Juniper SRX series device supports HA mode for redundancy. When it comes to serious networking, failure is not an option. So to get the devices working you can configure pair of SRX devices in High Availability mode. Before getting to know about differences of HA modes you should first have little knowledge of JunOS HA concepts. After knowing the concepts, you are now ready to learn about deployment concepts. There are two types of HA modes; active-active and active-passive. There are some differences between SRX HA modes.
SRX HA Modes
In the figure there are two SRX 240 routers in a cluster named node 0 and node 1. In active/passive mode, the node 0 is actively sending data traffic whereas the node 1 waits passively waiting for node 0 to fail. Upon failure of node 0, node 1 will pass traffic. While node 0 is active, it actively synchronizes sessions to node 1. But not all information is synchronized. For example, if node 0 fails, while it was learning routes for OSPF then it may not be able to synchronize routes fully with router B. This is disadvantage of this mode. In the figure above, there are two reth interfaces, reth 0 and reth 1 in same redundancy group 1. Reth 0 is for internet and reth 1 is for internal network. Since the node 0 is the primary RE data traffic is passing through interface of node 0 only i.e. ge-0/0/0 and ge-0/0/3. This is active-passive.
In this mode, node 0 have full load of the traffic whereas node 1 is free. This mode is mostly used in medium sized networks where traffic load balancing is not needed. This HA mode might have to tolerate some level of downtime because there is some risk in implementing this mode. The risk is that the node 1 device might not function when node 0 fails since node 1 was not sending/receiving traffic before. The device was idle for a long time and now the device has to pass the full traffic. This mode is also used in network where administrators have few knowledge of the device so that troubleshooting is easier in the future.
In active/active mode both devices in HA simultaneously pass the traffic. This mode is similar to active/passive but configured twice. The routers in cluster are active for their own redundancy group. Synchronization happens between both devices. The advantage of this mode over active/passive is, passing traffic by backup router ensures that backup router is ready and correctly functioning. Active/Active is great design because backup router is verified and traffic load is also shared between devices. But the downside of this mode is that it may be difficult to troubleshoot since traffic is going through both devices. Administrators have to spend more time looking for problem in both devices. This mode is used in network where 100% uptime is required despite of the complexity of the troubleshooting.
In the above figure, there are two SRX 240 routers in cluster i.e. node 0 and node 1. In this mode, both routers are sending and receiving traffic simultaneously. For interface reth 0 and reth 1, the redundancy group is 1 and for RG 1, the primary device is node 0. Similarly, for interface reth 2 and reth 3, the redundancy group is 2 and for RG 2 the primary device is node 1. Now, we can say that there are two active/passive mode configured in each device. After knowing about HA modes now you can configure high availability.