In order for IPv6 to work in docker, you just need to add the desired prefix and enable it in the configuration file - /etc/docker/daemon.json.

{
  "ipv6": true,
  "fixed-cidr-v6": "2001:db8:1::/64"
}

But there are several nuances here. In order for the addresses to work, it is necessary that the prefix is routed through the server.

Of all the available public clouds (which I use or used once), this feature is only available in AWS EC2 - prefix delegation.

But what do you do when it’s a server that’s only been given one /64 prefix? There is a way out - to use NDP Proxy.

It will not be possible to use full /64, but there is no need for this. We’ll just bite off the range for containers with the /80 prefix size.

apt install -qy ndppd

And in the file /etc/ndppd.conf we will replace everything with the following content (eth0 - main server interface):

route-ttl 5000

proxy eth0 {
  router yes
  timeout 500
  ttl 30000

  rule 2001:db8:1:d0c4::/80 {
    auto
  }
}

Docker Compose

Compose is a little more complicated - it creates a separate network, and does not use the settings from the main configuration file.

To work, let’s change the main configuration file - just by enabling ipv6 support.

{
  "ipv6": true,
  "fixed-cidr-v6": "fd00::/64"
}

I don’t need to create containers outside of compose - so I’ll put the private address there. Is it still necessary to create containers outside of compose - then I advise you to select another one there public prefix. (you can also delegate through ndp proxy)

Now let’s configure in the docker-compose file so that addresses are issued to containers:

version: '3.9'

networks:
  default:
    enable_ipv6: true
    driver: bridge
    driver_opts:
      com.docker.network.enable_ipv6: "true"
    ipam:
      driver: default
      config:
        - subnet: 10.0.0.0/24
        - subnet: 2001:db8:1:d0c4::/80

And now, after creating or rebuilding the network, the addresses will be issued.