SNMP for Industrial & Railway Device Monitoring: Switches, RTUs, and Field Equipment

Why SNMP for Industrial & Railway Networks?

Industrial and railway environments present unique monitoring challenges — equipment is spread across kilometres of track, exposed to extreme temperatures, vibration, and electromagnetic interference. Yet these are precisely the systems where uptime is most critical.

SNMP provides a standardised, vendor-agnostic way to monitor all this equipment from a central Network Management System (NMS). Whether it's a ruggedized Ethernet switch in a relay room or an RTU at a remote location point, SNMP gives you real-time visibility into device health, performance, and faults.

Types of SNMP-Enabled Industrial/Railway Devices

1. Industrial Managed Switches

These are the backbone of railway and industrial communication networks. Common brands used in railway signalling:

| Brand | Common Models | SNMP Support | Key Features | |-------|--------------|--------------|--------------| | Moxa | EDS-500E, IKS-6700 series | v1/v2c/v3 | -40°C to 75°C, redundant ring | | Hirschmann | RSP, MACH series | v1/v2c/v3 | PRP/HSR, EN 50155 certified | | Cisco IE | IE-4000, IE-5000 | v1/v2c/v3 | Industrial hardened, REP ring | | Siemens | SCALANCE X | v1/v2c/v3 | PROFINET integration, MRP | | Advantech | EKI-7700 series | v1/v2c/v3 | Wide temp, PoE models |

What to Monitor via SNMP

# Port status (ifOperStatus)
snmpwalk -v3 -u railMonitor -l authPriv -a SHA -A "AuthPass123" \
  -x AES -X "PrivPass456" 192.168.10.1 1.3.6.1.2.1.2.2.1.8

# CPU utilisation
snmpget -v3 -u railMonitor -l authPriv -a SHA -A "AuthPass123" \
  -x AES -X "PrivPass456" 192.168.10.1 1.3.6.1.4.1.8691.7.6.1.30.1.1.0

# Temperature sensor (Moxa specific)
snmpget -v3 -u railMonitor -l authPriv -a SHA -A "AuthPass123" \
  -x AES -X "PrivPass456" 192.168.10.1 1.3.6.1.4.1.8691.7.6.1.30.2.1.0

# Ring redundancy status
snmpwalk -v3 -u railMonitor -l authPriv -a SHA -A "AuthPass123" \
  -x AES -X "PrivPass456" 192.168.10.1 1.3.6.1.4.1.8691.7.6.1.18

Critical OIDs for industrial switches:

| Metric | Standard OID | Purpose | |--------|-------------|---------| | Interface status | 1.3.6.1.2.1.2.2.1.8 | Detect link failures | | Interface errors | 1.3.6.1.2.1.2.2.1.14 | CRC/frame errors | | CPU load | Vendor-specific | Switch overload detection | | Temperature | Vendor-specific | Overheating in relay rooms | | Power supply status | Vendor-specific | Dual PSU failure | | Ring status | Vendor-specific | Redundancy ring break |

2. Remote Terminal Units (RTUs)

RTUs are the interface between field instruments and the SCADA/control system. In railway signalling, they collect data from track circuits, point machines, signals, and axle counters.

Common SNMP-enabled RTU platforms:

• ABB RTU560 — Full SNMPv3 support, widely used in railway and power
• Schneider Electric Easergy T300 — SNMP + IEC 61850
• Siemens SICAM A8000 — SNMP agent built-in
• Emerson ROC800 — SNMP for device health monitoring

RTU Monitoring Strategy

RTUs typically expose two types of data via SNMP:

1. Device health — CPU load, memory, temperature, power supply, communication link status
2. Diagnostic counters — Communication timeouts, protocol errors, buffer overflows

# Check RTU communication link status
snmpwalk -v3 -u scadaMonitor -l authPriv -a SHA -A "MyAuth123" \
  -x AES -X "MyPriv456" 10.20.30.40 1.3.6.1.4.1.2699.1.1

# RTU uptime
snmpget -v3 -u scadaMonitor -l authPriv -a SHA -A "MyAuth123" \
  -x AES -X "MyPriv456" 10.20.30.40 1.3.6.1.2.1.1.3.0

# RTU system description (firmware version)
snmpget -v3 -u scadaMonitor -l authPriv -a SHA -A "MyAuth123" \
  -x AES -X "MyPriv456" 10.20.30.40 1.3.6.1.2.1.1.1.0

Important: RTU process data (track circuit states, signal aspects) is typically transferred via protocols like IEC 104 or Modbus, not SNMP. Use SNMP for RTU device health monitoring alongside your SCADA system.

