My customer has 4 data DSAs/user store, then they install router DSAs on each CA SSO policy server; policy server connect to local router DSAs, then traffic is routed to the data DSAs.
There are around 32 policy servers in one data center, so there are 32 router DSAs on those policy server boxes. I don't see benefits to have such a configuration and it is hard to manage so many router DSA instances, but is there any negative impact on performance and system stability with so many router DSAs?
The benefit of having the RouterDSA on the CA SSO Policy Server machine is that
Though I don't see an issue. I think the topology should be reversed. Which mean Router DSA has to perform more load balancing / Fail Over / Funneling functions. So I believe having a Router isolated from the Client would be best, as the Router can handle more requests from multiple originators, but act as a gateway to the Data DSA (rather than DataDSA handling requests from multiple originators, even though the originator is a Router).