I have setup a linux box (on an esxi5) which acts as an OpenVPN server. the server is configured to use bridging for the clients, which essentially works, with one exception.
If the client pings some machine on the network which is not the server itself it does not work. I ruled out everything I know of (iptables, etc) and running tcpdump boiled it down to the following things:
- I see ARP requests on tap0 and br0
- I see the ARP replies on br0
- I do NOT see the ARP replies on tap0
Question: why does the br0 device not forward ARP replies to the tap0 device?
Best Answer
Without more info, we are guessing, but lets try:
First make sure that both eth0 and tap0 are in promiscuous mode. br0 should not be in promiscuous mode.
Next check it you have arptables and any iptables rules that might be interfering.
As you already get arp replies, your probably don't have this, but check it anyway.
finally check the rp_filter settings, but also check any extra sysctl parameters you may have set.