That WILL route the routed /64 to and through the tunnel.
... The WS2008 box needs to be set up as a router. To do that, it needs to have whatever it might need done to it to tell it to forward IPv6 (e.g. act as a router). Not sure how to do THAT. It also needs the firewall set up to allow the traffic, but since you have that turned off (inadvisable since it will make your hosts wide open to the internet) that probably doesn't matter (even though you spoke of the Windows firewall allow rule in your last message).
...
If not, check logs and such, and look into whatever you need to do to tell windows to be a router, if anything is required (the equivalent net.ipv4.ip_forward = 1 on linux).
The route commands I gave you will take care of the routing side of things though. ...
-Jim
EDIT: You also may want to make sure the ipv6 privacy stuff is turned off on at least the WS2008 router machine, since you probably don't want it changing IPv6 addresses automatically. (netsh int ipv6 set privacy disabled)
Unfortunately, the "add route" command you recommended, which is what was used to build the tunnel in the first place, does NOT cause the Routed /64 addresses to route to and through the tunnel. Example, if I set my NIC address to 2001:470:1f05:a85::6 (which is in the routed /64) and then try to ping either tunnel endpoint from that address, it fails, as follows:
C:\>ping -6 -S 2001:470:1f05:a85::6 2001:470:1f04:a85::1
Pinging 2001:470:1f04:a85::1 from 2001:470:1f05:a85::6 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 2001:470:1f04:a85::1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\>ping -6 -S 2001:470:1f05:a85::6 2001:470:1f04:a85::2
Pinging 2001:470:1f04:a85::2 from 2001:470:1f05:a85::6 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 2001:470:1f04:a85::2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
BTW, I tried this with no gateway address on the NIC, then with the local tunnel endpoint IP as the NIC gateway address, then with the remote tunnel endpoint IP as the NIC gateway address, and then even with the NIC address as the gateway address. None of those worked.
However, as I noted before, the tunnel does work if you access it from the "IP6Tunnel" interface itself. Example:
C:\>ping -6 2001:470:1f04:a85::1
Pinging 2001:470:1f04:a85::1 from 2001:470:1f04:a85::2 with 32 bytes of data:
Reply from 2001:470:1f04:a85::1: time=17ms
Reply from 2001:470:1f04:a85::1: time=103ms
Reply from 2001:470:1f04:a85::1: time=122ms
Reply from 2001:470:1f04:a85::1: time=62ms
Ping statistics for 2001:470:1f04:a85::1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 122ms, Average = 76ms
The "Allow" rule I set for Protocol 41 was on the multilayer switch hardware, not Windows Firewall--as I said Windows Firewall is turned OFF.
I'm thinking that netsh interface ipv6 set privacy only applies if you're using Autoconfigured addresses, which I'm not. I'll try disabling privacy, but I doubt it has anything to do with it.
Obviously, my original question was and still is--How do I set up the WS2008 NIC to act as a router? Other than that, we seem to keep repeating ourselves here. I appreciate your effort, but could we get back to my original question, please?