Thanks Peter for indetail notes on HSRP.
As you said this is everending topic, i am getting different answers from many people saying it is layer 2 and layer 3 protocol but no one concluded what exactly this is... i am still confused to tell my team wheather it is layer 2 or layer3.
Have your team come here, read this and judge for themselves. In my opinion, HSRP belongs to a family of Layer3 control protocols.
Ezra and Inayath,
Especially with protocols like HSRP or ARP, the discussion about "which layer they fit into" can quickly grow to a holy war. The fact is that IP-based protocols have never truly respected strict layering, not in TCP/IP architecture nor in ISO OSI model, and hence there are many protocols that truly cross the boundaries of multiple layers.
Instead of first asking "what layer HSRP operates on?", we should ask: "what is the rule by which we can decide on what layer a protocol operates on?" Indeed, what is often unclear is the criterion itself we should be using to decide what layer does a protocol operate on.
Some people propose that the defining property is the set of protocols and layers our protocol needs itself in order to operate, because in that case, the protocol in question is directly above the required layers. That puts IP quite correctly into the Layer3 (because it needs services of Layer1 and Layer2 to operate), TCP and UDP into Layer4 (because they expect Layer1-3 services to be available), and so on. However, this criterion also makes, say, RIP protocol to be at least Layer5 or above because it needs Layer1-Layer4 to be working in order for RIP to work itself (RIP runs over UDP). The same goes for BGP as it runs over TCP. Now we feel here that considering RIP or BGP to be a true application protocol is, frankly, ridiculous. Even OSPF is sometimes considered a Layer4 protocol because it runs over IP, but come on! We expect segmentation, reassembly, connection-oriented and connectionless, reliable and unreliable delivery of data as the service set provided by Layer4 - this is its purpose - what has OSPF to do with this?
Therefore, I personally propose a different view - the defining property is the set of services the protocol provides itself, and the user of these services. Let us take, for example, routing protocols into a closer view. Regardless of what protocols they require in order to operate themselves, the primary role of routing protocols is to supply the Layer3, in this case, IP, with vital information about how it should operate. In other words, routing protocols provide control services to Layer3 and their entire focus is Layer3 operations from the control point of view, so this would make all routing protocol to be considered as Layer3 control/management protocols. Note, for example, that it is not necessary for an IP routing protocol to necessarily run over IP packets itself. OSPF, EIGRP, RIP, BGP do. IS-IS does not - its messages are placed directly into Layer2 frames - but that does not make it any less proper. You see, you can have your routing table perfectly complete both with IP-based OSPF and Layer2-encapsulated IS-IS. I even heard a question to EIGRP developers on Live! 2013 in London if they are considering bypassing IP encapsulation and moving EIGRP down to direct Layer2 encapsulation Would that make EIGRP to be suddenly a different layer protocol? Hardly - it would still serve the same layer and provide the same set of services.
And again, IS-IS, a well known Layer3 routing protocol as we know it, running in a TRILL or FabricPath network - is it still a Layer3 routing protocol? I do not believe so - what it does here is computing shortest paths between TRILL RBridges or FP switches so that switching over shortest paths can be performed, but here, IS-IS helps to provide Layer2 switching functions with relevant control information. Did the IS-IS change in any way? No, it did not, just the intended user of its services did. Here, it is Layer2 who requires its services to do its own job.
In the same way of thinking, I treat ARP as a Layer3 adaptation control protocol that allows Layer3, in this case, IP, to adapt its particular operation to a specific Layer2 - Ethernet - framing, allowing proper encapsulation of IP packets into Ethernet frames regarding the addressing. ARP is used by IP, not by Ethernet itself, and the service it provides is mapping IPs to MACs. The ARP table is maintained by IP protocol, not by Ethernet, and a different Layer3 protocol, say, IPv6, uses a different approach to create IP-to-MAC mappings, so ARP is quite closely tied to IPv4.
With HSRP, we should first think about whether the resolution of the default gateway IP address is a Layer3 or Layer2 function. Clearly, selecting a proper gateway is a matter of Layer3 routing, so this is a Layer3 operation. Resolving the IP address of the default gateway into an appropriate Layer2 address is a matter of Layer3 adaptation layer for Layer2, so again a Layer3 specific operation although it does interface directly with Layer2 operations. HSRP merely makes sure that the IP address of the default gateway and the associated MAC address are transparently handled by a particular router in a standby group so that there is always exactly one router responsible for this vIP/vMAC. From my point of view, therefore, HSRP is a Layer3 control protocol that virtualizes the default gateway IP/MAC but it still concerns purely with IP and adaptation of IP to MAC.
Wow, I did not intend to write such a lengthy post in the beginning... I guess this is a neverending topic.
My two cents...
I am SO glad that you step into this because, honestly, I was really striving with this question and also with the answer. Many thanks that you have provided us with your high level overview. We all know that these are non-trivial topics that have caused a lot of confusion and led to misleading information contained in many articles I have read so far.
Thanks once again.
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
"holy war" - laugh - indeed.
Not too, too long ago, I answered a post about what "level" routing protocols are. Personally, I consider them level 7, applications, whose purpose is to "do things" to the workings of the network. The real issue is they are sort of "outside" the classical network layer models which concern themselves with defining networks abstracted into different functional layers (as one might also write functional code).
In that thread, I noted the ITU actually recognizes things such as routing protocols are control/management and aren't strictly part of the classical network layer model. Once you accept these protocols are not just some layer of the classical network model, all the "oddities" about layer usage, as Peter notes, I believe, fall away.
HSRP, like routing protocols, falls outside of the classical network layer model. It both supports the network and uses the network.
What HSRP does is provide virtual IP which has a supporting Ethernet virtual MAC. HSRP communicates between its instances to determine which physical interface will host the active virtual IP. To me, this part of the HSRP is an application, i.e. L7, which uses the network to communicate between its host instances. However, the result of its network usage, causes impact to L2 and L3 operations of the network (again as whether and what and where the HSRP IP and MAC are functional).
Dear Mr. Doherty,
If I may, I would like to express my opinion. First of all, I totally agree with you and I am glad that you and Peter got involved. I think of HSRP in a very similar way and from my view I consider it layer 7 protocol ("applications" exchanging some high level information and based on it they make changes thus affecting underlying layers). In the same time, I read a lot of articles that stricly said that it is a l3 or l2 protocol. Some of them even compared HSRP as l3 protocol to GLBP which is, in their opinion, a l2 protocol. This way of thinking is very odd to me and I couldn'd disagree more. I cannot and will not adopt this kind of thiking as I do not consider it to be "true".
I think that the thing that matters is the perspective from which you perceive the network and protocols. I thought that I do not understand HSRP and other protocols properly, because I just could not say it is strictly layer7 or layer3 protocol. It depends, really...
Many thanks to you and Peter for sharing your view, it has cleared my mind a lot.