IPv6 dual WAN with OpenVPN breaks connectivity of backup system

[ajr]

 I have a setup where WLANs receive (periodically changing)
 DHCPv6 nets from the DSL router und some LANs receive static
 public IPv6 addresses via a OpenVPN tunnel which also provides
 the route to the internet for them.
 
 This setup works (for me) only if I have deleted the IPv4 address
 of the WAN interface (keeping only the virtual address).
 
 Unfortunately this breaks connectivity of the backup system and
 needs some hack (route through master system) to do firmware update.
 
 How can I replace the hack through some automatic gateway config
 change, e.g. gateway monitoring/scripting ?
 
 Is there a better solution for may dual IPv6 WAN setup ?
 
 
 Thanks, ajr
 
 PS: some details:
 
HA configuration (master/backup)
All interfaces have VIPs via CARP
All IPv4 addresses use NAT

LAN nets
 IPv4: static (rfc1918)
 IPv6: static (subnet from VPN)

WLAN nets (via APs)(all have VIPs via CARP)
 IPv4: static (rfc1918)
 IPv6: Track interface (DHCPv6)
 
WAN Interface (transfer net to VDSL router)
 IPv4: none
 IPv6: DHCPv6

Gateways
 IPv4: VDSL router (if master, VIP, Monitor IP router))
  IPv6: DHCPv6

OpenVPN client(legacy)
 Server Mode: Peer to Peer
 Interface: WAN VIP
 IPv6 Remote Network: ::/1,8000::/1
 

[ajr]

This setup works (for me) only if I have deleted the IPv4 address
 of the WAN interface (keeping only the virtual address).

Can anybody please explain, why it works only with this setup ?

ajr

[ajr]

Unfortunately this breaks connectivity of the backup system and
 needs some hack (route through master system) to do firmware update.
 

Unfortunately I can't get selection of backup gateway as default gateway working.
Even if gateway monitoring is on and "Allow default gateway switching" is on in system->settings->general.
It seems that gateway priority always takes precedence. See attached screenshot.

root@opn2:~ # netstat -rnfinet | grep default
default            192.168.178.1      UGS            igb1

How can I fix this ?