This is still puzzling me. When I do a packet capture on the first server, while adding the NEST SDM Account thing, I see this.
root@ubuntu:~# tcpdump -nn -i any port 443
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
02:11:39.837765 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [S], seq 2210076009, win 64240, options [mss 1460,sackOK,TS val 1736650415 ecr 0,nop,wscale 7], length 0
02:11:39.844136 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [S.], seq 1615980484, ack 2210076010, win 65535, options [mss 1412,sackOK,TS val 3103549364 ecr 1736650415,nop,wscale 8], length 0
02:11:39.844187 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [.], ack 1, win 502, options [nop,nop,TS val 1736650421 ecr 3103549364], length 0
02:11:39.848017 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [P.], seq 1:457, ack 1, win 502, options [nop,nop,TS val 1736650425 ecr 3103549364], length 456
02:11:39.854151 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], ack 457, win 261, options [nop,nop,TS val 3103549374 ecr 1736650425], length 0
02:11:39.854644 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], seq 1:1401, ack 457, win 261, options [nop,nop,TS val 3103549374 ecr 1736650425], length 1400
02:11:39.854667 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [.], ack 1401, win 501, options [nop,nop,TS val 1736650432 ecr 3103549374], length 0
02:11:39.854774 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], seq 1401:2801, ack 457, win 261, options [nop,nop,TS val 3103549374 ecr 1736650425], length 1400
02:11:39.854784 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [.], ack 2801, win 496, options [nop,nop,TS val 1736650432 ecr 3103549374], length 0
02:11:39.854897 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [P.], seq 2801:4328, ack 457, win 261, options [nop,nop,TS val 3103549374 ecr 1736650425], length 1527
02:11:39.854905 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [.], ack 4328, win 485, options [nop,nop,TS val 1736650432 ecr 3103549374], length 0
02:11:39.857396 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [P.], seq 457:463, ack 4328, win 501, options [nop,nop,TS val 1736650435 ecr 3103549374], length 6
02:11:39.866096 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], ack 463, win 261, options [nop,nop,TS val 3103549386 ecr 1736650435], length 0
02:11:39.867243 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [P.], seq 463:553, ack 4328, win 501, options [nop,nop,TS val 1736650444 ecr 3103549386], length 90
02:11:39.868072 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [P.], seq 553:1114, ack 4328, win 501, options [nop,nop,TS val 1736650445 ecr 3103549386], length 561
02:11:39.871125 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], ack 553, win 261, options [nop,nop,TS val 3103549391 ecr 1736650444], length 0
02:11:39.874368 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], ack 1114, win 265, options [nop,nop,TS val 3103549394 ecr 1736650445], length 0
02:11:39.975211 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [P.], seq 4328:6038, ack 1114, win 265, options [nop,nop,TS val 3103549495 ecr 1736650445], length 1710
02:11:39.975301 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [P.], seq 6038:6065, ack 1114, win 265, options [nop,nop,TS val 3103549495 ecr 1736650445], length 27
02:11:39.975528 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [.], ack 6065, win 501, options [nop,nop,TS val 1736650553 ecr 3103549495], length 0
02:11:39.977768 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [P.], seq 1114:1154, ack 6065, win 501, options [nop,nop,TS val 1736650555 ecr 3103549495], length 40
02:11:39.977798 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [F.], seq 1154, ack 6065, win 501, options [nop,nop,TS val 1736650555 ecr 3103549495], length 0
02:11:39.982113 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [.], ack 1154, win 265, options [nop,nop,TS val 3103549502 ecr 1736650555], length 0
02:11:39.983440 enp0s25 In IP 142.251.116.84.443 > 192.168.3.16.41396: Flags [F.], seq 6065, ack 1155, win 265, options [nop,nop,TS val 3103549503 ecr 1736650555], length 0
02:11:39.983469 enp0s25 Out IP 192.168.3.16.41396 > 142.251.116.84.443: Flags [.], ack 6066, win 501, options [nop,nop,TS val 1736650561 ecr 3103549503], length 0
But when I do the same on the second server, there is not a single packet. Like there is not even an attempt to communicate with Google.
root@roki:/opt/openhab# tcpdump -nn -i any net 142.0.0.0/8
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
^C
0 packets captured
6 packets received by filter
0 packets dropped by kernel