Each ESXi host has its own copy of each configured DLR instance. Each DLR instance has its own unique set of tables containing the information needed to forward packets. This information is synchronized across all hosts where this DLR instance exists. Instances of an individual DLR across different hosts have exactly the same information.
Routing is always handled by a DLR instance on the same host where the source VM is running because the same DLR Instance is running on the another host too. This means that when source and destination VMs are on different hosts, the DLR instance that provides routing between them sees packets only in one direction, from source VM to destination. Return traffic is only seen by the corresponding instance of the same DLR on the destination VM’s host.
After the DLR has completed routing, delivery to the final destination is the responsibility of the DVS via L2 – VXLAN or VLAN if the source and destination VMs are on different hosts, or by the DVS locally if they are on the same host.
First-hop routing is handled on the host, and traffic is switched to the appropriate logical switch. If the destination is at another host, the Ethernet frame is placed in a VXLAN frame and forwarded.
Routing is always handled by a DLR instance on the same host where the source VM is running:
- VM1 sends a packet toward VM4, which is addressed to VM1’s gateway for VM4’s subnet (or default).
- The logical switch on ESXi01 delivers the packet to the DLR on that host, where the lookup is performed, and the egress LIF is determined (in this case for VXLAN 8284 LIF).
- The packet is sent out of that destination LIF, which returns the packet to the logical switch but on a different logical switch (8284).
- The logical switch performs L2 delivery of that packet to the destination host.
Routing is performed at Hypervisor kernel level and in this way it avoids hair-pinning and east-west traffic gets optimized.