Your traffic should never go to the router running VM to VM. This has nothing to do with getting it’s own IP address.
There is absolutely a way to do this. It’s a little more advanced setup, but not hard. It’s simple to configure the host. Create a new vmbr (it’s essentially a virtual switch) and don’t connect the vmbr to physical adapters. Boom, you have a VM-only LAN.
And for that I need to create a new vmbr, right? Cool, thanks. If my physical LAN uses subnet 255.255.255.0 and IPs of 192.168.1.X - what should\could I use for this new vmbr?
I should read more about how it works of course
Yes, create a new vmbr with NO physical NIC attached.
You don’t give the vmbr ANY IP address or subnet. Just IP the VMs in the vmbr with whatever subnet you want to use that’s different from your normal subnet. It doesn’t have to be routable.
Like this? https://i.imgur.com/pAA0pfi.png
I assume the IP address there is the one that can be used by VMs to connect to the host if needed? Or not?
No, don’t give the VMBR an address at all. The VMBR doesn’t need an IP. The settings on the VMBR have no bearing on the VMs attached to it. Remove the IP address.
Think of the VMBR as a dumb switch. That’s it. It doesn’t get an IP address and doesn’t need to be accessible from your LAN.
No, you aren’t understanding.
DO NOT GIVE ANY IP ADDRESS TO THE VMBR AT ALL.
DO NOT PUT ANYTHING IN THE IP SETTINGS.
No need to shout on me, I did not put anything in VMBR:
The screenshot above is not VMBR’s settings, it’s VM’s settings:
If I dont need to put anything in VM’s network settings, where do I set it’s IP?
That is a CONTAINER, not a VM.
I know, does it make a difference in this case? I still need both CTs and VMs to have this kind of network configuration
It does make a difference.
You usually configure the container from the GUI.
You configure a VM from inside the VM.
You can also configure the container from within the container. That will be a manual config inside.
I see. So in case with the container then, how do I give it IP address on vmbr1?
EDIT:
Ah, 10.10.0.1/24 worked. Forgot CIDR.
should be able to edit /etc/network/interfaces inside the container (assuming it’s a debian/ubuntu base)
that should work.
Sorry, we were getting our screens crossed.
Yes, you can put any valid IP in that config.
Cool. Thanks!
Is there any way to include host in this? Or should I just avoid any use case that may require including host into this network? Like sharing samba\nfs from the host?
If you include the host, all traffic should still go over the VMBR0, and never touch the router/physical switch.
Technically, no traffic should EVER leave the vmbr0 when you are communicating vm to vm or host to vm.
Yes that’s what I’m talking about. I mean how do I do this?
And another question that I’m trying to find an answer to - I have a drive with media files on it that I want to mount in a container to share it with other VMs and containers, as discussed. How do I mount it to a container? 
You simply connect a VM/CT to the vmbr0. You don’t have to do anything special. A VMBR acts like a switch. It doesn’t have to go to the router.
Edit the LXC config in /etc/pve/lxc/ and add
mp0: /location/of/host/mount/directory,mp=/mount/point/on/container
