You may be right about these the gateway and DNS options being nonfunctional. I'm using a different machine as a DHCPv6 server; pfSense is firewall/router only. To my knowledge DHCPv6 does not presently allow for providing the gateway address, so the field you mention must be an artifact. I'm using 2.1 and I don't see a gateway field on the DHCPv6 Server page.
Here is a Wireshark capture of a router advertisement being sent by my pfSense box:
No. Time Source Destination Protocol Length Info
110 51.158149 fe80::203:47ff:fe72:33fc ff02::1 ICMPv6 142 Router Advertisement from 00:03:47:72:33:fc
Frame 110: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits)
Ethernet II, Src: Intel_72:33:fc (00:03:47:72:33:fc), Dst: IPv6mcast_00:00:00:01 (33:33:00:00:00:01)
Internet Protocol Version 6, Src: fe80::203:47ff:fe72:33fc (fe80::203:47ff:fe72:33fc), Dst: ff02::1 (ff02::1)
Internet Control Message Protocol v6
Type: Router Advertisement (134)
Checksum: 0x42d3 [correct]
Cur hop limit: 64
1... .... = Managed address configuration: Set
.1.. .... = Other configuration: Set
..0. .... = Home Agent: Not set
...0 0... = Prf (Default Router Preference): Medium (0)
.... .0.. = Proxy: Not set
.... ..0. = Reserved: 0
Router lifetime (s): 3600
Reachable time (ms): 0
Retrans timer (ms): 0
ICMPv6 Option (Source link-layer address : 00:03:47:72:33:fc)
Type: Source link-layer address (1)
Length: 1 (8 bytes)
Link-layer address: Intel_72:33:fc (00:03:47:72:33:fc)
ICMPv6 Option (MTU : 1280)
Type: MTU (5)
Length: 1 (8 bytes)
ICMPv6 Option (Prefix information : fd00:ac10::/120)
Type: Prefix information (3)
Length: 4 (32 bytes)
Prefix Length: 120
Valid Lifetime: 360000
Preferred Lifetime: 360000
Prefix: fd00:ac10:: (fd00:ac10:
ICMPv6 Option (Recursive DNS Server fd00:ac10::66)
Type: Recursive DNS Server (25)
Length: 3 (24 bytes)
Recursive DNS Servers: fd00:ac10::66 (fd00:ac10::66)
As you can see, it provides the unique-local address of the router in the Recursive DNS Server option--which would work for you if you're running DNS Forwarding on the pfSense machine if
the clients were using the option. My clients appear to ignore it. As I said, I have RAs disabled
on all my LAN interfaces and pfSense is still happily sending RAs like the one shown. I don't know what's going down there. Notice also that the Managed and Other flags are set which means that clients that receive this advertisement will expect to get both their addresses and DNS server addresses through DHCPv6.
I'm not sure why you're bridging or why you would need to. The zone ID is going to vary from host to host I think, so I'd expect it to be different. I just tried pinging the link-local address of pfSense without specifying the zone ID and it worked fine (I had to add a new firewall rule to allow it through, though, so don't forget that).
Don't put anything in the prefix delegation fields unless you have another router downstream (which would indeed be a complex setup).
The DNS Servers on the General Setup are used like forwarders. If you have DNS Forwarding enabled and pfSense hasn't already cached the address, pfSense passes DNS requests it receives on to these servers. Since you're using HE, put 2001:470:20::2 in one of these fields. I don't know if the ns#.he.net (# = 1-5) servers do recursion. If not, they wouldn't be useful here.
Hope this helps! Thanks for the Dynamic DNS info. I'm going to try that now.