I'm having an issue getting traffic to pass between an OVHcloud Public Cloud Instance and a Bare Metal Server that are both connected to the same vRack.
Setup:
- The Bare Metal Server is running Proxmox.
- On the Proxmox host, we have a pfSense VM acting as a router/firewall/DHCP server.
- We also have a Public Cloud Instance, in Public mode with an external IP address (running Ubuntu).
- The Public Cloud Instance is attached to an OVH Private Network with VLAN ID 0.
- The Cloud Project containing the Public Cloud Instance has been added to the same vRack as the Bare Metal Server.
- The Public Cloud Instance successfully obtains an IP address from the pfSense VM via DHCP (the lease appears in the pfSense GUI, and the Public Cloud Instance config shows its using the assigned IP).
Problem:
- The Public Cloud Instance cannot ping the pfSense VM.
- The pfSense VM cannot ping the Public Cloud Instance— the result is Destination Host Unreachable.
- From the Public Cloud Instance side:
If I run tcpdump while pfSense is pinging the Public Cloud Instance, I see the ARP request arrive and I see the Public Cloud Instance send an ARP reply. However, the ARP reply never reaches pfSense. - From the pfSense side:
If I run tcpdump while pinging the Public Cloud Instance, I do not see any ARP replies, and if the Public Cloud Instance pings pfSense, I do not see any ARP requests at all.
Summary of behaviour:
Layer-2 appears to be working in one direction (pfSense → Public Cloud Instance, ARP request arrives), but the return ARP traffic from the Public Cloud Instance does not make it back to pfSense inside the vRack.
All the documentation I've read suggests that my Public Cloud Instances, and my Bare Metal Servers should be able to talk to each other over the vRack, but I can't get it to work.
Can anybody offer any suggestions on what I might have got wrong?
40465 
07.11.2018 12:32