locked
Collocated Mediation Server with SIP Trunk. Why not? RRS feed

  • Question

  • I am half way done with a 2013 migration, going from Enterprise to Standard, and I just read that it is not recommended to have collocated mediation server if you use a sip trunk. Can anyone tell me why this is?

    BTW, this is a very small deployment (70-100 users) on a physical server with plenty of horsepower and we also plan to add a second physical server, at some point, mostly for fail-over.\

    I really don't want to have an "unsupported" configuration.....

    Friday, May 24, 2013 12:43 PM

Answers

  • Hi,

    Couple of thoughts ;

    When you have collocated mediation server and terminate sip trunk on it , media bypass cannot achieved. So mediation server will process lots media for conference and codec conversion etc.  Technically , if resources are available it should work fine, but it’s better to separate the workloads.

    It’s not a good idea to expose FE server with a public IP address to internet. My point of view, standard alone server with dual NIC card may be the better option.

    Thanks

    Saleesh


    If answer is helpful, please hit the green arrow on the left, or mark as answer.


    Friday, May 24, 2013 1:17 PM
  • Just because its not "recommended" doesn't mean its not supported.  Collocating your mediation server on your front-end is a supported solution when using a SIP trunk. The reasons for separating out the mediation server are:

    1. Since you can't do media bypass to a SIP trunk, the mediation server will experience a higher load. This won't be much of a consideration for a 100 user deployment.
    2. You're going to be exposing your front-end to the Internet.  Separating out the mediation server means that your front-end will be more protected against an external attack. You can mitigate this potential issue by locking down access to your SIP provider alone, or connect to your SIP provider via a protected path like a VPN tunnel or MPLS connection (recommended).

    Hope this helps!


    Ken Lasko | Lync MVP | http://UCKen.blogspot.com | http://LyncOptimizer.com

    • Proposed as answer by KenLaskoMVP Friday, May 24, 2013 1:48 PM
    • Marked as answer by ChadTN Friday, May 24, 2013 2:04 PM
    Friday, May 24, 2013 1:23 PM

All replies

  • Hi,

    Couple of thoughts ;

    When you have collocated mediation server and terminate sip trunk on it , media bypass cannot achieved. So mediation server will process lots media for conference and codec conversion etc.  Technically , if resources are available it should work fine, but it’s better to separate the workloads.

    It’s not a good idea to expose FE server with a public IP address to internet. My point of view, standard alone server with dual NIC card may be the better option.

    Thanks

    Saleesh


    If answer is helpful, please hit the green arrow on the left, or mark as answer.


    Friday, May 24, 2013 1:17 PM
  • Just because its not "recommended" doesn't mean its not supported.  Collocating your mediation server on your front-end is a supported solution when using a SIP trunk. The reasons for separating out the mediation server are:

    1. Since you can't do media bypass to a SIP trunk, the mediation server will experience a higher load. This won't be much of a consideration for a 100 user deployment.
    2. You're going to be exposing your front-end to the Internet.  Separating out the mediation server means that your front-end will be more protected against an external attack. You can mitigate this potential issue by locking down access to your SIP provider alone, or connect to your SIP provider via a protected path like a VPN tunnel or MPLS connection (recommended).

    Hope this helps!


    Ken Lasko | Lync MVP | http://UCKen.blogspot.com | http://LyncOptimizer.com

    • Proposed as answer by KenLaskoMVP Friday, May 24, 2013 1:48 PM
    • Marked as answer by ChadTN Friday, May 24, 2013 2:04 PM
    Friday, May 24, 2013 1:23 PM
  • Right on! Thanks for the quick responses guys. Always good to get the answer you are hoping to hear.

    If I could just ask one more quick question. At what point in the migration do I connect the new FE to the sip?

    Friday, May 24, 2013 1:33 PM
  • I'm a slow typer apparently....I pretty much parroted what Saleesh said above. :)

    You can do it at any time.  Users on both systems will be able to reach it.  Personally, I don't bother changing it until the last person is off the old system. You already know it works when its on the old system.  Why introduce additional variables if its not necessary?


    Ken Lasko | Lync MVP | http://UCKen.blogspot.com | http://LyncOptimizer.com


    Friday, May 24, 2013 1:37 PM