[...]
Plus these lines:

--------------------8<--------------------
gateway_enable="YES"
ipv6_gateway_enable="YES"
-------------------->8--------------------

Niklaas

No, you should only need the if you want to act as a router for some other
machines.

gateway_enable="YES"
ipv6_gateway_enable="YES"

The following should only be required for normal ipv6

ifconfig_vtnet0_ipv6="inet6 accept_rtadv"
rtsold_enable="YES"

Have a look at these variables, and make sure they are set correctly or on
defaults

ipv6_network_interfaces=vtnet0
or
ipv6_activate_all_interfaces=yes


Also make sure the nic is actually up ie do and ifconfig vtnet0 up

also dont forget to check in rc.conf.local as well as rc.conf

I need these for jails that are connected on lo1 and a VPN tunnel on
tap0. Sorry, in case that was essential information that I did not
provide. Does that change your recommendations?
I will look into these...

Niklaas

i cant remember exactly but i dont think you need them for jails either
unless they are vnet ones (depending on your topology). I could be wrong on
that though.

Niklaas Baudet von Gersdorff <***@niklaas.eu> wrote
in <***@box-hlm-03.niklaas.eu>:

st> Niklaas Baudet von Gersdorff [2016-06-10 08:52 +0200] :
st>
st> > --------------------8<--------------------
st> > ifconfig_vtnet0="DHCP"
st> > ifconfig_vtnet0_ipv6="inet6 accept_rtadv"
st> > rtsold_enable="YES"
st> > -------------------->8--------------------
st> [...]
st> > --------------------8<--------------------
st> > ipv6_defaultrouter="<IPv6-gateway>"
st> > -------------------->8--------------------
st>
st> Plus these lines:
st>
st> --------------------8<--------------------
st> gateway_enable="YES"
st> ipv6_gateway_enable="YES"
st> -------------------->8--------------------

A router does not accept RAs (more strictly, default route
information in RA) because it is a sender of RAs. However, some
devices such as CPE need to behave like a host for the uplink and a
router for the LAN. In that case, an interface on the WAN side has
to accept RAs and one on the LAN side has to send RAs.

On FreeBSD, there is a knob to support it. Set the following
variable to rc.conf in addition to your current configuration:

ipv6_cpe_wanif="vtnet0"

This touches some per-IF flags and sysctls. For more complex
configurations such as having two or more uplinks you need to set
them manually, but if you have only one uplink the above variable
should do the trick.

And, $rtsold_enable is not required unless you want to get DNS server
information from RAs.

-- Hiroki

Thanks a lot for pointing that out! I think I read about the variable
somewhere but I was not sure what it actually does. Is there some place
where I can find more detailed explanation about rc.conf and sysctl
settings except man?
Okay, great. I did not know that.

Very nice layout for writing emails by the way.

Niklaas

Niklaas Baudet von Gersdorff <***@niklaas.eu> wrote
in <***@box-hlm-03.niklaas.eu>:

st> Hiroki Sato [2016-06-10 22:50 +0900] :
st>
st> > A router does not accept RAs (more strictly, default route
st> > information in RA) because it is a sender of RAs. However, some
st> > devices such as CPE need to behave like a host for the uplink and a
st> > router for the LAN. In that case, an interface on the WAN side has
st> > to accept RAs and one on the LAN side has to send RAs.
st> >
st> > On FreeBSD, there is a knob to support it. Set the following
st> > variable to rc.conf in addition to your current configuration:
st> >
st> > ipv6_cpe_wanif="vtnet0"
st>
st> Thanks a lot for pointing that out! I think I read about the variable
st> somewhere but I was not sure what it actually does. Is there some place
st> where I can find more detailed explanation about rc.conf and sysctl
st> settings except man?

Unfortunately there is no documentation other than manual page
because this is a bit tricky. rc.conf(5) explains as follows:

----
ipv6_cpe_wanif

(str) If the variable is set to an interface name, the
ifconfig(8) options ``inet6 -no_radr accept_rtadv'' will be
added to the specified interface automatically before evalu-
ating ifconfig_<interface>_ipv6, and two sysctl(8) variables
net.inet6.ip6.rfc6204w3 and net.inet6.ip6.no_radr will be set to
1.

This means the specified interface will accept ICMPv6 Router
Advertisement messages on that link and add the discovered
routers into the Default Router List. While the other inter-
faces can still accept RA messages if the ``inet6 accept_rtadv''
option is specified, adding routes into the Default Router List
will be disabled by ``inet6 no_radr'' option by default. See
ifconfig(8) for more details.

Note that ICMPv6 Router Advertisement messages will be accepted
even when net.inet6.ip6.forwarding is 1 (packet forwarding is
enabled) when net.inet6.ip6.rfc6204w3 is set to 1.

Default is ``NO''.
----

-- Hiroki

So where would I start to look for further explanations on
net.inet6.ip6.rfc6204w3 and net.inet6.ip6.no_radr? sysctl.conf(5) and
sysctl(8) don't mention anything about them.

Niklaas

Niklaas Baudet von Gersdorff <***@niklaas.eu> wrote
in <***@box-hlm-03.niklaas.eu>:

st> Hiroki Sato [2016-06-11 05:37 +0900] :
st>
st> > Unfortunately there is no documentation other than manual page
st> > because this is a bit tricky. rc.conf(5) explains as follows:
st> >
st> > ----
st> > ipv6_cpe_wanif
st> >
st> > (str) If the variable is set to an interface name, the
st> > ifconfig(8) options ``inet6 -no_radr accept_rtadv'' will be
st> > added to the specified interface automatically before evalu-
st> > ating ifconfig_<interface>_ipv6, and two sysctl(8) variables
st> > net.inet6.ip6.rfc6204w3 and net.inet6.ip6.no_radr will be set to
st> > 1.
st>
st> So where would I start to look for further explanations on
st> net.inet6.ip6.rfc6204w3 and net.inet6.ip6.no_radr? sysctl.conf(5) and
st> sysctl(8) don't mention anything about them.

Yes. "no_radr" can be found in ifconfig(8) manual page since it is
related to one of the per-IF flags which has the same name.
"rfc6204w3" is only documented in the result of "sysctl -d
net.inet6.ip6.rfc6204w3".

-- Hiroki

This is what I was looking for. Thanks a lot.

Niklaas