diff --git a/machines/modules/malobeo/microvm_host.nix b/machines/modules/malobeo/microvm_host.nix
new file mode 100644
index 0000000..e730488
--- /dev/null
+++ b/machines/modules/malobeo/microvm_host.nix
@@ -0,0 +1,52 @@
+{ config, lib, options, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.malobeo.microvm;
+in
+{
+  options = {
+    services.malobeo.microvm = {
+      enableHostBridge = mkOption {
+        default = false;
+        type = types.bool;
+        description = lib.mdDoc "Setup bridge device for microvms.";
+      };
+    };
+  };
+
+  config = mkIf cfg.enableHostBridge
+  { 
+    systemd.network = {
+      enable = true;
+      # create a bride device that all the microvms will be connected to
+      netdevs."10-microvm".netdevConfig = {
+        Kind = "bridge";
+        Name = "microvm";
+      };
+
+      networks."10-microvm" = {
+        matchConfig.Name = "microvm";
+        networkConfig = {
+          DHCPServer = true;
+          IPv6SendRA = true;
+        };
+        addresses = [ {
+          Address = "10.0.0.1/24";
+        } {
+          Address = "fd12:3456:789a::1/64";
+        } ];
+        ipv6Prefixes = [ {
+          Prefix = "fd12:3456:789a::/64";
+        } ];
+      };
+
+      # connect the vms to the bridge
+      networks."11-microvm" = {
+        matchConfig.Name = "vm-*";
+        networkConfig.Bridge = "microvm";
+      };
+    };
+  };
+}
diff --git a/outputs.nix b/outputs.nix
index 042216d..c9bbcf0 100644
--- a/outputs.nix
+++ b/outputs.nix
@@ -52,7 +52,10 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems
       inherit inputs;
     });
 
-    nixosModules.malobeo = import ./machines/durruti/host_config.nix;
+    nixosModules.malobeo.imports = [
+      ./machines/durruti/host_config.nix
+      ./machines/modules/malobeo/microvm_host.nix
+    ];
 
     hydraJobs = nixpkgs.lib.mapAttrs (_: nixpkgs.lib.hydraJob) (
       let