Can not connect to internet in WSL 2

[Fubuchi]

This happen on almost all official WSL distros (suse, debian, ubuntu) . I have not tried kali yet but i think the result will be the same.

This is the report on ubuntu:

• Windows build number: 10.0.18932.1000

• What you're doing and what's happening:

  • try to run sudo apt-get update

• What's wrong / what should be happening instead:

  • Error message:

  Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease Temporary failure resolving 'archive.ubuntu.com' Err:2 http://security.ubuntu.com/ubuntu bionic-security InRelease Temporary failure resolving 'security.ubuntu.com' Err:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease Temporary failure resolving 'archive.ubuntu.com' Err:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease Temporary failure resolving 'archive.ubuntu.com' Reading package lists... Done

  • This seem like a dns issue, this is the content of my resolv.conf:

  # This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf: # [network] # generateResolvConf = false nameserver 172.22.64.1

  • Run ipconfig from cmd and overwrite resolv.conf with the dns I get from ipconfig. Run apt-get update again. Host name can be resolved now, but get another error:

  Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1560:8001::11). - connect (101: Network is unreachable) Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1562::19). - connect (101: Network is unreachable) Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1360:8001::17). - connect (101: Network is unreachable) Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1360:8001::21). - connect (101: Network is unreachable) Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1560:8001::14). - connect (101: Network is unreachable) Could not connect to security.ubuntu.com:80 (91.189.88.149), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.26), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.31), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.162), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.24), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.23), connection timed out ....

  • Try disable firewall, still the same error. I only use window defender, no other antivirus.

  • I convert my distro back to WSL 1 and every network command work fine. The content of resolv.conf in WSL 1 is surprisingly the same as when I overwrite the one in WSL 2

  • Expected: commands that require internet work as WSL 1

• Strace of the failing command, if applicable: can't, strace has not been installed yet beacause no internet. (I run strace on debian and got the command not found error, so I think ubuntu doesn't have them pre installed too). The log is quite long (3k+ lines) so I put them in a file: apt-strace.log

[SchoofsEbert]

Trying to convert back to WSL 1 aborts with an error about network connectivity.

C:\Users\ebert>wsl -l -v
  NAME      STATE           VERSION
* Ubuntu    Running         2

C:\Users\ebert>wsl --set-version Ubuntu 1
Conversion in progress, this may take a few minutes...
The network connection was aborted by the local system.

C:\Users\ebert>wsl -l -v
  NAME      STATE           VERSION
* Ubuntu    Stopped         2

[coltenkrauter]

Fix DNS resolution in WSL2

This fixed it for me.

[atrauzzi]

Experiencing this as well. No idea what's causing it.

[sihoang]

I figured the root cause was because I was blocking the incoming traffic in the "Public network" firewall

[TwoXTwentyOne]

I've come to the same conclusion as Hoang when I activated firewall logging and monitored the output using cmtrace.

On Mon., Nov. 4, 2019, 11:25 p.m. Hoang Nguyen, notifications@github.com wrote:

I figured the root cause was because I was blocking the incoming traffic in the "Public network" firewall

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/microsoft/WSL/issues/4275?email_source=notifications&email_token=AFAAF72X5B3IFZMDSAIU44DQSDYSFA5CNFSM4H6SKCKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEDBRWDA#issuecomment-549657356, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFAAF7ZJOOPXCZLDRJVNAXTQSDYSFANCNFSM4H6SKCKA .

[abhirup-dev]

Same! Firewall had to be disabled. This was not needed in WSL1. I hope this will be fixed in future versions.

[TwoXTwentyOne]

Just open the specific port it requires, don't let everything open ;)

Eric

On Mon., Nov. 18, 2019, 7:38 a.m. Abhirup Das, notifications@github.com wrote:

Same! Firewall had to be disabled. This was not needed in WSL1. I hope this will be fixed in future versions.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/microsoft/WSL/issues/4275?email_source=notifications&email_token=AFAAF7YXKZCIYYW4XHYSPW3QUKEEHA5CNFSM4H6SKCKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEEKJRIY#issuecomment-554997923, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFAAF72VEEVKPMAGH3PPY5LQUKEEHANCNFSM4H6SKCKA .

