Hi, all the descriptions of networking setups with VMs I`m seeing involve bridges. The only use I see for bridges is when I actually want to be able to send network traffic to multiple arbitrary interfaces connected to the bridge. I do neither need, nor want bridges when I want to keep the VMs separated, like when separating a VM in a DMZ from a VM in the LAN. The bridge acts like a hub. Looking at [1] makes it seem that this is undesirable --- otherwise there wouldn`t be need for a software switch to prevent network traffic on a bridge from going to all of the connected interfaces. When there`s a bridge with multiple VMs connected to it, is a software switch desirable to prevent network traffic on the bridge from going to interfaces it doesn`t need to go to? If so, isn`t it better not to use a bridge to begin with? Can`t we simply have virtual interfaces on the physical host which are the "other end" of the interfaces showing up in the VMs, without bridges? [2] seems to suggest to leave all bridges "dangling", i. e. it says you`re not supposed to connect an interface to the bridge. What`s the point of a bridge when only a single interface is connected to it? [1]: http://openvswitch.org/support/config-cookbooks/vlan-configuration-cookbook/ [2]: http://wiki.libvirt.org/page/Networking -- Knowledge is volatile and fluid. Software is power.