Host A has two NICs. Setup ovirtmgmt on one NIC, and the "internal" network on the second NIC. The internal network should be a VM network with no IP configuration. If the VMs connected to the internal network will be allocated IPs from a different subnet than the VMs on the ovirtmgmt network, then the internal VMs won't be able to ping the host or the ovirtmgmt VMs.
You can also use VLANs to segregate the two networks, which will also allow you to place both bridges on the same physical network device. You could bond two NICs, then place two VLANned, VM networks on the same bond. Assaf Muller, Cloud Networking Engineer Red Hat ----- Original Message ----- From: "Blaster" <blas...@556nato.com> To: "Users@ovirt.org List" <users@ovirt.org> Sent: Thursday, December 19, 2013 7:26:17 PM Subject: [Users] Bridge w/o IP address? I want to put multiple VMs on the same hypervisor, some will be Internet facing, some will be internal facing. I obviously don't want the hypervisor to be an attack vector, so I don't want the HV to have an IP address on the DMZ network. Is this configuration as simple as creating another another bridge like the ovirtmgmt bridge, not giving it an IP address, and adding it to the DMZ facing hosts? _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users