[rm-bergmann]

I had this problem after installing WSL2. I had docker desktop running when I installed it. I uninstalled docker desktop, that did not fix it for me yet. I tried turning off the firewall. that did not work.

Then I went to the advanced settings in the Ubuntu distro app and clicked the reset button to re-install WSL2. Now it works.

EDIT: I thought it was working after the reinstall, but I forgot to set the Ubuntu-18..04 distro to version wsl2, so it was working as wsl1. After converting to wsl2, internet stop working.

I installed wsl2 on my work laptop and everything works, which is a very similar set up to my home laptop.

[agarciamog]

I had this problem after installing WSL2. I had docker desktop running when I installed it. I uninstalled docker desktop, that did not fix it for me yet. I tried turning off the firewall. that did not work.

Then I went to the advanced settings in the Ubuntu distro app and clicked the reset button to re-install WSL2. Now it works.

EDIT: I thought it was working after the reinstall, but I forgot to set the Ubuntu-18..04 distro to version wsl2, so it was working as wsl1. After converting to wsl2, internet stop working.

I installed wsl2 on my work laptop and everything works, which is a very similar set up to my home laptop.

Try modifying /etc/resolv.conf to Google's DNS. nameserver 8.8.8.8

[rm-bergmann]

@agarciamog I have now tried all the suggestions in this thread and another open thread and still can't get it to work.

I have added google's DNS to resolv.conf, this is the error I am currently getting (I've trimmed the repeatition, and it was different before but can't reproduce the first error anymore).

$ sudo apt-get update

Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
  Temporary failure resolving 'security.ubuntu.com'
Err:2 http://archive.ubuntu.com/ubuntu bionic InRelease
  Temporary failure resolving 'archive.ubuntu.com'

Reading package lists... Done
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic/InRelease  
Temporary failure resolving 'archive.ubuntu.com'
W: Some index files failed to download. They have been ignored, or old ones used instead.

$ ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.27.185.135  netmask 255.255.240.0  broadcast 172.27.191.255
        inet6 fe80::215:5dff:fe9c:bead  prefixlen 64  scopeid 0x20<link>
        ether 00:15:5d:9c:be:ad  txqueuelen 1000  (Ethernet)
        RX packets 288  bytes 28495 (28.4 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 25  bytes 1982 (1.9 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Windows terminal 
$ ipconfig

Ethernet adapter vEthernet (WSL):
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::c84e:8628:42fe:cdcf%24
   IPv4 Address. . . . . . . . . . . : 172.27.176.1
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :

[abhirup-dev]

@rm-bergmann Try disabling your firewall and see if it works.

It seems this process is active during apt installs and updates.

[rm-bergmann]

@maverickdas yes I have tried to disable firewall and it still doesn't work. It seems like the problem is DNS resolving. My home PC is WIFI only, that could have something to do with the problem.

I've moved my comments over to this issue as that looks like the exact problem I have.

Thanks for the suggestions.

[Wayc0des-Land]

hi @rm-bergmann

Try this https://gist.github.com/coltenkrauter/608cfe02319ce60facd76373249b8ca6 Thats work for me, but still must disable my firewall

[rm-bergmann]

Hi @dzhenway

Thank you. I have tried that solution a few times, and now tried it with Windows Firewall turned off, and my router Firewall turned off

$ sudo apt update

Error before adding wsl.conf and google's nameserver in resolve.conf

Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease
  Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1560:8001::11).

$ ping google.com
> PING google.com (216.58.213.110) 56(84) bytes of data. 

Error after using google's nameserver in resolve.conf:

Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease
  Temporary failure resolving 'archive.ubuntu.com'

$ ping google.com
> ping: google.com: Temporary failure in name resolution

$ ping 8.8.8.8
> PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

I'm out of things to try now but I'll update if I find a solution. Thanks.

