1. That's correct, imho.
Yes it overtakes the public ip, as you configured it in heartbeat.
But you can enable routing and add the default gateway to the passive load balancer at the beginning. So if anything goes wrong with the active loadbalancer it should work if the public ip is overtaken by the passive load balancer.
I can not tell you if it's really working, because I stopped using this configuration in a productive environment over vmware.
I had difficulties with the loadbalancer, it stopped sharing the traffic, but hearbeat wasn't aware of it... So no access to the websites even with two loadbalancers...