3. Railway Signalling Equipment

Modern electronic interlocking (EI) and computer-based interlocking (CBI) systems increasingly include SNMP-capable network interfaces:

Signal Controllers:

• Monitor power supply status, lamp current, LED health
• SNMP traps for signal failure or degraded mode

Point Machine Controllers:

• Monitor motor current, operating time, position feedback
• Detect slow-moving or stuck points via threshold traps

Track Circuit Equipment:

• Monitor rail voltage levels, receiver sensitivity
• Track circuit failure notifications via SNMP traps

Axle Counter Evaluators:

• Communication link health between counting heads and evaluator
• Error counters for miscount detection

Example: Monitoring a Railway Relay Room

┌─────────────────────────────────────────────────────┐
│                  NMS (Zabbix/LibreNMS)              │
│              Central Control Building                │
└──────────────────────┬──────────────────────────────┘
                       │ Fibre / VPN
         ┌─────────────┼──────────────┐
         ▼             ▼              ▼
   ┌──────────┐  ┌──────────┐  ┌──────────┐
   │ Relay     │  │ Relay     │  │ Relay     │
   │ Room A    │  │ Room B    │  │ Room C    │
   │           │  │           │  │           │
   │ • Moxa SW │  │ • Moxa SW │  │ • Moxa SW │
   │ • RTU     │  │ • RTU     │  │ • RTU     │
   │ • EI Node │  │ • EI Node │  │ • EI Node │
   │ • UPS     │  │ • UPS     │  │ • UPS     │
   │ • Sensors │  │ • Sensors │  │ • Sensors │
   └──────────┘  └──────────┘  └──────────┘

Each relay room typically has 5-15 SNMP-monitored devices. For a section with 20 relay rooms, that's 100-300 SNMP endpoints to manage.

4. Environmental & Power Monitoring

Railway relay rooms and industrial sites need environmental monitoring to protect sensitive equipment:

UPS Systems (APC, Emerson, Delta):

# UPS battery status (RFC 1628 UPS MIB)
snmpget -v3 -u upsMonitor -l authPriv -a SHA -A "AuthPass" \
  -x AES -X "PrivPass" 192.168.10.50 1.3.6.1.2.1.33.1.2.1.0

# Battery remaining capacity (%)
snmpget -v3 -u upsMonitor -l authPriv -a SHA -A "AuthPass" \
  -x AES -X "PrivPass" 192.168.10.50 1.3.6.1.2.1.33.1.2.4.0

# Input voltage
snmpget -v3 -u upsMonitor -l authPriv -a SHA -A "AuthPass" \
  -x AES -X "PrivPass" 192.168.10.50 1.3.6.1.2.1.33.1.3.3.1.3.1

# UPS on battery alarm
snmpget -v3 -u upsMonitor -l authPriv -a SHA -A "AuthPass" \
  -x AES -X "PrivPass" 192.168.10.50 1.3.6.1.2.1.33.1.6.1.0

Temperature/Humidity Sensors (Poseidon, AKCP, HW group):

| OID Purpose | Description | |-------------|-------------| | Temperature value | Current reading in °C or °F | | Humidity value | Current relative humidity % | | Threshold status | Normal / Warning / Critical | | Sensor name | User-assigned label |

# HW group Poseidon temperature reading
snmpget -v2c -c public 192.168.10.60 1.3.6.1.4.1.21796.4.1.3.1.5.1

Setting Up Centralised Monitoring

Step 1: Network Planning

For railway networks, ensure SNMP traffic has a dedicated VLAN or uses the management network. Never mix SNMP traffic with operational signalling data.