[dsmaher]

For me at least, this is definitely not a DNS resolution issue. I can't ping any IP address directly, including addresses on a local network. I can ping the WSL ethernet interface, but nothing beyond it (not even the host machine's IP).

This works fine on my desktop, but not my laptop. The only relevant thing I can think that could be different is that the laptop has wifi + ethernet (and I switch often between them - dock/undock), but the desktop has only ethernet.

[rm-bergmann]

I have now tested the WIFI vs Ethernet on both my home PC and office PC.

Office PC is on Ethernet, WSL2 works well. I unplugged the ethernet and connected to WIFI and ran sudo apt update in WSL2. It connected fine and I updated and upgraded packages successfully on WIFI.

Home PC is on WIFI. I disconnected WIFI and plugged in an ethernet from the router, checked Internet was working and ran sudo apt update and I got the Temporary failure resolving 'archive.ubuntu.com' error message.

I still have no luck finding a solution.

[CalBR]

For the record, this is now fixed for me on build 18932.

But the problem returned on 19037 and the previous solution doesn't work

[azraelrabbit]

and 19041.1 has the same problem , the previous solution doesn't work too.

[azraelrabbit]

and i' trying to upgrade to insider preview 19536.1000, may be the newer version of windows 10 could resolve this problem.

[CalBR]

19041 seemed to solve the problem until the first reboot. The only solution for me was to include the WSL mac address into Norton firewall trusted devices and restarting WSL.

Ciro

Em qui, 12 de dez de 2019 00:14, Domain notifications@github.com escreveu:

Just update to 19041, problem solved.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/microsoft/WSL/issues/4275?email_source=notifications&email_token=AABM7YMP73R3E76PK73DQ3TQYGM6TA5CNFSM4H6SKCKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGVHGCQ#issuecomment-564818698, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABM7YKMU45OQQPOOIH4ANDQYGM6TANCNFSM4H6SKCKA .

[azraelrabbit]

i was upgrad to 19536.1000, but still not working. and i also reboot multi times.

update

after i run those lines in powershell as administrator, the wsl2 network become normal, dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

then reboot .

after reboot, it's look like working correct.

and actually, i already install wsl before upgrade to 19536.1000.

---

my another pc is 19041.1 , and i use netsh winsock reset resolve the wsl2 network issue on 19041.1

[tremblaysimon]

Does it work when you ping your Windows host WSL ip address from a WSL2 shell?

Here it says that connection failed to my enterprise firewall (on Windows host) that listens on 127.0.0.1...

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic/InRelease  Connection failed [IP: 172.24.176.1 9000]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-updates/InRelease  Connection failed [IP: 172.24.176.1 9000]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-backports/InRelease  Connection failed [IP: 172.24.176.1 9000]
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/bionic-security/InRelease  Connection failed [IP: 172.24.176.1 9000]

/etc/resolv.conf file:

# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.24.176.1

It only worked one time when I upgraded to 19541.1000...

Also, @craigloewen-msft, it didn't work to record a diagnostic log using the feedback tool. It said that it can't start the capture... :(

[jwday]

The following fixed my problem:

Upon examining the contents of /etc/resolv.conf, I discovered the file seemed to have been overwritten or corrupted. It contained nothing but a single line of #@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#...

Using sudo, I overwrote the contents of the file with the following: # This file was automatically generated by WSL. To stop automatic generation of this file, remove this line. nameserver 169.237.250.250 nameserver 169.237.1.250

Saved, restarted WSL, and it worked like a charm.

[vluzrmos]

I reboot windows and it back to work. 🤷‍♂️

[donni106]

@vluzrmos but only temporarily or forever? My solution is also rebooting all the time, but this is very annoying.

[vluzrmos]

@donni106 It's temporary, Im also rebooting every time I turn on wsl2 and It has no internet access

[donni106]

@vluzrmos I found a better solution with restarting the service "LxssManager" from Windows task list. It is faster than rebooting the system and you keep everything opened. Only my WSL-connected VS Code needs a restart afterwards.

