When creating a TUN device in Linux, on my machine the created TUN device has following flags:
<POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP>
Clearly MULTICAST is listed in there but not BROADCAST. Since TUN device works with IP packets, it's the program that handles the TUN device file that should decide what to do with packets sent to broadcasting address. Moreover, it's also legal for applications to send packets to broadcasting address on TUN device even if BROADCAST flag is not listed on this device.
So why doesn't TUN device have BROADCAST flag?
EDIT: Sorry for the confusion. By TUN device, I don't mean specifically the way OpenVPN uses for tunneling. I mean TUN device in Linux (or other Unix) like described here: http://www.kernel.org/doc/Documentation/networking/tuntap.txt
Best Answer
The key to this is the fact that it's "POINTTOPOINT" ... Your machine directly connects to the remote side, and any actual broadcasts must be generated by your remote end. Sure, if you send a packet to the broadcast address, your remote end will surely pass it on, and will also pass any packets sent to the broadcast address back to you.
In contrast, if you had multiple workstations plugged directly into a switch, your machine could send a broadcast, and it wouldn't require any
gatewayto re-transmit that broadcast to the other peers.