Very interesting indeed, I'm going to give this a shot this weekend.

That stuff with mounting with sftp is already beyond my level of Linux knowledge

Did you compare your ifconfig gif0 and the ifconfig of your LAN and WAN with my output as seen on the screenshots above? I'm wondering if I'm missing something there.

Could you perhaps compare the settings from your pfSense configuration using the pfSense web GUI?

First a little OT:
Mounting with sftp is something I only know how to do because until recently, it was the only way to work directly on a clients' ftp-server when building websites. It uses a gui-application called Expandrive, but recently it's become possible in the venerable Transmit as well.

I did glance at your output, but I don't know what to look for.
As far as I can tell, your output look pretty much the same as mine.

The settings from my pfSense configuration in the GUI are as follows, and very much the same as yours.
In fact, the only difference I can see, is the three characters following :1f14:.

Code:

Interfaces -> WANIPv6

Enable Interface is checked
Type: Static IPv6
MAC address: empty
MTU: empty
MSS: empty
IPv6 address: 2001:470:1f14:xxx::2/128
Gateway: HE_NET - 2001:470:xxxx:xxx::1

Both private network blocking options checked.

System -> Routing -> Gateways -> HE_NET

Interface: WANIPV6
Name: HE_NET
Gateway: 2001:470:xxxx:xxx::1
Default gateway is checked
Monitor IP: empty
Description: HE.NET gateway

Interfaces -> (assign) -> GIF

Parent interface: WAN
gif remote address: 216.66.84.46
gif tunnel local address: 2001:470:xxxx:xxx::2
gif tunnel remote address: 2001:470:xxxx:xxx::1 / 64
Route caching is not checked
ECN firendly behaviour is not checked
Description: HE.net ipv6 tunnel

Where is this config.xml located? Can I simply edit it using vi at the console? Could you show me a sample of what you put in there?

Could you perhaps have a look at the screenshots I posted earlier today with the output of my network interfaces and compare those with yours? Maybe I'm missing something crucial in the interface config.

What ISP are you on anyway?

Are you using pfSense behind NAT or directly attachted to your internet line with a public IP?

Config.xml can be found in /cf/conf/config.xml
As you can see in the picture below, I mounted sftp directly in the Finder because I felt it was easier than using the terminal and especially cp and vi.

Then, I edited the xml file directly, did a search for gateway and tried a few different things.
As you can see in the images attached, I ended up with this and it works for me.

I've also attached the v6 part of the output of netstat -rn on my pfSense installation, not sure what everything means.
Gif is the tunnel, lo0 is the loopback, reX are my interfaces and I run both an openvpn and a pptp server, so those are mentioned as well.

Code:

