I know that with the virsh command I can create several types of networks (a "NAT network", for example) as we can see in these URLs... KVM network management ( https://programmersought.com/article/52213715009/ ) KVM default NAT-based networking (page 33) ( https://www.ibm.com/downloads/cas/ZVJGQX8E ) QUESTION: How can I create a network (lan_n) where only guests/VMs have connectivity, with no outbound connectivity and no host/hypervisor connectivity? NOTE: The connectivity to other resources will be provided by a pfSense firewall server that will have access to another network (wan_n) with outbound connectivity and other resources. Network layout... [N]wan_n ↕ [I]wan_n [V]pfsense_vm [I]lan_n ↕ [N]lan_n ↕ ............................. ↕ ↕ ↕ [V]some_vm_0 [V]some_vm_1 [V]some_vm_4 [V]some_vm_2 [V]some_vm_5 [V]some_vm_3 _ [N] - Network; _ [I] - Network Interface; _ [V] - Virtual Machine. Thanks! =D ORIGINAL QUESTION: https://serverfault.com/q/1066478/276753 -- Eduardo Lúcio Tecnologia, Desenvolvimento e Software Livre LightBase Consultoria em Software Público eduardo.lucio@xxxxxxxxxxxxxxxx +55-61-3347-1949 - http://brlight.org - Brasil-DF Software livre! Abrace essa idéia! "Aqueles que negam liberdade aos outros não a merecem para si mesmos." Abraham Lincoln
