Routing help, broadcast/unicast flooded network?

Hi,

I have Lede installed on my Wndr3700 router. I attached to it a Raspberry Pi with a VPN connection to it.

Local network on Wndr3700 is 192.168.2.0/24.
Pi has IP address: 192.168.2.100
Remote network is 192.168.1.0/24

Routing on Pi is:

pi@raspberrypizero:~ $ ip route
default via 192.168.2.1 dev eth0 
192.168.1.0/24 via 192.168.5.1 dev wg0 
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.100 
192.168.5.0/24 dev wg0  proto kernel  scope link  src 192.168.5.2 

Static route on LEDE router:

Interface: LAN
Target: 192.168.1.0/24
Ipv4 netmask: 255.255.255.0
Ipv4 gateway: 192.168.2.100
Route type: unicast

So If I try to access a remote device: 192.168.1.xx the request is routed to 192.168.2.100 (Pi) then Pi is redirecting this request to 192.168.5.1 (dev wg0, VPN).

This part is working fine.

The problem? I see unusual high traffic on the Pi (many many gigabytes).

I checked the situation with iptraf, iftop on the Pi and I see many request from local devices?! I have a feel that Pi/network is flooded with unicast/broadcast packets?

Is this a static route setup problem?

I investigated more: on Pi I had an old installation of dnsmasq and I think network devices found this dns server and used it. Interesting how, because on every device the dns server is set to the Lede router (192.168.2.1) not the Pi.

Here is what I captured on tcpdump on Pi's eth0:

192.168.2.39 (Samsung TV) has nothing to do with the 192.168.2.100 (Pi) but it's requested trough this address.

It's not clear what your question is. Disable dnsmasq on the pi, renew the DHCP on every device so leases handed out by the pi are not being used, then see what problems you experience.

I'm also unable to understand the problem.

It seems you've configured your Pi to be a DHCP (and DNS) server. It then appears that you have the Pi device querying an upstream DNS server at 192.168.2.1.

What problem do you wish to solve?