[Solved] Issues with VM-to-VM Communication -Ping response has wrong MAC address

[aronmal]

Hi everyone,

I'm trying to set up OSPF in a development environment and ran into a strange issue. Here's what I've done so far:

1. I set up two VMs running OPNsense on my host machine.
2. However, OSPF is not fully functional, and I discovered that the two VMs cannot communicate with each other directly.

The Problem:
When VM1 (MAC: ...:0b:a8, IPv4: x.x.x.110) pings VM2 (MAC: ...:e1:01, IPv4: x.x.x.111):
- The ICMP request reaches VM2, but the response is sent back to the default gateway's MAC address (physical OPNsense machine, MAC: ...:39:83, IPv4: x.x.x.1) instead of VM1.
- The same issue happens in reverse: VM2's request reaches VM1, but the response goes to the gateway's MAC.

Debugging Steps:
1. I suspected the host machine's bridge interfaces might be causing the issue. To rule this out, I added a third VM running Ubuntu:
  - Ubuntu behaves as expected: it responds correctly to pings from both VMs.
  - However, when Ubuntu pings the OPNsense VMs, their responses again go to the gateway's MAC instead of back to Ubuntu.

2. I checked the ARP Table on both OPNsense VMs (Interface > Diagnostics > ARP Table):
  - All MAC addresses appear to be correct for the respective IPs.

3. I tried different interface assignments for the OPNsense VMs:
  - Connected them via LAN and WAN interfaces.
  - Ensured "Allow All" firewall rules are in place on all interfaces.

4. The default gateway (physical OPNsense) doesn't exhibit this behavior—it responds correctly and routes traffic as expected.

Observations:
This incorrect MAC address behavior only occurs with the virtual OPNsense instances. The physical OPNsense machine and the Ubuntu VM don't have these issues.

I feel comfortable troubleshooting networking problems, but this one has me stumped. Does anyone have ideas on why the response MAC address is incorrect for the OPNsense VMs? Or suggestions on how to fix/debug this further?

Thanks in advance!

[dseven]

Firewall -> Settings -> Advanced -> Disable reply-to

[aronmal]

Hey, thanks for your response! It really helped, and now the VMs can ping each other successfully.

However, OSPF still wasn't working initially and remained stuck in the ExStart state instead of transitioning to Full. But, as usual, a reboot solved the issue, and it's now working as expected.