@netblues
Sorry for the heavy handed smudging, wanted to be sure I was t posting unnecessary details re MAC or private addresses, I've tried to be more selective in this response.
Heres the diagnostics that led me to think its something to do with the Ipv6 tunnel to AirVPN.
From my local subnet my local PC gets a IPv4 and IPv6 address
With the egress gateway set to default I can a IP test site ping over both IPv4 and IPv6
% ping -c 3 ifconfig.co
PING ifconfig.co (104.28.18.94): 56 data bytes
64 bytes from 104.28.18.94: icmp_seq=0 ttl=54 time=508.991 ms
64 bytes from 104.28.18.94: icmp_seq=1 ttl=54 time=47.812 ms
64 bytes from 104.28.18.94: icmp_seq=2 ttl=54 time=77.452 ms
% ping6 -c 3 ifconfig.co
PING6(56=40+8+8 bytes) 2605:e000:xxxx:xxxx:9051:ad0b:d360:b654 --> 2606:4700:3032::681c:125e
16 bytes from 2606:4700:3032::681c:125e, icmp_seq=0 hlim=56 time=88.167 ms
16 bytes from 2606:4700:3032::681c:125e, icmp_seq=1 hlim=56 time=92.328 ms
16 bytes from 2606:4700:3032::681c:125e, icmp_seq=2 hlim=56 time=127.620 ms
I can also get an IP address back from curl'ing the site over both IPv4 and IPv6 so I think can correctly conclude my basic DNS, routing and transport is working correctly over the default non VPN gateway.
% curl ifconfig.co
199.249.223.130
% curl -6 ifconfig.co
2605:e000:xxxx:xxxx:9051:ad0b:d360:b654
If I change my gateway to VPN_WAN_V6 for ICMP and TCP/UDP both pings and curl stop functioning. They just hang.
ping6 ifconfig.co
PING6(56=40+8+8 bytes) 2605:e000:xxx:xxx:9051:ad0b:d360:b654 --> 2606:4700:3034::681c:135e
^C
% curl -6 ifconfig.co
^C
I'm not sure this is useful, but heres the ifconfig of the openvpn interface
ovpnc1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet6 fe80::ae1f:6bff:fe73:87e0%ovpnc1 prefixlen 64 scopeid 0x1c
inet6 fde6:7a:7d20:5a2::1001 prefixlen 64
inet 10.9.162.3 --> 10.9.162.1 netmask 0xffffff00
groups: tun openvpn
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
Opened by PID 84260
I'm sure this is a newbie IPv6 user error, theres something I'm not understanding clearly like a possible need to do some address translation for IPv6 traffic egressing over a IPv6 link established in a IPv4 tunnel?
thanks for reading and any suggestions.