To update this: I think it ended up being the IPv6 Ping website I was using located in Denmark. I've since tried other ones and the ping seems to be working correctly. Thank you for your responses.

Known issue http://redmine.pfsense.org/issues/2129

ls -l /usr/local/pkg see if there is a file there that you don't recognize.

now I have setup Multi-ipv6 tunnels in adsl.  using config the Static Routes and NTP show all ipv6 tunnels online. but only out visit work, the second ipv6 can't visit from internet. I want to setup multi-ipv6 network, when one ipv6 slow then change use the second ipv6 for my web server etc. I think should allow setup multi ipv6 network address for the same LAN? I can offer login my router account. if your need it.

:-[ I think i must wake myself up… [slaps myself in the face] Thanks for the quick replay…

After making changes on the state and reboot it for 2x, the box freezed :( I saw no errors. I cant even connect to ssh pf menu.. Ill reformat it now and use the latest snapshot http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/i386/pfSense_HEAD/livecd_installer/pfSense-LiveCD-2.1-DEVELOPMENT-i386-20120409-1444.iso.gz

Ok, thanks again. Regarding gif interfaces. I now figured out how to do 6to4 using gif instead of stf0/stf1. I am unsure wheter the /48 prefix instead of /16 will increase the latency. I still have to figure out how to circumvent this. I followed http://ipv6int.net/systems/freebsd-ipv6.html and configured pfsense using the webinterface accordingly. interfaces/assign/gif/"+". wan/gif remote address: 192.88.99.1 gif tunnel local address: 2002:[myipv4address]:: gif tunnel remote address: 2002:c058:6301::/128 save. Then I created an opt interface, assigned gif 192.88.99.1 and configured ipv6 only with an address of gif tunnel local address: 2002:[myipv4address]::1/48 Following the same method for the other interface, while the first is using a default gateway of ::192.88.99.1 and the other just a gateway of ::192.88.99.1 did the trick. I am still investigating…

I have test for PPPoE in ipv6 tunnel MTU is 1420.

@Matthias: I'm not sure this can be marked solved as there really isn't an answer as to why this was happening. I seem to be having the same issue right now ever since upgrading to the latest snapshots. I'll randomly lose my IPv6 connectivity, the gateway is still up and I can ping ipv6 addresses from the firewall but not from any of my LAN workstations. My last known working config was the pfSense-Full-Update-2.1-DEVELOPMENT-i386-20111125-1741.tgz post info in a new thread, there are countless reasons this can happen and it's not likely yours is the same as the OP's. HE.net has been flaky for me of late, you may be seeing the same, or there may be some kind of issue. Post a new thread with traceroute6 output from a LAN host when it's not working.

Split this off the old thread because it's really different (the old thread was many months old). What mask were you using when setting up the interface? I haven't seen it change a ::2 into a ::1 myself.

I got the idea from http://technet.microsoft.com/en-us/library/cc784800(v=WS.10).aspx.  My thinking is, rather than having to reconfigure a backup if the primary fails, why not have the backup in a sort of hot-standby mode.  Right now, configured as it is, both DCs are acting as Always/Always Reliable time sources (both have AnnounceFlags set to 5).  And, being identically configured and synchronized to the same source, they should converge to being as closely synchronized with one another as they would be if one were directly synchronized to the other.  I could disable the NtpServer setting on the backup if I only wanted one time source available at a time, but leave the NtpClient enabled so it would remain in sync.  What could go wrong with this scenario if I leave it as it is?  If I disable NtpServer on the backup?  (Not rhetorical questions  ;D) Yeah, I am questioning why I don't just bypass the pfSense box entirely and sync directly to NIST.  Still nothing in the OpenNTPD log; I don't get that.  I might have determined the IPv6 problem faster with better feedback from the server and logs.  It is keeping my DCs within 0.05 seconds of NIST, though, and it is in default mode (there is no other :)), so whatever traffic is getting sent over my WAN is (un)throttled by OpenNTPD.  I need to check that for curiosity's sake. What do you mean by your final statement?  Something tells me this relates to my last question in the last post.  I get NTP's making clock adjustments and I get that there is a tipping point at which NTP will just resync the time (even though it may appear to "skip" briefly) instead of adjusting the clock rate for a more gradual convergence.  My question is: does the polling interval get adjusted as well?  As the clock becomes more accurate relative to the trusted source, are fewer polls necessary (and hence fewer used) in a given time span to keep it accurate?  That would seem sensible and the presence if MinPollInterval and MaxPollInterval would seem to verify that being the case, but that would mean there would be more traffic at the beginning of the synchronization process and less as it continued.  Why did my client allow over four hours to elapse before correcting an eight second discrepancy?  Did the size of the discrepancy (small by NTP's reckoning?) affect the duration of the polling interval?  The default MaxPollInterval when clients are configured manually is 1024 seconds (about 17 minutes), but it must be considerably longer when the clients are in automatic mode (or else I'm missing something).

exactly.. its only the pfsense traffic.  Where I noticed the slow down was it using my ipv6 tunnel when talking to root dns. I want the ability to use ipv6 for dns when I am testing it, but I don't want that to be the default, etc. I would be a nice feature to be able to choose this - when running native it might not matter for latency.. But I can tell for sure that my he tunnel is slower than ipv4

You can make a merge request on github with the change.

I did a pkg_delete -f on the curl package then removed git. After this I reinstalled git, it installed curl, then I did a gitsync as usual. This time around it worked after the reboot. I believe the issue was a problem with the curl package from before probably being a 32-bit one.

Try not using the first address as your static LAN address. I was having trouble until I set my LAN interface to ::10 (and adjusted the DHCP pool accordingly). I think the first few addresses are used by the ISP. Cheers, Keith

I made this change and now have the desired functionality.  Actually, I changed the line following the one highlighted at https://github.com/bsdperimeter/pfsense/blob/master/etc/inc/filter.inc#L2286 because it is the one causing me problems.  Now that it's blocking and logging, I can confirm beyond a shadow of doubt that RAs are being sent down the gif tunnels too when not blocked.  Thanks for the assistance!  Now, I think I'll tinker with fixing the RAs.  :)