Cannot connect to container ports in wsl2

[niuzheng168]

Windows Version

Microsoft Windows [Version 10.0.26100.2161]

WSL Version

2.3.24.0

Are you using WSL 1 or WSL 2?

• [x] WSL 2
• [ ] WSL 1

Kernel Version

Linux version 5.15.153.1-microsoft-standard-WSL2

Distro Version

Ubuntu 22.04

Other Software

Docker version 27.3.1, build ce12230

Repro Steps

In .wslconfig I set the network to mirrored.

[wsl2] 
processors=12
networkingMode=mirrored
hostAddressLoopback=true

In windows, run ipconfig, I can see

以太网适配器 vEthernet (vmnetwork1):

   连接特定的 DNS 后缀 . . . . . . . :
   IPv6 地址 . . . . . . . . . . . . : 2408:8207:1926:b9b1:5ea:2ef8:fd95:3a3f
   IPv6 地址 . . . . . . . . . . . . : 2408:8207:1926:b9b1:a4ac:f95:59b2:19
   临时 IPv6 地址. . . . . . . . . . : 2408:8207:1926:b9b1:dcd4:fb89:af78:6d80
   本地链接 IPv6 地址. . . . . . . . : fe80::9f02:5351:c917:b14%12
   IPv4 地址 . . . . . . . . . . . . : 192.168.3.100
   子网掩码  . . . . . . . . . . . . : 255.255.255.0
   默认网关. . . . . . . . . . . . . : fe80::a6ac:fff:fe95:59b2%12
                                       192.168.3.15

In wsl2, run ifconfig, I can see:

br-e44b0fe78bc4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.18.0.1  netmask 255.255.0.0  broadcast 172.18.255.255
        ether 02:42:e9:36:04:e6  txqueuelen 0  (Ethernet)
        RX packets 91  bytes 12149 (12.1 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 148  bytes 14183 (14.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:f4:6c:63:dc  txqueuelen 0  (Ethernet)
        RX packets 16274  bytes 1095949 (1.0 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 63284  bytes 236392473 (236.3 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.3.100  netmask 255.255.255.0  broadcast 192.168.3.255
        inet6 2408:8207:1926:b9b1:a4ac:f95:59b2:19  prefixlen 128  scopeid 0x0<global>
        inet6 2408:8207:1926:b9b1:5ea:2ef8:fd95:3a3f  prefixlen 64  scopeid 0x0<global>
        inet6 2408:8207:1926:b9b1:dcd4:fb89:af78:6d80  prefixlen 128  scopeid 0x0<global>
        inet6 fe80::9f02:5351:c917:b14  prefixlen 64  scopeid 0x20<link>
        ether 74:56:3c:b2:0f:49  txqueuelen 1000  (Ethernet)
        RX packets 236058  bytes 317928207 (317.9 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 23963  bytes 2024986 (2.0 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

In wsl2, run docker run -d -p 8880:80 nginx:alpine

In windows, change network rule to allow port 8880

In windows, try access localhost:8880, the result is good.

In windows or other device in LAN, try access 192.168.3.100:8880

Expected Behavior

Able to access, should be same as localhost:8880

Actual Behavior

Cannot access the website.

Diagnostic Logs

WslLogs-2024-11-12_22-48-31.zip No response

[github-actions[bot]]

Logs are required for review from WSL team

If this a feature request, please reply with '/feature'. If this is a question, reply with '/question'. Otherwise please attach logs by following the instructions below, your issue will not be reviewed unless they are added. These logs will help us understand what is going on in your machine.

How to collect WSL logs

Download and execute [collect-wsl-logs.ps1](https://github.com/Microsoft/WSL/blob/master/diagnostics/collect-wsl-logs.ps1) in an **administrative powershell prompt**: ``` Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/WSL/master/diagnostics/collect-wsl-logs.ps1" -OutFile collect-wsl-logs.ps1 Set-ExecutionPolicy Bypass -Scope Process -Force .\collect-wsl-logs.ps1 ``` The script will output the path of the log file once done. If this is a networking issue, please use [collect-networking-logs.ps1](https://github.com/Microsoft/WSL/blob/master/diagnostics/collect-networking-logs.ps1), following the instructions [here](https://github.com/microsoft/WSL/blob/master/CONTRIBUTING.md#collect-wsl-logs-for-networking-issues) Once completed please upload the output files to this Github issue. [Click here for more info on logging](https://github.com/microsoft/WSL/blob/master/CONTRIBUTING.md#8-collect-wsl-logs-recommended-method) If you choose to email these logs instead of attaching to the bug, please send them to wsl-gh-logs@microsoft.com with the number of the github issue in the subject, and in the message a link to your comment in the github issue and reply with '/emailed-logs'.

View similar issues

Please view the issues below to see if they solve your problem, and if the issue describes your problem please consider closing this one and thumbs upping the other issue to help us prioritize it!

Open similar issues:

• Localhost is not accessible from windows in mirrored mode (#11172), similarity score: 0.80

Closed similar issues:

• WSL 2.0.6 mirrored network - can not connect to Docker container ports from Windows host (#10683), similarity score: 0.82
• Networking mirrored can't work on WSL2 (#10632), similarity score: 0.81
• WSL mirrored network Docker container cannot access Windows service (#10926), similarity score: 0.80
• WSL2: Unable to access Docker(in wsl2) on host (#11096), similarity score: 0.80

Note: You can give me feedback by thumbs upping or thumbs downing this comment.

[niuzheng168]

Ok, I changed the wslconfig to

[wsl2]
processors=12
networkingMode=mirrored
dnsTunneling=true
firewall=false
autoProxy=true
hostAddressLoopback=true
[experimental]
hostAddressLoopback=true

Now I am able to access the 192.168.3.100:8880 from host machine, but I still cannot not access it from another machine in same lan.

I am sure I have already configured the firewall.

[github-actions[bot]]

Diagnostic information

``` Issue was edited and new log file was found: https://github.com/user-attachments/files/17718270/WslLogs-2024-11-12_22-48-31.zip .wslconfig found Detected appx version: 2.3.24.0 ```

[ddiyoung]

I'm experiencing a similar issue. After recent Windows and WSL updates, I can access a Next.js server directly running on WSL2 from Windows via localhost:3000, but requests to a server running in a Docker container are not reaching the Next.js server from Windows.

I'm using Nginx as a reverse proxy to forward ports, but it's cumbersome to update the Nginx proxy settings every time I create a new Docker container. How can I resolve this?

I resolved this command

add the following to /etc/docker/daemon.json.

{
  "iptables": false
}