WSL2 DNS stops working

[jordansissel]

Please fill out the below information:

• Your Windows build number: (Type ver at a Windows Command Prompt)

Microsoft Windows [Version 10.0.18932.1000]

• What you're doing and what's happening:

> bash
% host google.com
;; connection timed out; no servers could be reached

• What's wrong / what should be happening instead: DNS resolution should work

/etc/resolv.conf:

% cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.19.224.1

To my knowledge, I didn't change anything. This has happened a few times, and rebooting fixes it. Sometimes just doing wsl --shutdown is sufficient to fix it. It correlates with my workstation going to sleep and resuming later with DNS in WSL2 not working.

[jordansissel]

Whatever provides the internal WSL2 dns seems busted, but other dns servers are successful:

% cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.19.224.1

% host google.com 172.19.224.1
;; connection timed out; no servers could be reached

% host -t A google.com 1.1.1.1
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases:

google.com has address 216.58.194.174

[lkuich]

@jordansissel This started happening to me yesterday, but it seems my whole network is busted:

$ host -t A google.com 1.1.1.1
;; connection timed out; no servers could be reached
$ ping 8.8.8.8
connect: Network is unreachable

Running with AV and Firewall disabled.

EDIT: I disabled, restarted, and re-enabled the WSL and Virtual Machine Windows Features and it looks to work now.

[develleoper]

I ran into this same issue; resolved for now after removing etc/resolve.conf and resetting the entire dns config via the resolvconf package, pointing to cloudflare's 1.1.1.1.

[heamaral]

Maybe it is related to this: #4275

[bmwynne]

Using build: 18932.1000: I ran into this issue on Ubuntu also. Sometimes rebooting windows host and executing wsl --shutdown works. Will look into it further as it occurs and check back on solutions.

[astamos]

I am seeing this same DNS behavior on Build 18941. The local DNS server is not responding but I can route out to the internet and everything works fine once I set a manual resolv.conf. Using both the official Kali and Ubuntu distros in the store, converted to WSL 2. I have no other Hyper-V VMs.

Ifconfig:

bond0: flags=5122<BROADCAST,MASTER,MULTICAST> mtu 1500 ether 0a:b1:11:d2:aa:66 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.201.80 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::215:5dff:fe9a:1fe3 prefixlen 64 scopeid 0x20 ether 00:15:5d:9a:1f:e3 txqueuelen 1000 (Ethernet) RX packets 11 bytes 1507 (1.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 16 bytes 1232 (1.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 8 bytes 560 (560.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 8 bytes 560 (560.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

sit0: flags=128 mtu 1480 sit txqueuelen 1000 (IPv6-in-IPv4) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[mahsoommoosa42]

Facing the same issue on 18956. manually setting resolv.conf is a temporary solution. adding generateResolvConf to false did not affect anything. What's with that ip address (one starting with 172) though? have never seen it before

[mahsoommoosa42]

Facing the same issue on 18956. Git and Ping does not work.

[non-static]

My workaround:

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

   [network]
   generateResolvConf = false

3. In a cmd window, run wsl --shutdown
4. Restart WSL2
5. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
6. Put the following lines in the file

   nameserver 8.8.8.8

7. Repeat step 3 and 4. You will see git working fine now.

[mahsoommoosa42]

Yeah. I did the same. I suppose it's occuring due to the modifications to network settings with the last fast ring update.

Get Outlook for Androidhttps://aka.ms/ghei36

---

From: NonStatic notifications@github.com Sent: Saturday, August 17, 2019 9:09:55 AM To: microsoft/WSL WSL@noreply.github.com Cc: mahsoommoosa42 mahsoom_m@outlook.com; Comment comment@noreply.github.com Subject: Re: [microsoft/WSL] WSL2 DNS stops working (#4285)

My workaround:

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

[network] generateResolvConf = false

1. In a cmd window, run wsl --shutdown
2. Restart WSL2
3. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
4. Put the following lines in the file

nameserver 8.8.8.8

1. Repeat step 3 and 4. You will see git working fine now.

— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FWSL%2Fissues%2F4285%3Femail_source%3Dnotifications%26email_token%3DAFA4ITLUCJ7RBWMFDIP3MHLQE5XIXA5CNFSM4H65IQMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4QCPPI%23issuecomment-522201021&data=02%7C01%7C%7C73660638a70d4dbc6c4f08d722c49219%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637016099969731395&sdata=6rg9%2FiwAZkJoOhwhu6sHElqoJptYoS19AbuYTY5flPw%3D&reserved=0, or mute the threadhttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAFA4ITMQRWJZKXU26K6BC33QE5XIXANCNFSM4H65IQMA&data=02%7C01%7C%7C73660638a70d4dbc6c4f08d722c49219%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637016099969741400&sdata=ufzaqjmQaVAOOmGeoirghbUOw9ZddYre3JAnJcprh5k%3D&reserved=0.

[nonbeing]

@Klein-Hu : tried your workaround, followed your steps, but it doesn't seem to be working for me.

My /etc/resolv.conf file is getting wiped out every time I relaunch wsl2 :-/

[mahsoommoosa42]

Did you enter 'wsl --shutdown' into the cmd?

