Using a Load Balancing in Exchange 2013 is still recommended, but with this release, everything has become a little bit simpler for admins, and a bit more complicated under the hood. In this two part article I look the changes under the hood and how sessions are now managed, then in the second part demonstrate two methods for implementing load balancing – a simple deployment and a more complicated deployment that uses per-service VIPs.
One note – there’s currently an update in progress for the first part of the article. This will be applied any day now (and covers a couple of grammatical errors too!) but just for my blog readers, here’s the updated text and image:
The other half of the equation is when it comes to forms-based authentication. The Exchange Team have solved this part of the equation by improving the way HTTP cookies are handled by Exchange. The authentication cookie is provided to use the user after logon, encrypted using the Client Access Server’s SSL certificate. This enables a logged in user to resume that session on a different Client Access server without re-authentication; assuming servers share the same SSL certificate, and therefore are able to decrypt the authentication cookie the client presents.