If you don’t have any services using the 10.0.0.11 address on your LXD host currently, then removing it from the host and moving it into the container using the routed NIC type will allow it to be entirely used by the container for ingress and egress traffic.
See How to get LXD containers get IP from the LAN with routed network