Let's keep it private

Jitsi-noob network question.

Our (Internet facing) Jitsi server machines sit in the same L2 segment, their local IP addresses having full visibility.

We see from our firewall logs that they try, often failing, to communicate to each other via their shared public IP: what’s the proper way to keep the server-to-server traffic confined to the LAN, without triggering external routing/NAT?

Expecting obvious answers, thanks.