pfSense

When getting an address assigned from a DHCPv6 Server pfSense automatically creates a gateway to monitor using the link-local address which is fine in general. Dpinger fails to start monitoring the gateway because of the the socket issue described in #6505, but that's the the main point of this issue. The %interface section is omitted when a static route gets pushed to the system and an additional route (link-local to interface) is added. But the main problem when you've duplicate link-local addresses due to vlans:

Example:

• Interface: vtnet0
• Gateway (vlan 41) fe80::5054:ff:fee0:a429%vtnet0_vlan41
• Gateway (vlan 42) fe80::5054:ff:fee0:a429%vtnet0_vlan42

Network:

              .-----------.                    .-----------.
 __  _        | pfsense   |  VLAN Trunk 41,42  |  gateway  | ---->
[__]|=| ----> |           | -----------------> |           |
/::/|_|       |           |                    |           | ---->
              '-----------'                    '-----------'

On both nodes (in my case virtual pfsense boxes to test with) both ports are a single port with vlan trunks on it. Therefore the interface has a single mac and the same link-local address is generated on different subinterfaces (aka vlan interfaces). This is totally fine if pfsense would omit the link-local-interface in the gateway ipv6 address.

Routing Table:

Internet6:
Destination                       Gateway                       Flags      Netif Expire
default                           fe80::5054:ff:fee0:a429%vtnet0_vlan41 UGS    vtnet0_v
::1                               link#5                        UH          lo0
fc00::21                          fe80::5054:ff:fee0:a429       UGHS   vtnet0_v
[...]

This route should include the %vtnet0_vlan41 interface identifier other the route will fail and you can't push it to the right uplink interface

Workaround

Disable the automatically created Gateways and manually create the gateway using the correct link-local%interface notation.

Version tested

I'm using pfsense 2.3.1_5