IPv6 with OpenVPN in Docker

Question

I'm trying to get OpenVPN in a docker container (alpine:3.7) running with IPv6. When the OpenVPN host does not send any IPv6 information, it works fine. When it sends an IPv6 address for my connection, I get the following error:

[...]
Wed May 30 08:32:20 2018 TUN/TAP device tun0 opened
Wed May 30 08:32:20 2018 TUN/TAP TX queue length set to 100
Wed May 30 08:32:20 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Wed May 30 08:32:20 2018 /sbin/ip link set dev tun0 up mtu 1500
Wed May 30 08:32:20 2018 /sbin/ip addr add dev tun0 10.4.1.112/16 broadcast 10.4.255.255
Wed May 30 08:32:20 2018 /sbin/ip -6 addr add fde6:7a:7d20:4::116e/64 dev tun0
RTNETLINK answers: Permission denied
Wed May 30 08:32:20 2018 Linux ip -6 addr add failed: external program exited with error status: 2
Wed May 30 08:32:20 2018 Exiting due to fatal error

I'm starting my docker container with

sudo docker run -it --name container --cap-add=NET_ADMIN --device=/dev/net/tun myimage

Any idea, which privilege I have to add to get this working?

Answer 1

Oh, i just found the solution by myself:

IPv6 has to be enabled for the container by setting a sysctl value:

--sysctl net.ipv6.conf.all.disable_ipv6=0

So the final command for starting the container without the problem described above is:

sudo docker run -it --name container --cap-add=NET_ADMIN --device=/dev/net/tun --sysctl net.ipv6.conf.all.disable_ipv6=0 myimage