I'm using the setting ip6tables: true option with no problems so far.

The only conceptual difference I found to IPv4 is that no DOCKER-USER chain gets created, which makes it hard to insert custom ip6tables rules at a defined location.

dockerd --version: Docker version 20.10.17, build a89b842

iptables -nvL | grep DOCKER-USER
 417K  335M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0
Chain DOCKER-USER (1 references)

ip6tables -nvL | grep DOCKER-USER

Is this chain still planned / slipped through / not planned for IPv6? I could not really find any discussion about it browsing the old merged/closed tickets regarding ip6tables.

This is a blocker to my system. Can someone please provide the fix in the near future? An ETA would be much appreciated.

with the ip6table option, this should be added

at least until now (docker version 20.10.23) it is not yet implemented in the experimental ip6tables feature

Do you know when this will be implemented?

sorry I do not have further information about this topic.
I had only noticed the missing DOCKER-USER rules in the ip6tables myself today and searched for it and found this thread here. Since the version mentioned above was 20.10.17 I only wanted to inform that even in the newest version 20.10.23 this DOCKER-USER is still missing in the experimental ip6tables feature.

Is there a docker development forum where we can post questions like this one?

Added with docker v23

docker version

Client: Docker Engine - Community
 Version:           23.0.0
 API version:       1.42
 Go version:        go1.19.5
 Git commit:        e92dd87
 Built:             Wed Feb  1 17:43:17 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          23.0.0
  API version:      1.42 (minimum version 1.12)
  Go version:       go1.19.5
  Git commit:       d7573ab
  Built:            Wed Feb  1 17:43:17 2023
  OS/Arch:          linux/amd64
  Experimental:     true
 containerd:
  Version:          1.6.16
  GitCommit:        31aa4358a36870b21a992d3ad2bef29e1d693bec
 runc:
  Version:          1.1.4
  GitCommit:        v1.1.4-0-g5fd4c4d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

iptables -S | grep DOCKER-USER

-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A DOCKER-USER -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A DOCKER-USER -i eth0 -j DROP
-A DOCKER-USER -j RETURN

ip6tables -S | grep DOCKER-USER

-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A DOCKER-USER -j RETURN

Thanks a lot @cfouche3005 to confirm this!

The weird thing it's not precisely said in the changelog (or I didn't find the right change on the changelog)

The weird thing it's not precisely said in the changelog (or I didn't find the right change on the changelog)

it is actually mentioned in the release notes:

Fix a failure to create the DOCKER-USER ip6tables chain. moby/moby#44845

Sorry, I am too dump and blind, thank for mentioning it.

I think this issue can be closed

no you're not blind. I would probably also not have seen it due to the long list of fixes, security and new features.
I just searched for the DOCKER-USER in the release notes. ;-)
And yes, I would also think that it can be closed now. @RaphMad