Differences Between Host-Routed and Bridged Network Modes

The bridged network mode demonstrates a number of differences as compared to the host-routed one:

• Each vme or veth virtual adapter has a MAC address assigned to it while a host-routed adapter does not have any. Thanks to this fact:
  • Any virtual machine or Container can see all broadcast and multicast packets received from or sent to the selected network adapter on the Hardware Node.
  • Using bridged virtual adapters, you can host DHCP or Samba servers in virtual machines and Containers.
• There is no more need to assign all network settings (IP addresses, subnet mask, gateway, and so on) to virtual machines and Containers from the server. All network parameters can be set from inside virtual machines and Containers.
• veth and vme adapters can be bridged among themselves and with other devices. If several veth and vme adapters are united into a bridge, this bridge can be used to handle network traffic for the virtual machines and Containers whose veth and vme adapters are included in the bridge.
• Due to the fact that veth and vme adapters act as full members on the network (rather than 'hidden' beyond virtual networks adapters on the server), they are more prone to security vulnerabilities: traffic sniffing, IP address collisions, and so on. Therefore, veth and vme adapters are recommended for use in trusted network environments only.