depends on the operating system. When this configuration is done, a management application on the management system can wait for traps and act on them when received.