Here you can find a discussion about that topic: https://superuser.com/questions/1126721/rebooting-ubuntu-on-windows-without-rebooting-windows

[rm-bergmann]

Finally I solved my problem. I had to set the WSL adapter to 'External Network' in Hyper-V Manager and configure the IP address in WSL2 to work with the bridged adapter. I'll be happy to write up the steps for anyone who is still stuck on this, or see my comment here.

[a-abella]

(Build 19041)

For full disclosure, I do have Docker daemon installed inside WSL, however it was not running at the time that this error was experienced.

I was experiencing a similar network-adapter related issue after the first reboot following initial WSL2 installation, but it didn't seem to be a configuration fault. Netmasks, gateways, and routes all seemed to be correct on the guest and host. However I noticed that the WSL Adapter on the Host reported its IPv4 address as "Duplicate," i.e., experiencing an IP conflict:

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-E8-15-92
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9042:4b6:d026:c76%84(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.12.118(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   IPv4 Address. . . . . . . . . . . : 192.168.96.1(Duplicate)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 1409291613
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-34-8F-9D-D0-50-99-43-FD-72
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

There were no other interfaces using this IP on the host that I could see, so the detection as a duplicate seems to be in error..

I disabled and re-enabled this interface in the Network and Sharing Center, and now the "(Duplicate)" label is gone despite having the same IPv4 address. Last step after resolving the conflict was to restart wsl with wsl --terminate [distro], and now I have networking restored. Don't yet know if this is a permanent fix.

[Rogn]

This issue was resolved on my machine by uninstalling the CheckPoint VPN client. Microsoft Windows [Version 10.0.19041.84]

[adamkeinan]

i use a lot on a daily basis in vmware IT modules and testing load balancers in front certain open source firewall monitoring tools. i can tell you from my experience that without proper planing and being careful its very easy to block vast amount of important incoming communication. i had my fair share of that mistakes.

if some of you are working in parallel project with virtual modules i suggest two things: 1.decrease the number of virtual adapter as much as you can. manipulate main setting and expand them in the module and not the production. 2.use opensource net/routs for your advantage. 3.increase the use of platform based load balancers. 4.virtual adapters aren't so friendly to wsl. most people tend to forget that virtual networks aren't classic protocols but more application protocol.so naturaly there would be collisions. disabling most virtual networks temporarily always solved my problem. this way you can leave your network clean and optimized for incoming connections.

[aguywithcode]

This issue was resolved on my machine by uninstalling the CheckPoint VPN client. Microsoft Windows [Version 10.0.19041.84]

I likewise had interference caused by CheckPoint VPN. Uninstalling it fixed my issue. Now I need to put it on a VM

[Laynkulan]

I Disabled avast firewall and everything worked.

[baruchiro]

@Laynkulan @Rogn I can't uninstall CheckPoint VPN or disable Avast since this is a company machine.

Do you want what the problem is, so I can direct the IT?

[ScottBurfieldMills]

I experienced this issue using WSL2, Windows build 19041.208.

I tried:

• I attempted to see the netmask/ip route default as described above
• Disabled the Firewall
• Restarted the WSL VM

Finally, I restarted Windows and that resolved it.

[genio]

Still getting this issue.

[aaemon]

internet not working in wsl2, but wsl1 is working fine for all distros, I thought I messed up something, completely reinstalled windows, but the problem exists.

[davidAg9]

nothing in the above seems t be working my default ip route exist

[comicat-hu]

I got the same error when using Citrix VPN client in WSL 2 (windows build 19041.208)

[Marietto2008]

I've installed ubuntu 20.04 on WSL2 and I started a VM with qemu and kvm,running mac os x as guest os. It works great,except for the configuration of the net. Infact it is not able to connect to internet. Sometime from WSL I get a 192.x.x.x ip number,like :

192.168.69.65 ; 192.168.71.185 ; 192.168.73.223 ; 192.168.69.33 ; 192.168.100.101

sometime I get a 172.x.x.x ip address,like : 172.22.250.54 ; 172.22.253.128 ; 172.21.138.120 ; 172.22.88.142.

