HI,
Another documentation that discusses this matter specifically:
https://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/technotes/3500165-EN.pdf
The cluster is set up accross Layer 2 and there needs to be separate vlans for each control and the fabric link. Also, I believe fabric link requires jumbo frames MTU if there is to be Z-flow traffic and its recommended for the paths of the control links to be diverse due to the cluster's sensitivity to control traffic.
_________________________________________________________________________________________________
Or Do i need to use IBGP(with an OSPF on internal network) on both firewalls to act as primary / secondary and take over control in case of failure?
_________________________________________________________________________________________________
In cluster mode, both nodes appear as a single logical unit in active/standby mode or active-active mode. If the cluster fails over to standby, the interfaces [redundancy groups] also fail over. Dynamic routing protocols can be used with other network elements in the network for routing but I believe its not required for the cluster functionallity.
Cheers,
Ashvin