diff --git a/wgengine/router/router_userspace_bsd.go b/wgengine/router/router_userspace_bsd.go
index fb81d62fb..419a6d914 100644
--- a/wgengine/router/router_userspace_bsd.go
+++ b/wgengine/router/router_userspace_bsd.go
@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"log"
 	"os/exec"
+	"runtime"
 
 	"github.com/tailscale/wireguard-go/device"
 	"github.com/tailscale/wireguard-go/tun"
@@ -123,7 +124,17 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
 		}
 	}
 	for _, addr := range r.addrsToAdd(cfg.LocalAddrs) {
-		arg := []string{"ifconfig", r.tunname, inet(addr), addr.String(), addr.IP.String()}
+		var arg []string
+		if runtime.GOOS == "freebsd" && addr.IP.Is6() && addr.Bits == 128 {
+			// FreeBSD rejects tun addresses of the form fc00::1/128 -> fc00::1,
+			// https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218508
+			// Instead add our whole /48, which works because we use a /48 route.
+			// Full history: https://github.com/tailscale/tailscale/issues/1307
+			tmp := netaddr.IPPrefix{addr.IP, 48}
+			arg = []string{"ifconfig", r.tunname, inet(tmp), tmp.String()}
+		} else {
+			arg = []string{"ifconfig", r.tunname, inet(addr), addr.String(), addr.IP.String()}
+		}
 		out, err := cmd(arg...).CombinedOutput()
 		if err != nil {
 			r.logf("addr add failed: %v => %v\n%s", arg, err, out)