Now that we understand how packets to 192.168.33.11 are routed, we should adjust our previous hypothesis to reflect that the route of 192.168.33.11 to enp0s3 is not correct and is causing our issue.

Essentially, what is happening (and we see this via tcpdump) is that, when the database server (192.168.33.12) receives a network packet from the blog server (192.168.33.11), it arrives on the enp0s8 device. However, when the database server is sending reply packets (SYN-ACK) to the web application server, the packets are being sent out via the enp0s3 interface.

Since the enp0s3 device is connected to the 10.0.2.0/24 network, it seems that the packet is being rejected (RESET) by another system or device on the 10.0.2.0/24 network. Most likely, ...