Site-to-Site Ethernet Bridging with OpenVPN

auto br1
iface br1 inet static
  address 10.10.99.1
  netmask 255.255.255.0
  bridge_ports  none # or eth0 if you bridge to a phys nic
  bridge_stp    off  # for virtual-only bridges
  bridge_fd     0    # same
  bridge_maxage 12   # ...
  # allow (local) multicast traffic to pass through
  post-up route add -net 224.0.0.0 netmask 240.0.0.0 dev br1

# so the scripts always get the same tap device
dev tap0
# can do without this
ifconfig-pool-persist ipp.txt
# for more than one client
client-to-client
#             local ip                 'dhcp'-start 'dhcp'-end
server-bridge 10.10.99.1 255.255.255.0 10.10.99.100 10.10.99.150
script-security 2
up "/etc/openvpn/up.sh"

#!/bin/sh
echo bringing up tap0
/sbin/ifconfig tap0 up promisc
/usr/sbin/brctl addif br1 tap0

auto br1
iface br1 inet manual
  bridge_ports  none # or eth0 if you bridge to a phys nic
  bridge_stp    off  # for virtual-only bridges
  bridge_fd     0    # same
  bridge_maxage 12   # ...

# so the scripts always get the same tap device
dev tap0
script-security 2
ifconfig-noexec
up "/etc/openvpn/up.sh"
route-up "/etc/openvpn/route-up.sh"

#!/bin/sh
echo bringing up tap0
/sbin/ifconfig tap0 up promisc
/usr/sbin/brctl addif br1 tap0

#!/bin/sh
echo removing old ips
while ip -f inet addr del dev br1; do echo .; done
echo adding ip address
ip a add ${ifconfig_local}/24 dev br1
route add -net 224.0.0.0 netmask 240.0.0.0 dev br1