I've got ProxmoxVE2.1 ruled KVM node on Debian and bunch of VM's guests machine. That is how my networking looks like:

# network interface settings
auto lo
iface lo inet loopback

# device: eth0
auto  eth0
iface eth0 inet static
    address   175.219.59.209
    gateway   175.219.59.193
    netmask   255.255.255.224
    post-up echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp

And I've got two working subnet solution

auto vmbr0
iface vmbr0 inet static
    address   10.10.0.1
    netmask   255.255.0.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up ip route add 10.10.0.1/24 dev vmbr0

This way I can reach internet, to resolve outside hosts, update and download everything I need but can't reach one guest VM out of any other VM's inside my network.

The second solution allows me to communicate between VM's:

auto vmbr1
iface vmbr1 inet static
    address   10.10.0.1
    netmask   255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING  -s '10.10.0.0/24' -o vmbr1 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '10.10.0.0/24' -o vmbr1 -j MASQUERADE

I can even NAT internal addresses:

-t nat -I PREROUTING -p tcp --dport 789 -j DNAT --to-destination 10.10.0.220:345

My inexperienced mind is ready to double VM's net adapters: one for the first solution and another - for second (with slightly different adresses) but I'm pretty sure that it's a dumb way to resolve the problem and everything can be resolved via iptables/ip route rules that I can't create.

I've tried a dozen of "wizard manuals" and "howto's" to mix both solution but without success. Looking for an advice (and good reading links for networking begginers).