hi,
as far as I could see we have no easy way to archive BCP38 for IPv6 on VyOS. The:
set firewall source-validation only works for ipv4
I see two alternatives:
https://github.com/faelix/hphr/tree/master/salt
or we use the iptables modules :
A "rpfilter" module is available since Linux 3.3 and iptables 1.4.13 which allow user to perform reverse path filtering in ipv4 and ipv6.