Here's the configuration for the interface:
# ifconfig virbr0
virbr0: flags=4355 mtu 1500
inet 192.168.11.1 netmask 255.255.255.255 broadcast 255.255.255.255
ether 52:54:00:99:e3:0d txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# ip link show virbr0
13: virbr0@NONE: mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT
link/ether 52:54:00:99:e3:0d brd ff:ff:ff:ff:ff:ff
I am able to ping, establish TCP connections, etc to 192.168.11.1, but tcpdump reports
0 packets captured 0 packets received by filter 0 packets dropped by kernel
UPDATE
I have discovered that if I assign the address to a veth interface, put it in a network namespace, then attach the other end of the veth pair to the virbr interface, all packets are shown on tcpdump on the virbr interface. However the original question still stands.
Best Answer
tcpdumpoperates at the link level by opening a packet socket[1]. It sits right beneath the interface, so it intercepts inbound packets off the hardware and outbound packets from an interface. When you send a packet to that interface in the kernel, the packet has reached its destination and is not sent out via the interface. For the curious, here is the relevant code[2].[1] http://man7.org/linux/man-pages/man7/packet.7.html
[2] https://github.com/the-tcpdump-group/libpcap/blob/master/pcap-linux.c#L3281