...

• For eventual consistency, sync mechanism need to be used to keep the configuration of OVS switches and flow rules in consistence with topology (how it spans the physical hosts) of VPC and ingress/egress ACL's applied on the tiers 
• wherever possible fall back to data path where packet is sent to VPC VR, so that optimization achieved with distributed routing and network acls acl's may not leveraged but functionality is not lost because VPC VR will perform ACL and routing anyway.

enable/disable logical router

If the flow rule in the bridge that sends inter tier traffic to go through the patch port to logical router is removed, then traffic will be sent to VPC VR for routing. This fact shall be used to build notion of enable/disable logical router. When a logical router is enabled, flow rule will set on each bridge corresponding to each tier in the VPC to direct inter-tier traffic to logical router. When a logical router is disabled, flow rule set on each bridge corresponding to each tier in the VPC to direct inter-tier traffic to logical router will be removed. 

Architecture & Design description

...