Ben Shaw
2019-Aug-09 05:56 UTC
[Bridge] linux bridge does not forward arp reply back packets in a vmware vm
Hi, there was a post on here with the same title in 2017 which seemed to discuss the same issue I was seeing today on my ESXi environment with a bridged Ubuntu VM. A host would not receive ARP replies because the Ubunut VM between it and the ARP responder would drop the replies. My issues seemed to reflect the previous poster's issue identically and after some testing I can see that what is happening is that the ARP request was being forwarded by the Ubuntu VM and then by the ESXi vswitch out one of the two physical uplinks it had to the physical switched environment. Because ESXi vswitches don't participate in STP hence do not block ports that ARP request would be switched back to the same vSwitch via the second uplink port and be forwarded back to the Ubuntu bridged VM. This would cause the Ubuntu VM to see the host sending the ARP request to be off the other interface so when the ARP reply was received the Ubuntu host would drop the reply and not forward out the interface on the bridge the intended recipient was actually on. This could be see in the brctl showmacs output with the MAC address in question appearing on the wrong bridge member port as shown below where the first entry should actually be off port 2. LAB-SOH01:~$ brctl showmacs br0 | grep no port no mac addr is local? ageing timer 1 00:0c:29:e7:e4:37 no 12.58 1 00:a0:c9:0f:02:01 no 2.00 LAB-SOH01:~$ A work around so far is to disable one of the physical uplinks to the physical network. I will have to think if there is a better solution which maintains redundancy. Hopefully this may be of help to some others who see the same issue. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.linuxfoundation.org/pipermail/bridge/attachments/20190809/de15efbb/attachment.html>