Topic Last Modified: 2011-03-24

Traffic from the Internet to your peripheral network and from the peripheral network to your internal Microsoft Lync Server 2010 infrastructure follows strict paths that you specify during the configuration of each server role. Similarly, traffic from your internal network to the Internet is strictly controlled.

Each edge server role, as well as the reverse proxy, has an external FQDN. Each edge server also has an internal FQDN that is explicitly defined for each Lync Server 2010 Edge Server and each Edge Server pool. Each of these FQDNs corresponds to a separate network adapter card configured on each edge server and reverse proxy. Traffic arriving at the external edge can only travel to the configured internal FQDN of the internal server.

Traffic from an internal server or pool to the internal edge of an Edge Server follows a route that you define for that server or pool. The global settings for each Standard Edition server and Enterprise Edition Front End pool include the Edge Servers to which outbound traffic from those internal servers and pools is to be routed.

Traffic from an external source to an internal server or pool travels to a specified next hop. The recommended next hop for an edge server is a Lync Server Director.

The Director does not host users but, as a member of an Active Directory domain, it has access to Active Directory Domain Services for purposes of authenticating remote users and routing traffic to the appropriate server or Enterprise pool. By authenticating inbound SIP traffic from remote users, the Director helps insulate home servers and Enterprise pools from potentially unauthenticated traffic, while relieving them of the overhead of performing authentication.

A Director is optional but is strongly recommended in all topologies that involve connections across the Internet, especially those that support external users.

For details about deploying and configuring support for external user access, including Edge Servers and Directors, see the Deploying Edge Servers documentation.

Directors can be configured behind a load balancer if your requirements demand high availability.