Proximity Routing is a networking feature you can enable when you configure the Cloud Gateway.

Proximity routing ensures that forwarding between virtual machines connected to stretched and routed networks, both on-premises and in the cloud, is symmetrical. This feature requires Advanced Networks Services with Dynamic Routing configured between the customer premises and the cloud.

When users extend their networks to the cloud, Layer 2 connectivity is stretched onto vCloud air networks. However, without route optimization, Layer 3 communication requests must return to the on-premises network origin to be routed. This return trip is called "tromboning" or "hairpinning." Tromboning is inefficient because packets must travel back and forth between the network origin and the Cloud, even when both source and destination virtual machines reside in the Cloud.

In addition to inefficiency, if the forwarding path includes stateful firewalls, or other inline equipment that must see both sides of the connection, communication might fail. Virtual machine communication (without route optimization) failure occurs when the egress path exiting the cloud can be either the stretched Layer 2 network or the Org Routed Network. The on-premises network does not know about the stretched network "shortcut." This problem is called asymmetric routing. The solution is to enable proximity routing so the on-premises network can learn the routes from vCloud Air.

The Cloud Gateway maintains an inventory of virtual machines in the cloud. It also understands the virtual machine state, which can be:

Transferred to the cloud with vMotion (zero-downtime migration).

Migrated to the cloud using host-based replication (low-downtime migration).

Created in the cloud (on a stretched network).

To prevent tromboning, vCloud air uses intelligent route management to choose routes appropriate to the virtual machine state.

Asymmetric Routing With Proximity Routing Solution
asymmetric routing with proximity routing solution

In the diagram above, the N*a components on the left reside in the on-premises data center, and the N*b component on the right reside in the cloud.

R1 is the default gateway for N1-b, therefore, N1-b must return to R1 to route traffic through R2. To prevent asymmetric routing, vCloud Air injects host routes into the on-premises network.

If the virtual machine was newly created in the cloud, or it was moved with low-downtime migration, the host route is injected immediately.

If the virtual machine was transferred using vMotion, the route is not injected until the virtual machine reboots. Waiting until after the reboot ensures that the on-premises stateful devices continue to service the existing session until the virtual machine reboots. After the reboot, the routing information is consistent both on-premises and in the cloud.

That is, R1 can use routing to reach a specific virtual machine through R2, rather than using the locally connected extended Network. R2 fully owns the path for other networks to reach virtual machines with Proximity Routing enabled.