I have a small topology of virtualized machines (one PFSense Firewall and a Windows 7 box for testing connectivity).
The host has two bridge interfaces configured
br0 connects the host WAN (eno3) and PFSense WAN (xn0). This provides the internet connectivity for both hosts. I can successfully connect to both from the outside.
br1 connects the PFSense LAN (xn1) to the virtual adapters of the other guests (Windows 7 for this case).
My problem is that for whatever reason I cannot get hosts inside br1 to ping each other. If I add an address to br1 from the host I am able to send and receive pings to both guest's IP addresses and they can ping the host address. In checking Wireshark I can see the two hosts broadcasting ARP to find the other machine.
but does not ever turn into a successful ping. I've tried disabling the firewall on the Windows 7 client but it still does not work.
I had experience similar issue while using the VirtIO drivers. I have changed all the guest systems Ethernet drivers to e1000e in order to solve it.