libvirt-users@redhat.com TCP Tunnel Info I've been looking at the TCP Tunnel network feature as a potential replacement for the extra private internal networking configuration file. Usecase: This network is supposed to go from VM1 to VM2 without DHCP, DNS or any incoming/outgoing connections to the host or outside world possible. https://libvirt.org/formatdomain.html#elementsNICSTCP * To make sure I understand, adding the TCP Tunnel setting for both VMs 1 and 2 is enough to do what I need? (force them to exclusively communicate without the need for adding a new network as typically done). * If another set of VMs 3 and 4 are running and connected to each other but I want to make sure they cannot connect to VMs 1 and 2, what source addresses should be used to isolate these 2 networks? Do you follow CIDR rules? * For example if the chosen source address is 10.152.152.11 for VMs 1 and 2 what should the other network have? * Going more complicated. Can one VM participate in two separate TCP Tunnel networks while keeping them isolated? Topology: VM1(virtual NIC1) <-> VM2 | VM1(virtual NIC2) <-> VM3 VM2 and 3 can only talk to VM1 but not to each other in this example. * Offtopic: Do your answers similarly apply for using the other Multicast and UDP options too? I can explain better if I'm not making any sense.