We recently acquired our own /24 and ASN. We will BGP peer (default routes only) to ISP-A and ISP-B. Right now we just have ISP-A up. ISP-B is working on enabling BGP on their circuit.
I currently have two Juniper SRX340 devices in an active-passive HA config. We’d like to only use ISP-A outbound, have it failover to ISP-B in the event that ISP-A goes down and then switch back to ISP-A when it comes back up. Is it better to leave the SRX340 devices in a HA pair, terminating both ISP connections to them or separate them out with one SRX340 going to ISP-A and the other connected to ISP-B and use something like VRRP between them?
vrrp will only give routing failover all the sessions will be lost in the transition and become disruptive for all the active users at the time. The cluser keeps all the sessions available on both devices for a more seamless experience.