Docker Pihole with IPV6, UFW Firewall blocks IPV6 Traffic from FE80::

Docker Engine Compose
1

I have a Problem with Pihole Docker Compose and IPV6.

I changed the official Pihole Docker Compose Script with additional IPV6 Network.

Normally Docker would create a IPTable for the this IPV6 Network that is ok.

But my UFW Firewall spams in DMESG that all incoming form internal Network FE80:: IPV6 Traffic is blocked

Now the Question, in my Fritzbox is the Raspberrys static IPV6 Adress to send Queries there but this is not the Dockers IPV6. How to Manage this to Recieve the IPV6 Data ? IPV4 works fine.

version: "3.0"
name: "pihole"
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
   pihole:
     container_name: pihole
     image: pihole/pihole:latest
     hostname: pihole
     depends_on:
       - unbound
     ports:
       # DNS Ports
       - "53:53/tcp"
       - "53:53/udp"
       # Default HTTP Port
       - "80:80/tcp"
       # Default HTTPs Port. FTL will generate a self-signed certificate
       - "443:443/tcp"
       # Uncomment the below if using Pi-hole as your DHCP Server
       #- "67:67/udp"
       # Uncomment the line below if you are using Pi-hole as your NTP server
       #- "123:123/udp"
     environment:
       # Set the appropriate timezone for your location from
       # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones, e.g:
       TZ: "Europe/Berlin"
       FTLCONF_webserver_api_password: "" # Set a password to access the web interface. Not setting one will result in a random password being assigned   
       FTLCONF_dns_listeningMode: "all" # If using Docker's default `bridge` network setting the dns listening mode should be set to 'all'
       FTLCONF_misc_etc_dnsmasq_d: "true"
       FTLCONF_dns_upstreams: unbound
     volumes: # Volumes store your data between container upgrades
       - /myfolder/pihole:/etc/pihole # For persisting Pi-hole's databases and common configuration file
       #- /etc/dnsmasq.d:/etc/dnsmasq.d # Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
       - /myfolder/pihole/logs:/var/log/pihole #Log Files
     cap_add:
       # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
       #- NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
       - SYS_TIME # Required if you are using Pi-hole as your NTP client to be able to set the host's system time
       - SYS_NICE # Optional, if Pi-hole should get some more processing time
     logging:
        driver: json-file  
     restart: unless-stopped
     networks:
       dns_net:
         ipv4_address: 172.18.0.2
         ipv6_address: fd00:ff8::20
  
   unbound:
     image: klutchell/unbound:main
     container_name: unbound
     hostname: unbound
     environment:
       - UID=1000 #Replace with your UID
       - GID=1000 #Replace with your GID
       - TZ=Europe/Berlin
       - ServerIP=172.18.0.3
     ports:
       - "53/tcp"
       - "53/udp"
     volumes:
       - /myfolder/unbound:/etc/unbound/custom.conf.d
       - /myfolder/unbound/root.hints:/etc/unbound/root.hints
       - /myfolder/unbound/root.key:/etc/unbound/root.key            
     cap_add:
       - NET_ADMIN
     logging:
       driver: json-file  
     restart: unless-stopped
     networks:
       dns_net:
         ipv4_address: 172.18.0.3
         ipv6_address: fd00:ff8::30


networks:
  dns_net:
    driver: bridge
    enable_ipv4: true
    enable_ipv6: true
    ipam:
        config:
        - subnet: 172.18.0.0/16
          gateway: 172.18.0.1
        - subnet: fd00:ff8::/64
          gateway: fd00:ff8::1