diff --git a/host_vars/vm1/networking.yml b/host_vars/vm1/networking.yml
index acc7024..3ac5ae7 100644
--- a/host_vars/vm1/networking.yml
+++ b/host_vars/vm1/networking.yml
@@ -1,11 +1,20 @@
 ---
 interfaces:
   enp0s3:
+    type: void
+  br0:
     ipv4: 10.0.2.5
     netmaskv4: 24
     type: static
-    routes:
-      - {subnet: 0.0.0.0, netmask: 0, gateway: 10.0.2.1}
+    bridge: true
+    gateway: 10.0.2.1
+    interfaces:
+      - enp0s3
+  br1:
+    type: manual
+    bridge: true
+    interfaces:
+      - enp0s3.42
   wg0:
     ipv4: "{{ intranet.subnets.test.subnets.vm1.ipv4 }}"
     netmaskv4: "{{ intranet.netmaskv4 }}"
diff --git a/roles/networking/tasks/main.yml b/roles/networking/tasks/main.yml
index 1eaa78c..7ee6fd9 100644
--- a/roles/networking/tasks/main.yml
+++ b/roles/networking/tasks/main.yml
@@ -11,6 +11,18 @@
   until: apt_result is succeeded
   when: ansible_facts["lsb"]["id"] == "Debian"
 
+- name: Install bridge-utils
+  apt:
+    name:
+      - bridge-utils
+    state: latest
+    update_cache: true
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+  when: (ansible_facts["lsb"]["id"] == "Debian") and 
+        (lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
+
 - name: Enable ipv4 forwarding
   ansible.posix.sysctl:
     name: net.ipv4.ip_forward
diff --git a/roles/networking/templates/debian_interfaces.j2 b/roles/networking/templates/debian_interfaces.j2
index 32cef46..85db443 100644
--- a/roles/networking/templates/debian_interfaces.j2
+++ b/roles/networking/templates/debian_interfaces.j2
@@ -5,12 +5,14 @@ auto lo
 iface lo inet loopback
 
 {% for item in lookup('dict', interfaces, wantlist=True) %}
-{% if item.value.type not in ['wireguard', ] %}
+{% if item.value.type not in ['wireguard', 'void', ] %}
 auto {{ item.key }}
 {% if item.value.type == 'dhcp' %}
 iface {{ item.key }} inet dhcp
 {% elif item.value.type == 'static' %}
 iface {{ item.key }} inet static
+{% elif item.value.type == 'manual' %}
+iface {{ item.key }} inet manual
 {% endif %}
 {% if 'routes' in item.value %}{# route up #}
 {% for route in item.value.routes %}
@@ -23,11 +25,21 @@ iface {{ item.key }} inet static
 {% if 'gateway' in item.value %}
     gateway {{ item.value.gateway }}
 {% endif %}
+{% if 'bridge' in item.value and item.value.bridge %}
+{% if 'interfaces' in item.value and item.value.interfaces %}
+    bridge-ports {{ item.value.interfaces | join(' ') }}
+{% endif %}
+    bridge-stp off
+    bridge-fd 0
+{% endif %}
 {% if 'routes' in item.value %}{# route dw #}
 {% for route in item.value.routes %}
     post-down ip route del {{ route.subnet }}/{{ route.netmask }} via {{ route.gateway }}
 {% endfor %}
 {% endif %}{# end route dw #}
 
-{% endif %}{# end (not in [wireguard, ]) #}
+{% elif item.value.type == 'void' %}{# end (not in [wireguard, void, ]) #}
+iface {{ item.key }} inet manual
+
+{% endif %}
 {% endfor %}