Hi, I am trying to understand the best way to structure our network with oVirt. We have a number of servers hosted in a remote datacenter, all with a single NIC with a single public IP. One server also has a /26 subnet mapped to it which we have to present on a specific MAC address. What I am trying to do is have all our VMs on a private subnet 10.2.3.0/24 for example, and use OVN to make that subnet available across all oVirt hosts, (PeerVPN and Tinc are also options I’m looking at). On the single host with the /26 on it, I plan to run an instance of Opnsense or similar as a VM, with two NICs, one bridged to eth0 with the specific MAC required for the public subnet, and one that will connect to the private virtual network, I could then do 1-to-1 NAT for those hosts on the private network that need to be publically accessible. I know this isn’t the ideal setup, but we have to work with in the constraints required by the datacenter we are using. Unfortunately I can’t work out how to configure this in oVirt, I assume I need to set up a logical network for the private subnet, using OVN as an external provider, and set up another logical subnet for the public address space and attach that to a specific host in the cluster? For the public address space, how do I bridge that to eth0 and give it a specific MAC address? Also how can I ensure my Opnsense VM comes up on a specific host? For the private network, is OVN the best approach, or am I better off looking at other mesh VPN solutions to build an internal network across our oVirt hosts? Any comments or suggestions will be greatly appreciated. Thanks :)