diff --git a/README.md b/README.md
index 7574638..bc93eeb 100644
--- a/README.md
+++ b/README.md
@@ -60,6 +60,26 @@ Because we need to "hijack" traffic to the metadata API IP address `169.254.169.
 `iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp --dport 80 --syn -j REDIRECT --to-port 1024`  
 Don't forget to persist this iptables rule across reboots with some sort of script (`iptables-persistent` apt package is a good candidate)
 
+Kernel Parameters
+-----------------
+Newer kernels require kernel parameters to be set in order for iptables to intercept traffic over bridged networks
+
+You must enable the `br_netfilter` kernel module with this command:
+
+`modprobe br_netfilter`
+
+Then, enable the kernel settings:
+
+`sysctl -w net.bridge.bridge-nf-call-arptables=1`
+
+
+`sysctl -w net.bridge.bridge-nf-call-iptable=1`
+
+
+Make sure you set the parameters in `/etc/sysctl.conf` to persist across reboots
+
+See here for more info: http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf
+
 Known issues
 ------------