DNSv6 Config with Container

Hello all.

I got a Pi a few days ago and installed pi-hole using Docker. Since my router and ISP provide IPv6 I wanted to use this also for DNS requests of the clients. However, I did not get connected to the pi-hole container with ULA of the Pi.
I did not find any instructions on the net that helped me.
Maybe someone here knows where to start.

Thanks!

A DNS server can provide A (IPv4) and AAAA (IPv6) records regardless.
As far as DNS lookups are concerned, you are not losing anything by running Pi-hole only on IPv4.

However, if your router advertises itself as DNS server via IPv6, clients will by-pass Pi-hole via IPv6.
Yet that wouldn't stop if your Pi-hole had an IPv6 address: Your Pi-hole would advertise itself, and a client would then pick your router's or Pi-hole's IPv6 at its own discretion.

The only way to avoid an IPv6 by-pass is configuring your router to not distribute its own IPv6 address for DNS. If your router doesn't support that, your only other options to avoid by-passes would be to turn off IPv6, or to redirect DNS traffic to your Pi-hole via respective rules in your router's firewall or a dedicated firewall (if you happen to run one).

If you still want IPv6 for Docker, you probably should start by checking whether IPv6 is enabled for your Docker installation (which isn't available for all platforms), see Docker's documentation at Enable IPv6 support | Docker Documentation.

The router is not the problem in my case. I don't know what IPv6 address I should use in the daemon.

{
  "ipv6": true,
  "fixed-cidr-v6": "2001:db8:1::/64"
}

The address range from my provider or my ULA? Bc the provider change the prefix from time to time.
My ULA in the network is: "fd00::/64" shoud I use this?

If intent on IPv6, you should prefer private IPv6 addresses. For a public one, prefix as well as interface identifier are likely to change regularly.

But let me repeat:
Pi-hole (as any DNS server) is fully operational as DNS server if accessible via IPv4. It doesn't need an IPv6 address:

Thank you for clarifying.
So... I can disable IPv6 support for docker or not on my pi, doesn’t matter.

And if I enable IPv6 on my router it’ll automatically use the router as DNSv6 server/or another DNSv6 server. If I want to disable that I have to disable IPv6 completely on my router. Includes ISP IPv6.

The DNSv6 server has a higher priority than the DNSv4 server. That’s the point I’m confused how it should work.

EDIT: disabled DHCPv6 and thru that i only get IPv4 DNS Server. I’ll have a look if this is working for me.

That depends entirely on your router's configuration.
You'd have to consult your router's documentation sources for further information.

Not quite.
Clients may generally prefer IPv6 over IPv4, and that would of course affect DNS as well. In absence of any IPv6 DNS servers, clients will use DNS servers available via IPv4.
In theory, you may try to change that IPv6 preference by configuring each device's IPv6 prefix policies accordingly, but quite a few devices would not allow that (e.g. smartphones or IoT devices).

I disabled DHCPv6 and DNSv6 from my router so that the devices only get their address from the ISP.

DNS is only the IPv4 from the Pi hole.

Look that this works.

My personal notes on IPv6:

If your router is configured with IPv6, this becomes a little bit tricker. IPv6 auto discovers its local DNS server and will attempt to use it, effectively bypassing your Pi Hole (unless you’re using http proxy option 3). Find your Raspberry Pi’s IPv6 address at http://pi.hole/admin/settings.php

It will also be necessary to configure your router’s IPv6 settings to advertise the Raspberry Pi IPv6 address as the DNS server.

It’s generally easier to simply disable IPv6 if possible.

I solved it by switching off DHCPv6 and the clients now only get the public IPv6 addresses from ISP.