The vEthernet (WSL) adapter on Windows 10 is configued like this : 172.26.80.1 as IP address,subnet mask = 255.255.240.0

I have created a bridge in WIndows 10,between my Intel ethernet adapter and the tap0 / Tap-windows. It's IP is 192.168.1.6 ; subnet mask = 255.255.255.0 ; gateway = 192.169.1.1 ; dns primary = 8.8.8.8

In WSL2 I have configured th network like this :

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# brctl addbr br0 root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# ip addr flush dev eth0 root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# brctl addif br0 eth0

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# tunctl -t tap0 -u root Set 'tap0' persistent and owned by uid 0

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# brctl addif br0 tap0 root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# ifconfig eth0 up root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# ifconfig tap0 up root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# ifconfig br0 up

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# brctl show bridge name bridge id STP enabled interfaces br0 8000.00155d99cfa4 no eth0 tap0

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# dhclient -v br0

Internet Systems Consortium DHCP Client 4.4.1 Copyright 2004-2018 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/br0/00:15:5d:99:cf:a4 Sending on LPF/br0/00:15:5d:99:cf:a4 Sending on Socket/fallback DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 3 (xid=0xbbd3b615) DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 8 (xid=0xbbd3b615) DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 12 (xid=0xbbd3b615) DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 11 (xid=0xbbd3b615)

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# ifconfig

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::215:5dff:fe99:cfa4 prefixlen 64 scopeid 0x20 ether 00:15:5d:99:cf:a4 txqueuelen 1000 (Ethernet) RX packets 172 bytes 43127 (43.1 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 16 bytes 2304 (2.3 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether 00:15:5d:99:cf:a4 txqueuelen 1000 (Ethernet) RX packets 543 bytes 121055 (121.0 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 28 bytes 3280 (3.2 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tap0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 46:88:cb:85:5f:9e txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

root@DESKTOP-N9UN2H3:/mnt/c/Android/sdk/platform-tools# ping www.google.it ping: www.google.it: Name or service not known

I think IPv4 issue can be solved with configuring DHCP, but I don't know how to do that. I dont know why after removing address from eth0, which had an ipv4 address, and creating a bridge,it becomes no ipv4.

[foobarbecue]

Same issue with PulseSecure VPN, which I guess is also #4246

[BennettStaley]

It was NordVPN for me, uninstalled. Works fine.

[michidk]

The following fixed my problem:

Upon examining the contents of /etc/resolv.conf, I discovered the file seemed to have been overwritten or corrupted. It contained nothing but a single line of #@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#...

Using sudo, I overwrote the contents of the file with the following: # This file was automatically generated by WSL. To stop automatic generation of this file, remove this line. nameserver 169.237.250.250 nameserver 169.237.1.250

Saved, restarted WSL, and it worked like a charm.

My file was corrupted but fixing it, didnt get my internet connectivity back. Before WSL crashed a few times when deleting huge folders (node_modules). Maybe thats what corrupted that file.

What helped was the following: On cmd execute:

netsh winsock reset
netsh int ip reset all
netsh winhttp reset proxy
ipconfig /flushdns

in WSL:

sudo bash -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'
sudo bash -c 'echo "nameserver 8.8.4.4" >> /etc/resolv.conf'

found in #3438

[df3l0p]

I don't have the same issues as above. For me the issue is likely that I have no DNS server configured on my VirtualSwitch gateway

$ ip a
[snip]
5: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:46:38:3d brd ff:ff:ff:ff:ff:ff
    inet 172.25.55.240/20 brd 172.25.63.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fe46:383d/64 scope link
       valid_lft forever preferred_lft forever
$ ip route
default via 172.25.48.1 dev eth0
172.25.48.0/20 dev eth0 proto kernel scope link src 172.25.55.240

When I change my resolv.conf file with a public DNS server, it works.

I want WSL2.0 to use the DNS server configured on my host. I could configure it statically but it can change depending on the network I am in. It would be best to let the vSwich handle that.

