pfSense

subject is definitely not true. If it were even just true on 32 bit it's a certainty we would have heard of it by now, at least several tens of thousands of systems have been upgraded to 2.3.x via auto-update alone. The linked reddit thread was confirmed resolved with the root cause being a wrong config.

Can you ping the opposite side v6 IP inside the tunnel? If not, what does your gif config look like?

No, I can't - and I don't see any responses from HE if I sniff the WAN interface, either.
The last bug I ran into was 32-bit only, and I didn't think it was all that much of a corner case, so I figured... well, no-one else is complaining, maybe I've hit another only-person-in-the-world-doing-exactly-this-thing problem??
If you have definite, concrete knowledge of 32-bit systems that had HE tunnels up and working in 2.2 that continue to work properly after upgrading to 2.3, just close this as NOTABUG or whatever Redmine calls it.

But then we'd better update the docs, because following the existing docs in the wiki to the letter doesn't work anymore. (It's also possible that I'm making the same dumb mistake on two different systems, but... one of them was definitely working pre-upgrade, and definitely not post-upgrade.

I think/hope I've removed all the really sensitive bits from the two config files I'm attaching... the HE tunnel on "remote.avant.ca" was definitely working properly pre-upgrade and definitely broken post-upgrade. And I was (obviously) mistaken - the WAN interface is pseudo-static: it really is static, but the DSL modem runs in an idiotic hybrid "DMZ+" mode where it basically does 1:1 NAT for inbound traffic, and hands out its own public IP to the internal device via DHCP. And... well... it worked before? shrug

Without getting any replies back from HE at all, it's really hard to figure out what the problem is.
I can attach pcaps if that's useful.

thanks for the feedback