I ran into the oddest thing when trying to debug a networking issue with OpenStack. I was doing a ping test between virtual machines. The ICMP request packets only made it to the destination host if I did a "tcpdump" on the bridge interface on the node running nova-network, which forwards the packets. If I stopped doing a tcpdump on that interface, I no longer saw the requests reach the host.
In general, how/why would doing a tcpdump on a Linux bridge interface affect whether packets get forwarded?
Best Answer
Does the bridging software expect that the interface is in promiscuous mode, in order to allow it to receive unicast packets sent to some other machine? If so, then perhaps it's buggy, so that it's either not turning promiscuous mode on or is not doing so successfully, and tcpdump, which by default turns promiscuous mode on, is, as a result, working around the bug.