[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1153
  • Last Modified:

Question about traffic flow between Edge servers in DMZ

If two separate, federated organizations, Lync and OCS 2007 R2, exist in the same network DMZ, is there any reason the servers from one organization would communicate directly with a server from the other organization, without using the load balanced virtual IP? I would like to confirm that traffic between the organizations will flow in and out of the virtual IP, and not server-to-server, if a sever discovers it is on the same network segment.

We have two federated organizations within our company and are in the process of upgrading one org to Lync. I need to confirm for our network engineer that there will not be a circumstance when the Edge servers from one org will communicate with an Edge server from the other org directly, i.e. traffic will come through VIP. I believe if the Edge server is pointed to an external DNS server, there is no reason for it to attempt server-to-server communication with the other organization. Can anyone confirm this behavior?

1 Solution
Although initial connections are directed to the virtual IP of the load balanced Edge array, additional traffic (like media or web conferencing) will be routed directly to an individual Edge server interface, bypassing the load balancer.  So no, not all traffic is between the VIPs only.

See Rick Varvel's comprehensive Edge configuration guide for more details on what traffic goes where in an Edge array:
jhindsonAuthor Commented:
Thanks Jeff.

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now