Ilya Ponetayev <instenet at gmail.com> writes: > You may create as many bridges as you want to have virtual interfaces, > each bridge consisting only of connection to single VM, and handle > traffic between bridges and between physical interfaces of host > through iptables/iproute. In that case, I`d prefer not to have bridges. Things are easier to deal with when you only have those network devices you actually need. Dangling bridges seem to be pretty obsolete. > IHMO bridging is the most proper and popular technique because it > provides the most flexible configuration. Your VM sees NIC as Ethernet > card (so with all L2 features), so either you can terminate this L2 > pipe with bridge in host, and perform L3/higher level handling, or you > can use for example DHCP server on host binded to your bridge, or > VLAN-handling config. Bridges are cool when you actually need them. That doesn`t mean that they must be there when not needed. Is there something I don`t understand which makes them always a requirement? If so, perhaps it would be a nice feature if we were able to hide bridges we don`t need. -- Knowledge is volatile and fluid. Software is power.