Internet6:
Destination                                              Flags      Netif Expire
default                           2001:470:xxxx:xxxx::1          UGS        gif0
::1                               ::1                           UH          lo0
2001:470:xxxx:xxxx::1              2001:470:xxxx:xxxx::2          UH         gif0
2001:470:xxxx:xxxx::/64            link#2                        U           re1
2001:470:xxxx:xxxx::1              link#2                        UHS         lo0
fe80::%re0/64                     link#1                        U           re0
fe80::290:7fff:fe32:2ef8%re0      link#1                        UHS         lo0
fe80::%re1/64                     link#2                        U           re1
fe80::290:7fff:fe32:2ef9%re1      link#2                        UHS         lo0
fe80::%re2/64                     link#3                        U           re2
fe80::290:7fff:fe32:2efa%re2      link#3                        UHS         lo0
fe80::%re3/64                     link#4                        U           re3
fe80::290:7fff:fe32:2efb%re3      link#4                        UHS         lo0
fe80::%re4/64                     link#5                        U           re4
fe80::290:7fff:fe32:2efc%re4      link#5                        UHS         lo0
fe80::%re5/64                     link#6                        U           re5
fe80::290:7fff:fe32:2efd%re5      link#6                        UHS         lo0
fe80::%lo0/64                     link#8                        U           lo0
fe80::1%lo0                       link#8                        UHS         lo0
fe80::%gif0/64                    link#11                       U          gif0
fe80::290:7fff:fe32:2ef8%gif0     link#11                       UHS         lo0
fe80::%ovpns1/64                  link#12                       U        ovpns1
fe80::290:7fff:fe32:2ef8%ovpns1   link#12                       UHS         lo0
fe80::%pptpd0/64                  link#13                       U        pptpd0
fe80::290:7fff:fe32:2ef8%pptpd0   link#13                       UHS         lo0
ff01:1::/32                       fe80::290:7fff:fe32:2ef8%re0  U           re0
ff01:2::/32                       fe80::290:7fff:fe32:2ef9%re1  U           re1
ff01:3::/32                       fe80::290:7fff:fe32:2efa%re2  U           re2
ff01:4::/32                       fe80::290:7fff:fe32:2efb%re3  U           re3
ff01:5::/32                       fe80::290:7fff:fe32:2efc%re4  U           re4
ff01:6::/32                       fe80::290:7fff:fe32:2efd%re5  U           re5
ff01:8::/32                       ::1                           U           lo0
ff01:b::/32                       2001:470:xxxx:xxxx::2          U          gif0
ff01:c::/32                       fe80::290:7fff:fe32:2ef8%ovpns1 U        ovpns1
ff01:d::/32                       fe80::290:7fff:fe32:2ef8%pptpd0 U        pptpd0
ff02::%re0/32                     fe80::290:7fff:fe32:2ef8%re0  U           re0
ff02::%re1/32                     fe80::290:7fff:fe32:2ef9%re1  U           re1
ff02::%re2/32                     fe80::290:7fff:fe32:2efa%re2  U           re2
ff02::%re3/32                     fe80::290:7fff:fe32:2efb%re3  U           re3
ff02::%re4/32                     fe80::290:7fff:fe32:2efc%re4  U           re4
ff02::%re5/32                     fe80::290:7fff:fe32:2efd%re5  U           re5
ff02::%lo0/32                     ::1                           U           lo0
ff02::%gif0/32                    2001:470:xxxx:xxxx::2          U          gif0
ff02::%ovpns1/32                  fe80::290:7fff:fe32:2ef8%ovpns1 U        ovpns1
ff02::%pptpd0/32                  fe80::290:7fff:fe32:2ef8%pptpd0 U        pptpd0

As for my ISP and connection:
A few months now, I've been using Ziggo so at least you know that your ISP isn't the problem.
pfSense is my NAT, so it has a public v4 address.

Images:

Would you be willing to help me troubleshoot?

Of course I'm willing to help, but I fear that I have may have inadvertently led you to believe that I am rather more proficient at all this than I am.

As I wrote in an earlier post, I simply followed the steps that Databeestje wrote up in his howto but sidestepped the issues I ran into somewhat.
The issue that I had, was that I couldn't get past the part of the howto telling me to edit the gateway as pfSense complained that the v6 address that I entered was outside the chosen interface subnet.
I skipped that step for the time being and finished the howto. Then, I manually edited the gateway in the config.xml file on my pfSense machine and entered the proper v6 address. Having done that I was able to select the gateway in the WANIPv6 interface and the tunnel became operational.

Also, I'm coming from the Mac OS X world, so all this Linux (well, BSD Unix really) stuff is fairly unknown territory for me as well!

Can't believe it did work for some people. They must have done something different. I'm wondering what.

You are right that some people did something different.

I was having the wrong subnet error when trying to add the gateway, so I edited the config.xml file directly using expandrive to mount the sftp as a drive and editing the file directly so I could see whether my edits were having the desired effect.
Having added the gateway manually, the tunnel came online and I was able to add the gateway to the interface WANIPv6 as is shown in the guide.
Lastly, I added the anycasted he.net ipv6 dns server to the dns server list in general.

The result is a 10/10 score on http://test-ipv6.com/ and a generally fast IPv6 internet connection (20/8 mbits).

Also, lots of rebooting!

images:
(sorry about the white space)

One of the largest cable internet ISPs in the Netherlands called Ziggo still has no plans for IPv6. This is pretty much the trend for internet providers it seems.

Some detective work has found that their ASN in the routing table does not even have a IPv6 prefix. That's just plain dumb. There are places you can start.

