Ubuntu 16 KVM create bridge for multiple guests

Question

RESOLVED IT, SEE EDIT AT BOTTOM

I am running Ubuntu server 16.04.1 on a bare metal with multiple NIC's. At the Ubuntu I am running KVM and on it I have some VM's running Ubuntu server 16.

I wish to create the following networking structure:

1. a private network that is not exposed to the outside network that all my guests VM's will share and by it the host would be able to SSH to them.

2. a bridge to some of the hosts NIC's that I can attach and detach when I need to. for the question let's say i have 1 NIC and its ip address is 10.0.0.6, its connected to a router that is connected to the web.

I thought I got it to work but for some reason now it is not working and my guests can only access the 10.x.x.x network but cannot access the outer network (no ping to 8.8.8.8).

I think that for some reason only one guest can access the internet at a time, and maybe I need to understand better the bridge concepts.

My Host /etc/network/interfaces looks like:

    auto br1
    iface br1 inet static
        address 10.0.0.6
        netmask 255.255.255.0
        gateway 10.0.0.138
        broadcast 10.0.0.255
        dns-nameservers 8.8.8.8 4.2.2.2
        bridge_ports eno1
        bridge_stp off
        bridge_fd 0
        bridge_maxwait 0
        post-up ip link set br1 address xx:xx..

where instead of xx:xx.. i got 'eno1' MAC address, and eno1 is the NIC through which the host is connected to the internet, and its IP is 10.0.0.6 and the router's (actually a firewall..) IP is 10.0.0.138

This is the command I use to attach the br1 bridge to a guest:

virsh attach-interface server_name --type bridge --source br1 --model virtio --live

Now at the KVM I defined a virtual network as following :

<network>
  <name>privatenet</name>
  <uuid>some uuid that the virsh generated</uuid>
  <bridge name='privatebr0' stp='on' delay='0'/>
  <mac address='52:54:00:36:61:7a'/>
  <ip address='192.168.0.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.0.2' end='192.168.0.254'/>
    </dhcp>
  </ip>
</network>

And now my guests /etc/network/interfaces looks like:

auto ens3
iface ens3 inet static
        address 192.168.0.22
        gateway 192.168.0.1
        netmask 255.255.255.0
        broadcast 192.168.0.255

auto ens8
iface ens8 inet dhcp

this is the guests ifconfig result:

ens3      Link encap:Ethernet  HWaddr 52:54:00:e4:b2:06  
          inet addr:192.168.0.21  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::5054:ff:fee4:b206/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6066 errors:0 dropped:20 overruns:0 frame:0
          TX packets:1100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:379362 (379.3 KB)  TX bytes:566124 (566.1 KB)

ens8      Link encap:Ethernet  HWaddr 52:54:00:cc:78:12  
          inet addr:10.0.0.21  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::5054:ff:fecc:7812/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5494 errors:0 dropped:0 overruns:0 frame:0
          TX packets:343 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:804727 (804.7 KB)  TX bytes:20928 (20.9 KB)

I can ping other computers that are connected to 10.x.x.x network but can't ping 8.8.8.8

what am I missing?

EDIT: OK, so seems like me attaching and detaching the interfaces caused that the same host will be registered with different mac addresses and ip addresses, and the firewall didn't like it for some reason. I rested the addresses at the firewall and now i use --mac at the attaching command, and static IP.