When you don't have hardware that can do true bridging due to various reasons (many 3G/4G and quite a few DSL or fibre lines don't allow this, especially if there is also VoiP telephone lines involved), you can still do a poor man's bridge mode to have most services that need to be on the Internet facing router to work.
Dynamic DNS services are (currently) an exception to this as the LEDE router will only know the internal IP of the gateway, but not your true public IP given by the ISP. There are command line tools (bind-dig but also others) in LEDE repository that can allow the LEDE router to get the public IP given by the ISP (with the command dig +short myip.opendns.com @resolver1.opendns.com ), but for now the Dynamic DNS package isn't set to use them.
You must configure and enable DMZ feature on the gateway router. DMZ stands for De-Militarized Zone, and means that all traffic that reaches the gateway will be allowed to reach the devices in the DMZ without being blocked by NAT. This is a safe thing to do ONLY if the devices in the DMZ are router/firewalls/servers connected through WAN (or equivalent) ports/interfaces so they are configured to deal with it.
In the following tutorial, the LEDE device will be called “router”, and the other device we are connecting it to will be called “gateway”. I will also assume that you know how to use the LEDE interface (either from SSH or the web interface).
This tutorial above follows the steps defined by Steven Frosty in FAQ -- LTE -- is Bridge Mode supported
Firewall bridge mode support in OpenWrt is provided by the kmod-br-netfilter module.
The following is an example UCI configuration in a LEDE device configured as detailed above.
root@LEDE:~# uci show network network.loopback=interface network.loopback.ifname='lo' network.loopback.proto='static' network.loopback.ipaddr='127.0.0.1' network.loopback.netmask='255.0.0.0' network.globals=globals network.globals.ula_prefix='fdee:11e6:2c49::/48' network.lan=interface network.lan.type='bridge' network.lan.ifname='eth0.1' network.lan.proto='static' network.lan.netmask='255.255.255.0' network.lan.ip6assign='60' network.lan.ipaddr='192.168.1.1' network.lan.dns='220.127.116.11' network.wan=interface network.wan.ifname='eth0.2' network.wan._orig_ifname='eth0.2' network.wan._orig_bridge='false' network.wan.proto='static' network.wan.ipaddr='192.168.2.2' network.wan.netmask='255.255.255.0' network.wan.gateway='192.168.2.1' network.wan6=interface network.wan6.ifname='eth0.2' network.wan6.proto='dhcpv6'