NLB is bad
“There are several limitations associated with deploying WNLB with Microsoft Exchange.
- WNLB can’t be used on Exchange servers where mailbox DAGs are also being used because WNLB is incompatible with Windows failover clustering. If you’re using an Exchange 2010 DAG and you want to use WNLB, you need to have the Client Access server role and the Mailbox server role running on separate servers.
- Due to performance issues, we don’t recommend putting more than eight Client Access servers [*] in an array that’s load balanced by WNLB.
- WNLB doesn’t detect service outages. WNLB only detects server outages by IP address. This means if a particular Web service, such as Outlook Web App, fails, but the server is still functioning, WNLB won’t detect the failure and will still route requests to that Client Access server. Manual intervention is required to remove the Client Access server experiencing the outage from the load balancing pool.
- WNLB configuration can result in port flooding, which can overwhelm networks.
- Because WNLB only performs client affinity using the source IP address, it’s not an effective solution when the source IP pool is small. This can occur when the source IP pool is from a remote network subnet or when your organization is using network address translation. [*]”
(*) The number of 8 CAS actually seems extremely high to me. We have heard others takling about “max. 50 Mailboxes”, but I never found a Microsoft source for that. /EG
(**) I would add to this that it will also lead to annoying re-authentication popups in cases where the IP address can change (mobile phones, VPN, multiple firewalls, …)