Management VLAN (10): SNMP polling, SSH access, NMS traffic
Operations VLAN (20): SCADA/IEC 104 traffic
Safety VLAN (30):     Safety-critical signalling data

Step 2: SNMPv3 User Configuration

Create separate SNMPv3 users for different device groups:

# On each industrial switch (Moxa example)
# Via CLI or web interface, create SNMPv3 user:
# Username: railMonitor
# Auth Protocol: SHA-256
# Auth Password: (strong 16+ char password)
# Privacy Protocol: AES-128
# Privacy Password: (different strong password)
# Access: Read-Only

Step 3: NMS Template Creation

In Zabbix, create templates for each device type:

Template: Moxa Industrial Switch

• Items: port status, traffic, errors, CPU, temperature, ring status
• Triggers: port down, high CPU, temperature warning, ring break
• Discovery rules: auto-discover ports

Template: Railway RTU

• Items: uptime, CPU, memory, comm link status, diagnostic counters
• Triggers: RTU reboot, comm link failure, high error rate

Template: Relay Room UPS

• Items: battery status, capacity, input/output voltage, load
• Triggers: on battery, low battery, overload

Step 4: Alerting & Escalation

Severity Level    │ Action
──────────────────┼────────────────────────────────
Information       │ Log only
Warning           │ Email to network team
High              │ SMS + Email to on-call engineer
Critical          │ SMS + Phone call + Auto-ticket

For railway applications, integrate SNMP alerts with your existing fault management system to create a unified view of both network and signalling faults.

Best Practices for Industrial SNMP

1. Security First

• Always use SNMPv3 with authPriv (authentication + encryption)
• Disable SNMPv1/v2c on all devices
• Use unique passwords per device group
• Restrict SNMP access to management VLAN

2. Polling Intervals

• Critical devices (EI, RTU): 30-60 seconds
• Network switches: 60-120 seconds
• Environmental sensors: 120-300 seconds
• UPS systems: 60 seconds

Avoid polling too aggressively — industrial devices have limited CPU and memory. Over-polling can impact device performance.

3. SNMP Traps for Instant Alerts

Configure devices to send SNMP traps for critical events rather than relying solely on polling:

• Link up/down events
• Power supply failure
• Temperature threshold exceeded
• Redundancy ring topology change

4. Redundancy in Monitoring

• Deploy a secondary NMS or proxy at a backup control centre
• Configure SNMP traps to go to both primary and secondary NMS
• Use NMS clustering (Zabbix proxy, LibreNMS poller groups)

5. Documentation

Maintain a register of all SNMP-monitored devices with:

• IP address and SNMP credentials
• Device type, location, and responsible team
• MIB files used
• Custom OIDs being monitored

Troubleshooting Common Issues

| Problem | Likely Cause | Solution | |---------|-------------|----------| | SNMP timeout | Firewall blocking UDP 161 | Check ACLs on network path | | Authentication error | Wrong SNMPv3 credentials | Verify user/auth/priv match | | Missing OIDs | MIB not loaded or wrong version | Load vendor MIB into NMS | | Intermittent responses | Device CPU overloaded | Increase polling interval | | Traps not received | Wrong trap destination | Check trap receiver config | | Stale data | SNMP agent frozen | Restart SNMP service on device |

Frequently Asked Questions

Is SNMP suitable for safety-critical railway monitoring?

SNMP is excellent for monitoring device health and network infrastructure, but it should not be the primary channel for safety-critical signalling data. Use SNMP alongside your SCADA/IEC 104 system — SNMP for network and device health, SCADA for operational signalling data.

Can I monitor legacy railway equipment with SNMP?

Older relay-based equipment doesn't support SNMP directly. However, you can use SNMP-enabled I/O gateways or RTUs to convert contact closures and analogue signals into SNMP-accessible data. Devices like the Moxa ioLogik series are commonly used for this purpose.

How many devices can a single NMS poll via SNMP?

A well-configured Zabbix or LibreNMS server can poll 5,000-10,000 SNMP devices with standard hardware. For larger deployments, use distributed polling with proxy servers placed at regional control centres.

What happens if the SNMP polling network goes down?

This is why SNMP trap-based monitoring is important alongside polling. Configure devices to store traps locally and forward them when connectivity is restored. Also ensure your network has redundant paths between relay rooms and the NMS.