66
edits
Changes
no edit summary
Sometimes a bridge can mysteriously drop the packets and not forward them.
e.g. eyck user experienced a problem when some of the broadcasts were not
delivered to container via the bridge.
BOOTP/DHCP, Reply, length 300
However, eth0 inside the container receives received only 2nd packet with a BOOTP/DHCP reply and doesn't see the 1st one with the request itself:
15:21:52.291145 00:08:02:ac:36:20 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 172.17.8.254.67 > 255.255.255.255.68:
BOOTP/DHCP, Reply, length 300
== Resolution ==
It is not obvious at all, but bridges (though they have their own ebtables filters) do also call iptables FORWARD chain when forwarding packets between interfaces.
Thus your FORWARD iptables rules should allow all the packets which are supposed to go through.