read many mails .  and i have some confuse,
              in my env.     my host has only one nic.   and only one unic external IP , and in the host , running two uml instances. here is my will do. 
            i will     ifup tap0 tap1  and assign so as the uml (uml can share the host taps ip , is this will affect the peformance ? prob1 ),
           ifup eth0 211.1..... ,assigh the external ip to host's nic eth0.
           like to run iptables in host . and use nat MASQUERATE for umls so umls can access the out world ip such as . also can use nat so out world can access the external ip , portforword to internal uml.
           user openvpn runs on host . so the users can access the vpn and got an IP ,192.168.0.x, so he can access the uml in the host .
           is that i prepare to do is right ??
          prob2:   why above two running umls the host should use bridge ?    does the host have to use bridge when more than one umls runs in it ?
          prob3:  i am the newbie of tap, so , i understand the tapx just like any nics , is that right ?  if it is . why  the umls use internal ip and host use external ip, they want use tunnel to connect
host and uml or i just misunderstand it ?      maybe the use tunnel connect umls and host , just to use as iptables nat ?

