Hi, can anyone give an example for a pointopoint routed setup? i.e. each virtual machine has one ip with pointopoint config to the host machine, on a private interface - thus the virtual machines can only talk to the host, which routes them and can use normal iptables for filtering all traffic. with xen this was a simple script doing ifconfig ${vif} ${main_ip} netmask 255.255.255.255 up ip route ${ipcmd} ${addr} dev ${vif} src ${main_ip} and an optional echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp has someone implemented something like this with libvirt/kvm setup? can you give some pointers how to do this? I don't need high speed communication between the virtual machines, and the option to filter all traffic between them (without using the bridge netfilter tables) would be nice. Or is there a reason not to use such a setup, and a better option to implement this? Thanks for your help and best regards, Andreas Jellinghaus