I'm using OpenStack and OVS. This is my case:

• From a remote host, I ping VM with floating IP A.
• Local gateway received the echo request, then send a packet with IP A and MAC address A' (based on a fixed IP-MAC map on gateway)
• The virtual router on host machine somehow receive the packet on its external interface (with MAC address B'). I checked it by tcpdump on external interface, and I got echo request message.
• On the virtual router, there are NAT rules to translate address A to internal address 192.168.100.40:

Chain neutron-l3-agent-PREROUTING (1 references)

target     prot opt source               destination         
DNAT       all  --  anywhere             46.105.252.217       to:192.168.100.43
DNAT       all  --  anywhere             46.105.252.219       to:192.168.100.40

But the problem is those rules are never hit. I checked it with

iptables -t nat -L -v -n

and found out hit count of these rule = 0.

I don't know how can I debug this case. Is it because MAC address is different from router's MAC that packets are dropped? If yes, why tcpdump shows message?

If it passed MAC address check, why those packets didn't hit iptables rules. How can I debug this case?