warden: by any chance does your network have IGMP/MLD snooping enabled?

(I have a fix to a couple MLD bugs in review that would produce similar symptoms - answers to MLD queries can be either truncated or misdirected.

see illumos.org/issues/16620

→ BUG 16620: MLD/IGMP can drop or misroute listener reports (In Progress) | code.illumos.org/c/illumos-gate/+/3556

sommerfeld: thanks, I do not think it's my case... I'm experiencing the same issue on two OmniOS hosts, connected to different networks, one of them to an unmanaged L2 switch. And the problem arises only when ipfilter is enabled and configured to filter IPv6 traffic.

m1ari: thanks for the suggestion, I'll try to rewrite the rules in /etc/ipf/ipf6.conf following them. Anyway, did you find something wrong with my current rules? They are essentially the same which I apply to IPv4 traffic on the same host...

warden: dont know if it's useful but I found an old ipf6.conf file that I think was from when I did IPv6 routing on a solaris 10 box

I can't see anything obviously wrong and with such a simple ruleset the quick keyword shouldnt make too much of a difference.

having had to optimize firewall rulesets in the past as part of the day job I tend to do some optimization by default.

i.e. try and have the bulk of packets traverse the fewest rules possible, so use "quick" a lot, and have things like lo0 near the top

m1ari: thanks, I’ll try to reorganize the ruleset with the “quick” approach to see if it helps solving the issue