I learned a lot about IPv6 in the last week. :v I posted in the PC Hardware thread about getting a Pi-hole setup in Docker and my struggles with IPv6 and how I eventually got it working. Since then, I have learned more about IPv6 and Docker and now have it working properly. Below is a revised guide of what I had to do.
First thing I did was find the IP my router/gateway was on and used the Global ID defined in it as the basis for the rest of my user-defined IPv6 network. Then, I edited /etc/network/interfaces to set a static IPv6 for my host machine since my router is unable to do that. The X's are placeholders for the global ID of my IPv6 network.
/etc/network/interfaces
The next step was to enable IPv6 in Docker. By default, Docker has this disabled. Docker also does not automatically assign/allocate IPv6 addresses, so we have to do this manually ourselves. The "fixed-cidr-v6" variable is for the default Docker bridge network. I have it using a different subnet from my host server and router just because I want to. I do not know if it actually brings better security or isolation or anything.
/etc/docker/daemon.json
I then rebooted my machine at this point to get all the services to reset. If I was smarter and more familiar with Linux/Debian, I would have just restarted only the necessary services instead of the whole machine. As this is a home server that isn't running anything vital, I didn't bother.
Next, I created an IPv6 network for the Pi-hole. Very similar to what I did for the default Docker bridge network, I assigned a unique subnet to the existing Global ID for my user-defined IPv6 network. I created and saved a small script for this:
docker-network_create.sh
Ran the script and verified that it was successfully created.
Next, I created a file for docker-compose to run. The key thing I had to do here was set ServerIPv6 to the static IP of my host server that I set in the beginning in the /etc/network/interfaces file.
docker-compose.yaml
Ran
First thing I did was find the IP my router/gateway was on and used the Global ID defined in it as the basis for the rest of my user-defined IPv6 network. Then, I edited /etc/network/interfaces to set a static IPv6 for my host machine since my router is unable to do that. The X's are placeholders for the global ID of my IPv6 network.
/etc/network/interfaces
[...]
iface eno1 inet6 static
address fdXX:XXXX:XXXX:1:0:0:0:25
netmask 64
gateway fdXX:XXXX:XXXX:1:0:0:0:1
The next step was to enable IPv6 in Docker. By default, Docker has this disabled. Docker also does not automatically assign/allocate IPv6 addresses, so we have to do this manually ourselves. The "fixed-cidr-v6" variable is for the default Docker bridge network. I have it using a different subnet from my host server and router just because I want to. I do not know if it actually brings better security or isolation or anything.
/etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "fdXX:XXXX:XXXX:b35d::/64"
}
I then rebooted my machine at this point to get all the services to reset. If I was smarter and more familiar with Linux/Debian, I would have just restarted only the necessary services instead of the whole machine. As this is a home server that isn't running anything vital, I didn't bother.
Next, I created an IPv6 network for the Pi-hole. Very similar to what I did for the default Docker bridge network, I assigned a unique subnet to the existing Global ID for my user-defined IPv6 network. I created and saved a small script for this:
docker-network_create.sh
docker network create --ipv6 --subnet "172.18.10.0/24" --subnet "fdXX:XXXX:XXXX:629f::/64" pi-hole
Ran the script and verified that it was successfully created.
Next, I created a file for docker-compose to run. The key thing I had to do here was set ServerIPv6 to the static IP of my host server that I set in the beginning in the /etc/network/interfaces file.
docker-compose.yaml
version: "3"
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "80:80/tcp"
- "443:443/tcp"
environment:
TZ: 'America/Chicago'
WEBPASSWORD: somePassword
DNS1: 9.9.9.9
DNS2: 149.112.112.112
DNSSEC: "true"
CONDITIONAL_FORWARDING: "true"
CONDITIONAL_FORWARDING_IP: 192.168.7.1
CONDITIONAL_FORWARDING_REVERSE: 1.7.168.192.in-addr.arpa
ServerIP: 192.168.7.8
ServerIPv6: fdXX:XXXX:XXXX:1:0:0:0:25
# Volumes store your data between container upgrades
volumes:
- './docker-volumes/etc-pihole/:/etc/pihole/'
- './docker-volumes/etc-dnsmasq.d/:/etc/dnsmasq.d/'
dns:
- 127.0.0.1
- 9.9.9.9
restart: unless-stopped
networks:
default:
external:
name: pi-hole
Ran
docker-compose up -d
and that was it.