OK so all that looks fine.
I think the actual issue here is that you’re using macvlan and that device type, by design, does not allow the instance to communicate with the host. So its nothing to do with routing, its just not allowed by macvlan.
You could look at using routed NIC type, as you’re not using DHCP inside the container and using static IPs, as this avoids the need for a bridge (lxdbr0 isn’t involved here).
See