diff --git a/inventory/host_vars/a36s-hyp01.berlin.freifunk.net b/inventory/host_vars/a36s-hyp01.berlin.freifunk.net
index dd57561..49fc1de 100644
--- a/inventory/host_vars/a36s-hyp01.berlin.freifunk.net
+++ b/inventory/host_vars/a36s-hyp01.berlin.freifunk.net
@@ -1,2 +1,11 @@
 ---
 hypervisor_modprobe: modprobe-hpgen8.j2
+hypervisor_networks:
+  - name: AS44194
+    bridge_interface: ens2f1np1.123
+    address: 77.87.50.2/24
+    gateway: 77.87.50.1
+  - name: Strom
+    bridge_interface: ens2f1np1.1312
+  - name: in-berlin
+    bridge_interface: ens2f1np1.1300
diff --git a/roles/hypervisor/README.md b/roles/hypervisor/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/roles/hypervisor/tasks/main.yml b/roles/hypervisor/tasks/main.yml
index d9400f5..e090bce 100644
--- a/roles/hypervisor/tasks/main.yml
+++ b/roles/hypervisor/tasks/main.yml
@@ -34,10 +34,11 @@
   ansible.builtin.template:
     src: "bridge.j2"
     dest: "/etc/network/interfaces.d/{{ item.name }}"
-    mode: "0640"
+    mode: "0644"
     owner: root
     group: root
   loop: "{{ hypervisor_networks }}"
+  when: hypervisor_networks is defined
 
 - name: Define libvirt networks
   community.libvirt.virt_net:
@@ -45,6 +46,7 @@
     name: "{{ item.name }}"
     xml: '{{ lookup("template", "libvirt-network.xml.j2") }}'
   loop: "{{ hypervisor_networks }}"
+  when: hypervisor_networks is defined
 
 - name: Set libvirt Networks active and autostart
   community.libvirt.virt_net:
@@ -52,17 +54,4 @@
     autostart: true
     state: active
   loop: "{{ hypervisor_networks }}"
-
-# Todo:
-# - custom boot options (maybe not needed)
-# - add users to group
-# - Service restarts (or maybe just a Warning that this needs to be done manually for safety reasons?)
-# - debian backports?
-#   - qemu 7.2 => 9.0 https://wiki.qemu.org/ChangeLog
-#   - kernel 6.1 => 6.5/6.9
-#
-#
-#
-#
-#
-#
+  when: hypervisor_networks is defined
diff --git a/roles/hypervisor/templates/modprobe.j2 b/roles/hypervisor/templates/modprobe.j2
index 905b03b..cea489b 100644
--- a/roles/hypervisor/templates/modprobe.j2
+++ b/roles/hypervisor/templates/modprobe.j2
@@ -1,2 +1,4 @@
+# Needed for vlans
 8021q
+# netfilter for bridges, loaded as module so the sysctls can be set before the bridge exists
 br_netfilter