ubuntu – Set up KVM host with multiple VLANs and multiple public IPs


I’m trying (and having a hard time) to setup a clean KVM environment with: an Ubuntu (20.04) host (with a single NIC), multiple ubuntu KVM guests, 2 public IPs, and one Vlan per IP.
Basically something looking like:
ideal structure


My needs are:

  • Having 2 VLANs for my guests no communication between machines on different VLANs
  • Each VLANs corresponding to a public IP, with a single NIC
  • All guests having access to internet, but not necessarily accessible from outside (“one way”, classic NAT?)
  • Some guest acting as servers, accessible from the internet (“two way”, port redirection?)

I didn’t find any online resources about how to achieve this architecture and none of my attempts

have yet been successful.
I think I can achieve it with the right combination of bridge and (NAT) VLAN but some of my research indicated that I might need routing with Iptables.


Is it possible to achieve this structure and, if yes, how?