hi,
the current implementation of ip source validation in vyos does not handle ipv6. This is cause vyos uses the deprecated way via sysctl.
See https://home.regit.org/2011/08/florian-westphal-moving-rp_filter-into-netfilter/
The current vyos kernel has all needed iptables modules for this.
So I would prefer that we drop the support via /proc and switch to the iptables/netfilter way.