Appologies on the delay getting back to you on this, been a bit busy with things.

So I've done a lot more digging and it seems that traffic is going out, back into the pfsense box but doesn't seem to get back to my VM and I'm honestly out of my depth trying to work out why.

So relevant info is below, 10.0.10.254 is the external gateway and does DHCP, so my VM 10.0.10.121 gets it's IP from our office router ok but pings and normal internet traffic fails. It would appear that the WAN interface is getting the ping reply but it's not going across to the statics or the bridge interface and I cant work out why

pfTop: Up State 1-17/17, View: default, Order: bytes PR DIR SRC DEST STATE AGE EXP PKTS BYTES icmp Out 10.0.10.121:32235 10.0.10.254:32235 0:0 00:07:06 00:00:09 1643 46004 icmp Out 10.0.10.121:55748 10.0.10.254:55748 0:0 00:07:03 00:00:09 1640 45920

Packet Capture WAN:
11:40:12.494284 IP 10.0.10.121 > 10.0.10.254: ICMP echo request, id 32235, seq 1242, length 8
11:40:12.494450 IP 10.0.10.121 > 10.0.10.254: ICMP echo request, id 55748, seq 1238, length 8
11:40:12.509484 IP 10.0.10.254 > 10.0.10.121: ICMP echo reply, id 32235, seq 1242, length 8
11:40:12.510505 IP 10.0.10.254 > 10.0.10.121: ICMP echo reply, id 55748, seq 1238, length 8
11:40:13.651769 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46

Packet Capture Bridge:
11:48:49.284145 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46
11:48:50.307864 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46
11:48:51.331496 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46

Packet Capture Statics:
11:50:30.660879 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46
11:50:31.688384 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46
11:50:32.709554 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46
11:50:33.733321 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46
11:50:34.757094 ARP, Request who-has 10.0.10.254 tell 10.0.10.124, length 46

VM tcp dump for icmp:
0_1538651044673_tcpdump icmp.png

I am i right in thinking that incoming flow from WAN to the Statics is what's failing? Are there other diagnostic steps I can take to work this out?

I'll keep trying this afternoon to see if i can get anywhere.

Thanks

@jknott said in Hardware switch or NIC brridge?:

There used to be some cut through switches, that would start switching as soon as it learned the destination MAC, but those have disappeared

And there still are, the cisco nexus 5000 line did/does it... The 9000 series nexus I believe default to cut through but can be put in store and forward, etc.

So disappeared is not true... But cut through was never in the soho or budget lines of any switch maker..