Hi,
_________________________________________________________________________________________________
You cannot use Internet to connect the HA Control and Fab links between the two SRX nodes
_________________________________________________________________________________________________
Just for arguments sake, assuming all the conditions are met, can the control link be run over Internet through some L2 tunneling or L2VPN mechanism:
1. Latency < 100ms
2. 2.8Mbps per 1000 sessions/s plus any asymmetric traffic resulting from Z-mode deployments for branch SRX. Assuming a 10Mbps symmetric Internet
3. Vlan is isolated from any other hosts and free of any traffic
4. Private MAC & IP addresses are tunnelled over L2
5. No IGMP snooping
6. Min MTU for fabric link 9014. Nothing mentioned for control link
Because of MTU requirement for fabric, it can definitely not be transported over Internet.
Although I agree running any HA cluster traffic is not recommended over Internet for stability reasons as Internet is only best effort, would it be theoretically possible to transport control traffic over Internet.
Cheers,
Ashvin