You are right when you say that Ziggo is just plain dumb when it comes to IPv6.
I'm in the same boat and when I called Ziggo about this (and a few other things) a month or so back, they were about as cynical as you can imagine.
In short they think it's not going to be a problem for them as they have enough IPv4 addresses to last them a few more years.
Other ISP's in the Netherlands aren't doing much better, though XS4ALL is the notable exception.

I believe I read somewhere (tweakers.net?) that most of the new fiber providers are running dual stack by default, so shiny new consumer/SMB ISP's such as Zeelandnet, Surfnet, Solcom, Tweak and Lijbrandt may be our best bet for the future when it comes to speed and IPv6 in the Netherlands.
If I'm wrong and they aren't running dual stack, it is far more likely that 'we' as users can persuade them to implement it because they are still small as a company.
That, and of course the fact that IANA is set to run out of IPv4 addresses today or tomorrow will help as the price of IPv4 addresses will probably skyrocket.

Hmmmm.

This is pretty neat stuff that you are exploring!

Simply removing ifbwstats.inc and ifbwstats.xml from /usr/local/pkg and using the option to reinstall all packages 'removes' ifbwstats more or less from the packages system.
That is to say, at least to such an extent that it no longer presents a problem when, for instance, upgrading to the latest snap.

When I try get the gateway under routing. The box wont let me input the ipv6 address that i got from he.net. It says the subnet is not within the range. If I leave the gateway blank and click save, it puts the ipv6 address that i try to manually enter.

When creating the WANIP6 interface after creating the gateway, I don't get an option to select the gateway.. Only option is none.

Cino, did you manage to solve this before you did a fresh install?
I seem to be running into the same problem, but a fresh install isn't feasible at the moment.

Also, Databeestje: Awesome.

looks good!
i can pick up the same 40mm local for 4.95 so i think i will do this and find a nice 60 for the cpu.

also what app is that on ur iphone?

Thank you, I must say that I'm quite pleased with the way this mod turned out.
The app I'm using to measure sound pressure is called SPL meter
Note that it's likely that a 60 won't fit exactly (as it will be somewhat too large), and that you'll have to use some tricks to seat it properly.

got any pictures of the new fans?

As it so happens, I took pictures when I was installing the new fans in Firebox 01.

It would seem that I've also hit this issue.
After a successful update yesterday evening, pfSense presents a 'firmware upgrade ongoing' type of message after logging in.



No amount of rebooting through ssh or even a hard poweroff seems to alleviate the issue.
Fortunately, services haven't been interrupted and I can still upgrade firmware through ssh.
Hopefully, this will be fixed in a future firmware version.

I searched the thread for quiet fans, and the one link posted for overclockers UK does not work; does anyone have any model numbers for quiet fans? I'd rather not make holes in the box, so would prefer fans that fit the current formation

For my each of my fireboxes I used three Scythe 40 mm Fan Mini Kaze fans (SY124010L) as replacements for the three fans in the back and a larger Papst 60 mm Fan (612FL) as the cpu cooler.
The Scythes have a different connector, so I had to reuse the original firebox cables.
The Papst really isn't meant to be used the way I'm using them, but I cut out a part in the side of the fan, in effect creating the same airflow as the original firebox cpu fan.
Also, the circumference of the Papst is 5 mm larger than the original fan, which actually helps circulation.

Both my fireboxes have been functioning for about six months while being cooled in this fashion with no problems even under somewhat heavy load.
dB pressure per firebox has gone from ±71.3 to ±44.2 after replacing the fans.

I'm running Jan 13th in my X750E. No problems. I haven't installed the lcd package but I have used the mount RW script and it works.

Steve

It does work, but in my case I had to comment out the mount r/w and mount read only from the script as I am running a full install.
Perhaps that's what is happening to Jdetmold as well?

There are so many different conflicting views scattered around the web.

Thank you for those links, it is very interesting to see the debate on which next-generation dns protocol to use.
However, if it is true that dnssec functions as a 30x multiplier for udp packets and the replies can be reflected to a different address, then that would be Very Bad Indeed.
Or am I mistaken in assuming this?