Warning: Rant incoming 
I was just informed by at least 27 bigger environments, that the Pihole-Team had a major “accident” by seemingly ignoring folks who don’t live in the past and already use IPv6 (only): When performing the upgrade from v5 to v6 the Team for some bizarre reason did a sloppy job with the migration-script resulting in completely BRICKING IPv6 during the migration from v5 to v6 Docker containers (the most frequent deployed use-case).
I didn’t want to believe this at first (who in the sane mind would not prefer v6 over v4 right?) so I tested this myself and this inspired me to create this image with ChatGPT for the PiHole-Team:
Well done! It’s 2025 folks! You’ve successfully claimed the first shame-bell of this year! Well (not) done!
Pro-Tip: If at all, you should disable IPv4, not IPv6…
Or as someone else would say:
For all the folks out there who struggle after the upgrade – here’s what you need to change for your System to run with v6 again:
- Go to your volume for the pihole data (most likely located under /var/lib/docker/pihole_app/_data
- Locate the file “pihole.toml“
- Change the following Settings that the Team destroyed back to the values for IPv6:
<code>[ntp.ipv4]
# Should FTL act as network time protocol (NTP) server (IPv4)?
active = <strong>false</strong> ### CHANGED, default = true [ntp.ipv6]
# Should FTL act as network time protocol (NTP) server (IPv6)?
active = <strong>true</strong> ### CHANGED, default = false
[ntp.sync] # Should FTL try to synchronize the system time with an upstream NTP server? active = true # NTP upstream server to sync with, e.g., "pool.ntp.org". Note that the NTP server # should be located as close as possible to you in order to minimize the time offset # possibly introduced by different routing paths. # # Possible values are: # valid NTP upstream server server = "2.europe.pool.ntp.org" ### CHANGED, default = "pool.ntp.org"
# Use any IPv6 enabled ntp pool - europe2 is just the demo shown here but works perfectly fine in production for European folks only! [resolver] # Should FTL try to resolve IPv4 addresses to hostnames? resolveIPv4 = false ### CHANGED, default = true # With this option, you can change how (and if) hourly PTR requests are made to check # for changes in client and upstream server hostnames. # # Possible values are: # - "IPV4_ONLY" # Do hourly PTR lookups only for IPv4 addresses. This is the new default since # Pi-hole FTL v5.3.2. It should resolve issues with more and more very # short-lived PE IPv6 addresses coming up in a lot of networks. # - "ALL" # Do hourly PTR lookups for all addresses. This was the default until FTL # v5.3(.1). It has been replaced as it can create a lot of PTR queries for those # with many IPv6 addresses in their networks. # - "UNKNOWN" # Only resolve unknown hostnames. Already existing hostnames are never refreshed, # i.e., there will be no PTR queries made for clients where hostnames are known. # This also means that known hostnames will not be updated once known. # - "NONE" # Don't do any hourly PTR lookups. This means we look host names up exactly once # (when we first see a client) and never again. You may miss future changes of # host names. refreshNames = "ALL" ### CHANGED, default = "IPV4_ONLY" # Ports to be used by the webserver. # Comma-separated list of ports to listen on. It is possible to specify an IP address # to bind to. In this case, an IP address and a colon must be prepended to the port # number. For example, to bind to the loopback interface on port 80 (IPv4) and to all # interfaces port 8080 (IPv4), use "127.0.0.1:80,8080". "[::]:80" can be used to # listen to IPv6 connections to port 80. IPv6 addresses of network interfaces can be # specified as well, e.g. "[::1]:80" for the IPv6 loopback interface. [::]:80 will # bind to port 80 IPv6 only. # In order to use port 80 for all interfaces, both IPv4 and IPv6, use either the # configuration "80,[::]:80" (create one socket for IPv4 and one for IPv6 only), or # "+80" (create one socket for both, IPv4 and IPv6). The '+' notation to use IPv4 and # IPv6 will only work if no network interface is specified. Depending on your # operating system version and IPv6 network environment, some configurations might not # work as expected, so you have to test to find the configuration most suitable for # your needs. In case "+80" does not work for your environment, you need to use # "80,[::]:80". # If the port is TLS/SSL, a letter 's' (secure) must be appended, for example, # "80,443s" will open port 80 and port 443, and connections on port 443 will be # encrypted. For non-encrypted ports, it is allowed to append letter 'r' (as in # redirect). Redirected ports will redirect all their traffic to the first configured # SSL port. For example, if webserver.port is "80r,443s", then all HTTP traffic coming # at port 80 will be redirected to HTTPS port 443. # When specifying 'o' (optional) behind a port, inability to use this port is not # considered an error. For instance, specifying "80o,8080o" will allow the webserver # to listen on either 80, 8080, both or even none of the two ports. This flag may be # combined with 'r' and 's' like "80or,443os,8080,4443s" (80 redirecting to SSL if # available, 443 encrypted if available, 8080 mandatory and unencrypted, 4443 # mandatory and encrypted). # If this value is not set (empty string), the web server will not be started and, # hence, the API will not be available. # # Possible values are: # comma-separated list of <[ip_address:]port> port = "[::]:80o,[::]:443os" ### CHANGED, default = "80o,443os"4) Restart your container
5) Open a github issue here: https://github.com/pi-hole/docker-pi-hole/issues and let em have it!
The more folks complain, the better!
6) Have a working (IPv6-only) Pihole Setup again
Sadly this means that for future upgrades, we have to be extra careful what the team changes – while the new piholev6 looks nice visually, looking nice is not the first thing to care about when performing groundbreaking changes in tech where thousands of admins rely on sane decisions…
Stay safe folks and always: verify, verify, verify (and backup of course)!
