I want to ask what is the best practice to configure redundancy groups.
I am deploying active/passive srx cluster and have 4 links 1xWAN 2xStS connect and 1xLAN.
Should I put every link to seperate redundancy group or all interfaces to one redundancy group.
What is the best approach?
If you are looking for best design practices, then the answer really depends of your network requirements which means that It's not needed to have every interface into a different RG.
Most important thing you need to take care about is how much traffic is passing through the device then you can do kind of load-balancing having WAN link into a RG and the rest into another RG to avoid PFE exhaustation. Doing so you can have RG1 active on node0 and RG2 active on node1.
but if I will have RG1 active on node0 and RG2 on node1 it will be active/active configuration ? I want active/passive so from your comment it will be OK if I put all interfaces into one RG.
Not an expert on Juniper but having all interfaces in one redundancy group has always caused me problem, even if you want an Active/Passive setup the RG's are controlled by the node priority, just set the node you want as active to a higher priority then the passive node and all the interfaces should stay on the active node.
What you got to think of is if you have 1 link goes down to you want all your interfaces to move over to the Passive node, if you do then go with 1RG, if you don't then put all the interfaces into different RG's.
If you put all interfaces on one RG group the traffic will always flow through 1 node only.
If the interfaces are in multiple RG groups there are chances that traffic will enter on one group and will have to leave via other group. Which will involve traffic flow through Fab link. If the Fab link gets congested that can affect traffic as well cluster.