I have a network, set up basically as per the diagram below.
I have set up PPTP* connections so that traffic may flow between sites (with 'Main Branch' running as PPTP server). The goal is to have hosts on each subnet able to talk to hosts on any other subnet, reliably and with optimal efficiency.
However, I have gone wrong somewhere. The links perform poorly (MTU/MRRU problem?), are unreliable, and have weird side-effects.. Like ARP entries for clients at Site A are 'leaking' over to the Main Branch (something to do with proxy-arp?), where the DHCP server there must still have a lease, so the client comes up with IP address conflict until the PPTP bridge is disabled/router is rebooted, even though the DHCP servers are giving leases on different subnets. Sometimes the static routes to other sites won't work at all, then will suddenly come good. It's all very erratic.
Sometimes when I am at Site B and when I ping the gateway (192.168.88.1), traffic goes out through the PPTP interface to the main branch, then back through, and takes ~50ms!
Long story short, something's gone wrong and I need to re-do all this properly.
1) Do I need my bridge interface (on both routers?) set to proxy-arp for this setup?
2) Do I need a NAT rule on the Site A/Site B routers to masquerade NAT the VPN interface?
3) What is the best way to add the static routes on the Site A/Site B routers? should 'gateway' be the PPP interface or the remote/local IP address? Should I be using distance?
Please help! I'm really stuck with this and have been tinkering for too many weekends!
*(Intending to change to IPSec L2TP later)