I noticed the below tcp dump when pinging a docker container B on bridge B from a docker container A on bridge A.
Container A: 10.0.0.3 / 02:42:0a:00:00:03
Container B: 10.0.0.4 / 02:42:0a:00:00:04
What I don't understand in the below dump is why is there a arp request "who-has" with both src and destination mac address? And I don't see the arp-reply anywhere. From where is it getting the destination mac address? Container B is not even on the same bridge as container A.
Here is the tcpdump on eth0 of src container eth0.
root@nginx-rc-8sqxl:/# tcpdump -nei eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:34:02.048458 02:42:0a:00:00:03 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.0.0.4 tell 10.0.0.3, length 28
00:34:02.048799 02:42:0a:00:00:03 > 02:42:0a:00:00:04, ethertype ARP (0x0806), length 42: Request who-has 10.0.0.4 tell 10.0.0.3, length 28
00:34:03.044847 02:42:0a:00:00:03 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.0.0.4 tell 10.0.0.3, length 28
00:34:03.044880 02:42:0a:00:00:03 > 02:42:0a:00:00:04, ethertype ARP (0x0806), length 42: Request who-has 10.0.0.4 tell 10.0.0.3, length 28
00:34:04.044852 02:42:0a:00:00:03 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.0.0.4 tell 10.0.0.3, length 28
00:34:04.044886 02:42:0a:00:00:03 > 02:42:0a:00:00:04, ethertype ARP (0x0806), length 42: Request who-has 10.0.0.4 tell 10.0.0.3, length 28
