Catch 22 routing openvpn ipv6 traffic on sub-router (help!)

Hi, I have a router offering services within my soho lan behind an ISP router. It holds for now 2 services: samba sharing & openvpn (server). It has 3 interfaces lan/lan6 (dhcp clients) & vpn. I was successful at establishing connections that can route ipv4&ipv6 traffic in two scenarios (see my original post) but there are problems:

  1. In the first scenario I divide the /64 ipv6 adress space in two /65 segments but since my delegated prefix changes almost daily I struggled to adapt the dynamic prefix update script but never succeeded (see my post here)
  2. Because of the problems in the scenario 1, I opted for NAT66ing the ipv6 traffic from the VPN. But here the is catch: so far it only works if the server-ipv6 adress is a sub-range of the one obtained from the LAN6 interface....which is dynamic!!!
Here is the config for scenario 2 (NAT66, router=GL.inet 6416=test router)
user nobody
group nogroup
dev tun
port 1194
proto udp
server 192.168.9.0 255.255.255.0
server-ipv6 2804:7f2:2a11:726c:8000::/65
topology subnet
client-to-client
keepalive 10 60
persist-tun
persist-key
push "dhcp-option DNS 192.168.37.1"
push "dhcp-option DOMAIN lan"
push "redirect-gateway def1 ipv6"
push "route-gateway 192.168.37.1"
push "persist-tun"
push "persist-key"

network.globals=globals
network.globals.ula_prefix='fdab:3afd:3977::/48'

network.@device[0]=device
network.@device[0].name='br-lan'
network.@device[0].type='bridge'
network.@device[0].ports='eth0' 'eth1'

network.lan=interface
network.lan.device='br-lan'
network.lan.proto='dhcp'

network.lan6=interface
network.lan6.proto='dhcpv6'
network.lan6.device='@lan'
network.lan6.reqaddress='try'
network.lan6.reqprefix='auto'

network.vpn=interface
network.vpn.proto='none'
network.vpn.device='tun0'

firewall.lan=zone
firewall.lan.name='lan'
firewall.lan.input='ACCEPT'
firewall.lan.output='ACCEPT'
firewall.lan.forward='ACCEPT'
firewall.lan.network='lan' 'lan6'
firewall.lan.masq='1'
firewall.lan.device='tun0'
firewall.lan.masq6='1'

firewall.@zone[1]=zone
firewall.@zone[1].name='vpn'
firewall.@zone[1].input='ACCEPT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='ACCEPT'
firewall.@zone[1].network='vpn'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='vpn'
firewall.@forwarding[0].dest='lan'
firewall.@forwarding[1]=forwarding
firewall.@forwarding[1].src='lan'
firewall.@forwarding[1].dest='vpn'

dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv4='server'
dhcp.lan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
dhcp.lan6=dhcp
dhcp.lan6.interface='lan6'
dhcp.lan6.ignore='1'

So is there a way to get out of this infinite loop? Thanks in advance!

Well, I'll park this issue (at least for while). I figured that since the ovpn server itself is in ipv4, I can always connect to it. So scenario 1 works and I'll just put an infrequent cron job that updates if necessary the ipv6 address in the server.conf file and restarts the ovpn server. In case of an urgent need to ipv6 access, I can always run the cron job update script manually.