Imagine a scenario where virtual machines in different networks exist on two different compute nodes, as demonstrated in the following diagram:

Traffic from the blue virtual machine instance on Compute A to the red virtual machine instance on Compute B will first be forwarded from the instance to its local gateway through the integration bridge and to the router namespace, as shown here:

The router on Compute A will route the traffic from the blue VM to the red VM, replacing the source MAC address with its red interface and the destination MAC address to that of the red VM in the process:

The router then sends the packet back to the integration bridge, which then forwards it to the provider bridge, as shown here:

As traffic arrives at the provider bridge of ComputeA, a series of flow rules are processed, resulting in the source MAC address being changed from the red interface of the router to the unique MAC address of the host:

The traffic is then forwarded out onto the physical network and over to Compute B:

When traffic arrives at Compute B, it is forwarded through the provider bridge. A flow rule adds a local VLAN header that allows traffic to be matched when it is forwarded to the integration bridge:

In the integration bridge, a flow rule strips the local VLAN tag and changes the source MAC address back to that of the router's red interface. The packet is then forwarded to the red VM:

Return traffic from the red VM to the blue VM undergoes a similar routing path through the respective routers and bridges on each compute node.