Thank you for the response but perhaps my question wasn't clear enough.
I can see that br0 traffic between VMs is much faster than gigabit could ever provide so it is clear communication is internal.
What I am trying to do is to specify the router VMs use on the unraid side. So instead of the unraid host handling routing to the physical LAN network (as it does when virbr0) I would like the VMs to use another VM as the gateway. They would only have access to the internet if the firewall VM was running. The pfsense VM would handle NAT and the firewall would work. This would be great for security. As it is, unraid allows all traffic to flow through which is not something that I want.
In my situation the physical LAN cannot be trusted. Even when VMs use virbr0, any device on the home network can communicate with the virtual machines running on unraid because unraid is creating a NAT bridge which cannot be managed or controlled. Using a dedicated virtual firewall would be a great way to manage this.
The only way that it seems this could be done as it is now is to passthrough a 4 port pcie NIC to the firewall VM and then install a second pcie NIC that unraid could access (br1) and then setting all other VMs to use br1. Then I would need to physically connecting a patch cable between the two network cards. And then also run another ethernet drop to connect the firewall's WAN port on its passthrough NIC to the home router.
That approach seems convoluted and the VMs are still using bridged connections. If this could be virtualized (this should be possible, I'm just not sure how to do it with unraid) I wouldn't have to use my two pcie slots for such a hack