Interface arp'able but not pingable

forty-2 · October 12, 2025, 11:57am

Hello -
I have 3 devices on a ProxMox VLAN

a linux machine
a windows machine
an OpenWRT instance (latest build as of 2 days ago)

OpenWRT has 2 interfaces & corresponding devices:

lan0, on the VLAN, static IP, dhcp server
lan2, on my main network, dhcp client

on the VLAN I can ping the machines from each other, and see the OpenWRT lan0(eth0) via arp -a, but it will not return a ping. I do however see dhcp requests & acks in the log. No problems getting to it through lan2(eth2).

It's a bog simple config; no zones, no routes, firewall set to accept.

Any ideas on where to start troubleshooting this would be appreciated.
thanks!
Paul

brada4 · October 12, 2025, 11:59am

Maybe cables are crossed. arp responses will leak with default sysctls while ip responses will follow correct subnet routes.

forty-2 · October 12, 2025, 12:11pm

hmm... good to know. It's all Virtual Machines on ProxMox, and I've triple checked that all the devices are tagged on the same VLAN; that's all the 'cabling' in question.

brada4 · October 12, 2025, 12:50pm

so you tagged dhcp client and server in same vlan?

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall

forty-2 · October 12, 2025, 1:00pm

no, sorry, only lan0 is on the vlan running the dhcp server.
thanks for the assist

system board:

{
        "kernel": "6.6.104",
        "hostname": "OpenWrt",
        "system": "Common KVM processor",
        "model": "QEMU Standard PC (i440FX + PIIX, 1996)",
        "board_name": "qemu-standard-pc-i440fx-piix-1996",
        "rootfs_type": "ext4",
        "release": {
                "distribution": "OpenWrt",
                "version": "24.10.3",
                "revision": "r28872-daca7c049b",
                "target": "x86/64",
                "description": "OpenWrt 24.10.3 r28872-daca7c049b",
                "builddate": "1758316778"
        }
}

network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdde:2264:c224::/48'
        option packet_steering '0'

config device
        option name 'eth2'
        option ipv6 '0'

config interface 'lan2'
        option proto 'dhcp'
        option device 'eth2'
        option defaultroute '0'

config device
        option name 'eth0'

config interface 'lan0'
        option proto 'static'
        option device 'eth0'
        option ipaddr '192.168.49.1'
        option netmask '255.255.255.0'

dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option filter_aaaa '0'
        option filter_a '0'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config dhcp 'lan0'
        option interface 'lan0'
        option start '100'
        option limit '150'
        option leasetime '12h'

firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

brada4 · October 12, 2025, 1:48pm

You have to check with proxmox documentation why bridge is not forwarding.

forty-2 · October 12, 2025, 2:08pm

yeah, I'll dig deeper into that - the fact that the other two machines on the bridge can ping each other led me to believe that wasn't the issue.
So the config looks OK?

brada4 · October 12, 2025, 2:10pm

Interfaces are configured exactly as you wanted, there is no magic to add inside the vm.

system · October 22, 2025, 2:11pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.