Since I switched to opnsense a week ago, I've noticed that new IPv6 connections are delayed from one Linux host to another (within my subnet or outside...see below). After the first connection (e.g. ping6 host) then connections are instantaneous until I leave it idle for a few minutes. Windows clients don't seem to have this issue.
At first I thought this was a DNS issue, so I added an IPv6 entry in /etc/hosts on my client PC, but it didn't make a difference. This is response highlights the issue...the delay is long enough that the host initially doesn't believe a connected route exists, but then is able to continue:
[root@backup ~]# ping -6 dns.example.com
PING dns.example.com(dns.example.com (::244::10)) 56 data bytes
From backup.example.com (::10::30) icmp_seq=1 Destination unreachable: Address unreachable
64 bytes from dns.example.com (::244::10): icmp_seq=2 ttl=63 time=0.583 ms
64 bytes from dns.example.com (::244::10): icmp_seq=3 ttl=63 time=0.659 ms
This is highly repeatable if I wait just a few minutes between tests. Is there some dynamic routing in IPv6 that I can fix so that it isn't doing the discovery every few minutes? I had no such issues with my Ubiquiti config with the same prefix and tunnel (HE.net) end point.
I just noticed that ipv6.google.com exhibits the same (again from a Linux host) with opnsense as my gateway.
[root@backup ~]# ping ipv6.google.com
PING ipv6.google.com(yyz10s05-in-x0e.1e100.net (2607:f8b0:400b:80c::200e)) 56 data bytes
From backup.example.com (::10::30) icmp_seq=1 Destination unreachable: Address unreachable
64 bytes from yyz10s17-in-x0e.1e100.net (2607:f8b0:400b:80c::200e): icmp_seq=2 ttl=120 time=9.44 ms
64 bytes from yyz10s17-in-x0e.1e100.net (2607:f8b0:400b:80c::200e): icmp_seq=3 ttl=120 time=9.06 ms
64 bytes from yyz10s05-in-x0e.1e100.net (2607:f8b0:400b:80c::200e): icmp_seq=4 ttl=120 time=9.31 ms
one consequence is that ssh -6 often fails in a script as it sees the connection as a failure. ssh -4 always works fine.