Question about traffic flow between Edge servers in DMZ

If two separate, federated organizations, Lync and OCS 2007 R2, exist in the same network DMZ, is there any reason the servers from one organization would communicate directly with a server from the other organization, without using the load balanced virtual IP? I would like to confirm that traffic between the organizations will flow in and out of the virtual IP, and not server-to-server, if a sever discovers it is on the same network segment.

We have two federated organizations within our company and are in the process of upgrading one org to Lync. I need to confirm for our network engineer that there will not be a circumstance when the Edge servers from one org will communicate with an Edge server from the other org directly, i.e. traffic will come through VIP. I believe if the Edge server is pointed to an external DNS server, there is no reason for it to attempt server-to-server communication with the other organization. Can anyone confirm this behavior?

Thanks.
LVL 4
jhindsonAsked:
Who is Participating?
 
Jeff_SchertzCommented:
Although initial connections are directed to the virtual IP of the load balanced Edge array, additional traffic (like media or web conferencing) will be routed directly to an individual Edge server interface, bypassing the load balancer.  So no, not all traffic is between the VIPs only.

See Rick Varvel's comprehensive Edge configuration guide for more details on what traffic goes where in an Edge array:
http://blogs.technet.com/b/rickva/archive/2009/04/09/ocs-2007-r1-r2-remote-access-configuration-guide.aspx
0
 
jhindsonAuthor Commented:
Thanks Jeff.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.