Is anyone experiencing the same as me? I am on 19041.264

[mjarosie]

@df3l0p I've experienced exactly the same behaviour. Networking didn't work only in WSL 2, after downgrading Ubuntu to WSL 1 the connectivity issue didn't persist. As @michidk suggested above - I have overwritten the DNS settings with a public DNS server by running

sudo bash -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'
sudo bash -c 'echo "nameserver 8.8.4.4" >> /etc/resolv.conf'

which fixed the issue.

I've just upgraded Windows to version 2004 (OS Build 19041.264) today to test out the new WSL 2.

EDIT: the issue comes back after restart. To fix it permanently: https://gist.github.com/coltenkrauter/608cfe02319ce60facd76373249b8ca6

Note: originally /etc/resolv.conf was a symbolic link to /run/resolv/resolv.conf. Creating a resolv.conf file in /run/resolv didn't fix this issue as it got deleted after invoking wsl --shutdown and restarting Ubuntu. I had to sudo rm /etc/resolv.conf and recreate the file as the gist says.

[rmuddana]

My case it is unable to ping to any of the addresses from WSL 2 when I connect to VPN (Cisco Anyconnect VPN client). I am running Windows 10 Enterprise Version 2004 (OS Build 19041.264)

It did work after conversion from WSL1 to 2 and before reboot. After reboot it screwed up. As i could see the default route is to reach the gateway on the host, that itself failed. Hence it is the main reason for failure.

Tried multiple things and ended up uninstalling WSL2. Afterwards I faced no issues with WSL1. When i checked the difference WSL1 is using windows routes instead of bridging with a dedicated host interface.

I think MS screwed the routing with VPN enabled!

[arminlinzbauer]

It is not a traditional VM so no. You can see it via hcsdiag.exe and container powershell apis though.

Thanks for the info. Anecdotally, it does feel like its related to docker networking.

I seem to have found an acceptable workaround. At login, it takes a while for docker to fully initialize. With that, I added a WSL2 process that uses networking at startup which finishes before docker is initialized. Specifically I'm exporting DISPLAY and loading an X window.

Working so far.

This indeed seems to be the case for me as well.

Windows 10 Pro, Build 19041.264 WSL 2, Running Ubuntu 20.04 from the Windows Store Docker (Engine) version 19.03.8, build afacb8b Docker Desktop version 2.3.1.0 (45408)

Even if I forget to do some networking-related stuff before starting Docker Desktop, I can still connect to the outside from within my docker containers. Just not from within my WSL2 distros...

Very odd indeed.

[aborruso]

Hi, I'm able to connect to the "web" in example via curl, using this

sudo bash -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'
sudo bash -c 'echo "nameserver 8.8.4.4" >> /etc/resolv.conf'

But it's impossible to use python pip. How solve this issue?

Thank you

[aborruso]

Hi, I'm able to connect to the "web" in example via curl, using this

sudo bash -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'
sudo bash -c 'echo "nameserver 8.8.4.4" >> /etc/resolv.conf'

But it's impossible to use python pip. How solve this issue?

Thank you

Solved writing again /etc/resolv.conf :(

[dalvarezquiroga]

My case it is unable to ping to any of the addresses from WSL 2 when I connect to VPN (Cisco Anyconnect VPN client). I am running Windows 10 Enterprise Version 2004 (OS Build 19041.264)

It did work after conversion from WSL1 to 2 and before reboot. After reboot it screwed up. As i could see the default route is to reach the gateway on the host, that itself failed. Hence it is the main reason for failure.

Tried multiple things and ended up uninstalling WSL2. Afterwards I faced no issues with WSL1. When i checked the difference WSL1 is using windows routes instead of bridging with a dedicated host interface.

I think MS screwed the routing with VPN enabled!

Same case for me. A Workaround that works for the moment...

0) With Cisco Anyconnect VPN client - Disconnected 1) Windows +R write 'cmd' 2) wsl --shutdown 3) Connect VPN with CISCO client 4) Start WSL 5) ping www.google.es OK 6) git clone for private server OK