diff --git a/ansible/group_vars/all/seed-hypervisor b/ansible/group_vars/all/seed-hypervisor
index 1c1662f32..dc3c652fa 100644
--- a/ansible/group_vars/all/seed-hypervisor
+++ b/ansible/group_vars/all/seed-hypervisor
@@ -20,6 +20,9 @@ seed_hypervisor_default_network_interfaces: "{{ seed_default_network_interfaces
 # List of extra networks to which seed hypervisor nodes are attached.
 seed_hypervisor_extra_network_interfaces: "{{ seed_extra_network_interfaces }}"
 
+# Whether to enable SNAT on seed hypervisor node. Default is false.
+seed_hypervisor_enable_snat: false
+
 ###############################################################################
 # Seed hypervisor node software RAID configuration.
 
diff --git a/ansible/group_vars/seed-hypervisor/snat b/ansible/group_vars/seed-hypervisor/snat
new file mode 100644
index 000000000..1e5368b2c
--- /dev/null
+++ b/ansible/group_vars/seed-hypervisor/snat
@@ -0,0 +1,3 @@
+---
+# Whether to enable SNAT on seed hypervisor node.
+enable_snat: "{{ seed_hypervisor_enable_snat }}"
diff --git a/ansible/group_vars/seed/snat b/ansible/group_vars/seed/snat
new file mode 100644
index 000000000..179bbf97e
--- /dev/null
+++ b/ansible/group_vars/seed/snat
@@ -0,0 +1,3 @@
+---
+# Whether to enable SNAT on seed node.
+enable_snat: "{{ seed_enable_snat }}"
diff --git a/ansible/ip-routing.yml b/ansible/ip-routing.yml
index 6d643187d..452914cc5 100644
--- a/ansible/ip-routing.yml
+++ b/ansible/ip-routing.yml
@@ -2,9 +2,9 @@
 # Enable IP routing in the kernel.
 
 - name: Ensure IP routing is enabled
-  hosts: seed
+  hosts: seed-hypervisor:seed
   tags:
     - ip-routing
   roles:
     - role: ip-routing
-      when: seed_enable_snat | bool
+      when: enable_snat | bool
diff --git a/ansible/snat.yml b/ansible/snat.yml
index 23cdd0c22..11d04a3ee 100644
--- a/ansible/snat.yml
+++ b/ansible/snat.yml
@@ -2,7 +2,7 @@
 # Enable SNAT using iptables.
 
 - name: Ensure SNAT is configured
-  hosts: seed
+  hosts: seed-hypervisor:seed
   tags:
     - snat
   vars:
@@ -11,4 +11,4 @@
         source_ip: "{{ ansible_facts.default_ipv4.address }}"
   roles:
     - role: snat
-      when: seed_enable_snat | bool
+      when: enable_snat | bool
diff --git a/doc/source/configuration/reference/hosts.rst b/doc/source/configuration/reference/hosts.rst
index 9f42e12c9..e0844fee7 100644
--- a/doc/source/configuration/reference/hosts.rst
+++ b/doc/source/configuration/reference/hosts.rst
@@ -507,6 +507,11 @@ allows it to be used as a default gateway for overcloud hosts. This is disabled
 by default since the Xena 11.0.0 release, and may be enabled by setting
 ``seed_enable_snat`` to ``true`` in ``${KAYOBE_CONFIG_PATH}/seed.yml``.
 
+The seed-hypervisor host also can be configured the same way to be used as a
+default gateway. This is disabled by default too, and may be enabled by setting
+``seed_hypervisor_enable_snat`` to ``true``
+in ``${KAYOBE_CONFIG_PATH}/seed-hypervisor.yml``.
+
 Disable cloud-init
 ==================
 *tags:*
diff --git a/etc/kayobe/seed-hypervisor.yml b/etc/kayobe/seed-hypervisor.yml
index 26cfbe594..ac72fcd3d 100644
--- a/etc/kayobe/seed-hypervisor.yml
+++ b/etc/kayobe/seed-hypervisor.yml
@@ -18,6 +18,9 @@
 # List of extra networks to which seed hypervisor nodes are attached.
 #seed_hypervisor_extra_network_interfaces:
 
+# Whether to enable SNAT on seed hypervisor node. Default is false.
+#seed_hypervisor_enable_snat:
+
 ###############################################################################
 # Seed hypervisor node software RAID configuration.
 
diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py
index 92d308275..afc95bb43 100644
--- a/kayobe/cli/commands.py
+++ b/kayobe/cli/commands.py
@@ -449,7 +449,8 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
             playbooks += _build_playbook_list("wipe-disks")
         playbooks += _build_playbook_list(
             "users", "dev-tools", "network", "firewall", "tuned", "sysctl",
-            "time", "mdadm", "luks", "lvm", "seed-hypervisor-libvirt-host")
+            "ip-routing", "snat", "time", "mdadm", "luks", "lvm",
+            "seed-hypervisor-libvirt-host")
         self.run_kayobe_playbooks(parsed_args, playbooks,
                                   limit="seed-hypervisor")
 
diff --git a/kayobe/tests/unit/cli/test_commands.py b/kayobe/tests/unit/cli/test_commands.py
index ab61ddd90..b49d0ade4 100644
--- a/kayobe/tests/unit/cli/test_commands.py
+++ b/kayobe/tests/unit/cli/test_commands.py
@@ -331,6 +331,8 @@ class TestCase(unittest.TestCase):
                     utils.get_data_files_path("ansible", "firewall.yml"),
                     utils.get_data_files_path("ansible", "tuned.yml"),
                     utils.get_data_files_path("ansible", "sysctl.yml"),
+                    utils.get_data_files_path("ansible", "ip-routing.yml"),
+                    utils.get_data_files_path("ansible", "snat.yml"),
                     utils.get_data_files_path("ansible", "time.yml"),
                     utils.get_data_files_path("ansible", "mdadm.yml"),
                     utils.get_data_files_path("ansible", "luks.yml"),
diff --git a/releasenotes/notes/seed-hypervisor-snat-3f4844bd1156bce9.yaml b/releasenotes/notes/seed-hypervisor-snat-3f4844bd1156bce9.yaml
new file mode 100644
index 000000000..4b3c6452b
--- /dev/null
+++ b/releasenotes/notes/seed-hypervisor-snat-3f4844bd1156bce9.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Adds a new variable ``seed_hypervisor_enable_snat`` that allows users to
+    enable SNAT service on the seed hypervisor. The default value is ``false``.