Linux – Creating a private network for two VMs

I am trying to create two VMs which are both connected to the same private network. I'm using Linux with qemu-kvm 1.0.

My plan of attack has been this:

brctl addbr bridge
ifconfig bridge up
tunctl -t tap1
tunctl -t tap2
ifconfig tap1 up
ifconfig tap2 up
brctl addif bridge tap1
brctl addif bridge tap2
qemu-kvm -net nic,macaddr=52:54:00:11:22:33 -net tap,ifname=tap1 disk1.img
qemu-kvm -net nic,macaddr=52:54:00:44:55:66 -net tap,ifname=tap2 disk2.img

Once booted, I give the first machine the IP address 192.168.100.5, and the second 192.168.100.10.

At this point, when I try pinging one VM from the other, there is no ping response. However, using Wireshark, I see that ARP requests are sent and responded to, and I verified that the ARP caches do contain the information on the other VMs. Yet no ping replies are generated (as seen via Wireshark).

Next, I tried giving the bridge an IP address of 192.168.100.1. After doing this, pinging between VMs works, but there is still a problem: now all requests appear to be coming from the bridge itself. For example, if I connect from one VM to the other's FTP server, running netstat on the VM with the FTP server shows that 192.168.100.1 is the source. Connections work as they do across NAT, but as with NAT, the source address is not that of the originating machine. I've tried this with net.ipv4.ip_forward both on and off, and masquerading (iptables -t nat -A POSTROUTING -j MASQUERADE) on and off, with the same results.

What I really want is for my VMs to act as though they're plugged into a switch: it should be transparent. I'm more concerned with the source address looking like the bridge than the bridge requiring an IP. The latter is somewhat annoying, but the former is a blocker for me.