[ovirt-users] Access to the internet from oVirt VMs

Hi to all ✋😉 I've stacked with ovirt's vm network routing Infrastructure: 1. stansalone ovirt engine (hetzner cloud vm) 2. ovirt node (hetzner robot, dedicated server) 3. hetzner private cloud network. Both Engine and Node are connected to private network. For node the network is built on external NIC's tagged VLAN https://docs.hetzner.com/robot/dedicated-server/network/vswitch/ 4. Also there is a pfsense router vm in private network So my purpose is to grant access to the internet from VM inside oVirt via pfSense. Additional info: 1. pfsense machine is pingable from oVirt VM 2. oVirt VM NIC – ovirtmgmt 3. pfsenses' NAT works fine for machines in hetzner cloud 4. Painful troubleshooting showed that something on ovirtmgmt bridge forbids to route traffic to another network 5. Internet access "from the box" doesn't work because ovirtmgmt works on VLAN interface, not at physical one itself. 6. In Ovirt's docs I've found the two ways of custom routing. The first one is about external network provider, that unacceptable for me because it doesn't support VLAN tagging (without it node's network can't get access to private cloud network). The second one is custom routing inside a node that doesn't work for me as well by unknown reason What I do wrong? What are the best practices in oVirt network when we talking about internet access from oVirt's VMs? Thx 😉