From the "I wish I'd have known that earlier" files:
I'm posting this here in the hopes of saving some folk the trouble of running this down.
If you are trying to use macvtap onto an existing adapter for a libvirt guest and you're having odd problems with dropped IPv6 traffic, you'll need to add trustGuestRxFilters='yes' to the <interface> stanza in your XML.
An example:
<interface type='direct' trustGuestRxFilters='yes'>
<mac address='52:54:00:0d:42:ce'/>
<source dev='eth0' mode='bridge'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/>
</interface>
The problem is caused by the macvtap not updating its multicast tables correctly. This is considered correct by design for security reasons. I hope with increased deployment of IPv6 this decision will be revisited.
Some of the reading that led me here: