if it’s ok to create vpn on layer 3 (one more hop between subnets) – go for tun.
if you need to bridge two ethernet segments in two different locations – then use tap. in such setup you can have computers in the same ip subnet (eg 10.0.0.0/24) on both ends of vpn, and they’ll be able to ‘talk’ to each other directly without any changes in their routing tables. vpn will act like ethernet switch. this might sound cool and is useful in some cases but i would advice not to go for it unless you really need it. if you choose such layer 2 bridging setup – there will be a bit of ‘garbage’ (that is broadcast packets) going across your vpn.
using tap you’ll have slightly more overhead – besides ip headers also 38B or more of ethernet headers are going to be sent via the tunnel (depending on the type of your traffic – it’ll possibly introduce more fragmentation).