I think it'd be great for a setting in OpenVPN that will automatically account for and block dhcp, UPnP, Nat-PMP, and other services you don't want to cross over a site-to-site VPN. I think there's plenty of us that would find this useful when bridging with tap . I don't think it would take much, just some knowledge around Iptables and ebtables.
Why don't you just use a TUN interface?
If I understand correctly, you are trying to connect one site to another to exchange data, but let each router configure it's own individual networks (DHCP, UPnP, etc.).
To my knowledge, TUN breaks up the broadcast domains and creates routes for each site in the server and pushes them to clients so that only data intended for a client in the other sub net is pushed across the VPN.
Also, TUN tends to be faster due to less unwanted data being pushed across the VPN.
You're right about the tun interface. It would be sufficient for most I do. Sometimes however some applications require being able to send and receive broadcasts. Occasionally when I host a lanparty we link two ends together so multiple users on both ends can play together. Most games allow you to type in an ip, and this should be sufficient. But sometimes it's nice to have the game automatically discovered through broadcasts, or if the option to manually input an ip is not available. The hdhomerun device requires broadcasts, and I cannot see a way around it. Most likely if I want it so bad, I think I will have to implement it myself :)