---

From: ambar notifications@github.com Sent: Wednesday, September 11, 2019 2:36 PM To: microsoft/WSL WSL@noreply.github.com Cc: mahsoommoosa42 mahsoom_m@outlook.com; Comment comment@noreply.github.com Subject: Re: [microsoft/WSL] WSL2 DNS stops working (#4285)

@Klein-Huhttps://github.com/Klein-Hu : tried your workaround, followed your steps, but it doesn't seem to be working for me.

My /etc/resolv.conf file is getting wiped out every time I relaunch wsl2 :-/

— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/microsoft/WSL/issues/4285?email_source=notifications&email_token=AFA4ITKHNAZWNB7F7W6376LQJCYK7A5CNFSM4H65IQMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6NZ27Y#issuecomment-530292095, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AFA4ITLPNO6V63C5UXARNC3QJCYK7ANCNFSM4H65IQMA.

[nonbeing]

Yes, I did.

[mahsoommoosa42]

I'm not on Insiders anymore. So, I'm not sure if anything has changed in between.

---

From: ambar notifications@github.com Sent: Wednesday, September 11, 2019 11:01 PM To: microsoft/WSL WSL@noreply.github.com Cc: mahsoommoosa42 mahsoom_m@outlook.com; Comment comment@noreply.github.com Subject: Re: [microsoft/WSL] WSL2 DNS stops working (#4285)

Yes, I did.

— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/microsoft/WSL/issues/4285?email_source=notifications&email_token=AFA4ITIBLVEDLIBFTQUXDVLQJETQ3A5CNFSM4H65IQMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6PIQ6A#issuecomment-530483320, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AFA4ITOQIJFP2RJ6C5KJ6TTQJETQ3ANCNFSM4H65IQMA.

[onomatopellan]

@nonbeing make sure resolv.conf is a file and not a link

ls -la /etc/resolv.conf
-rw-r--r-- 1 root root 185 Sep 11 16:32 /etc/resolv.conf

[VictorGaiva]

My workaround:

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

[network]
generateResolvConf = false

1. In a cmd window, run wsl --shutdown
2. Restart WSL2
3. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
4. Put the following lines in the file

nameserver 8.8.8.8

1. Repeat step 3 and 4. You will see git working fine now.

wsl --shutdown doesn't seem to work for me wslconfig.exe /terminate Ubuntu does

[h0tw1r3]

Running insider 10.0.18980.1, kernel 4.19..67 Seems as if the dns resolver running on 172 is single threaded? Request that timeout seem to block.

[Rhahkeem]

Just started seeing this today after an update as well

Microsoft Windows [Version 10.0.18980.1]

[coltenkrauter]

I made a gist with @Klein-Hu 's instructions. They worked like a charm for me.

Fix DNS resolution in WSL2

[h0tw1r3]

For anyone seeing this, the "fixes" proposed are merely a workaround to the problem. In situations where internal/private DNS servers (eg. corporate or home network), DNS will not resolve as expected.

I consider this a critical bug.

[radix]

Starting the docker daemon (inside of WSL2) seems to trigger this for me, very reliably.

C:\Users\radix> wsl --shutdown
C:\Users\radix> wsl

radix@DESKTOP-HOBTFB6:/mnt/c/Users/radix$ cd

radix@DESKTOP-HOBTFB6:~$ host google.com
google.com has address 172.217.14.174
google.com has IPv6 address 2607:f8b0:4000:813::200e
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.

radix@DESKTOP-HOBTFB6:~$ sudo service docker start
[sudo] password for radix:
 * Starting Docker: docker                                                                                       [ OK ] 

radix@DESKTOP-HOBTFB6:~$ host google.com
;; connection timed out; no servers could be reached

[radix]

Also, this doesn't seem to be resolved for me by switching to a different nameserver. It seems that after starting docker, eventually all network I/O completely stops working in my WSL2 environment.

[radix]

I have reason to believe that this behavior STARTED happening with the latest update of Windows Insider. I'm on build 19013.1.

[zot]

I'm on 19018.1 and it's taking sometimes 30 seconds to resolve a name with Google's name servers in /etc/resolve.conf.

I uninstalled Docker Desktop and that didn't change the behavior.

[pludov]

Same symptom here.

However, I figured out that :

• the problem is triggered by a lookup of a non qualified hostname (dig anotherserver)
• the lookup of the non qualified hostname takes 10s to fail, and make the DNS unresponsive for 20s.
• failures seem to be queued ! (meaning if lots of resolutions fail at the same time, the service will take longer than 20s to recover)

[joewood]

The fix to disable WSL/restart/enable WSL/restart in the "Windows Features" settings fixed it for me. The problem does seem related to the docker daemon.

[jefferai]

This stopped working for me after upgrading to 19033 (slow ring). Disable WSL/restart/enable WSL/restart did not fix it. Note that I don't have the Docker daemon running inside WSL, although I do have it running on the host and exposed to the WSL instance.

[neojp]

Same here. I did a Windows Update to build 1903. I have a pending Windows Update, will try that today.

Edit: It started working again after the update. My best guess would be that restarting the computer helped with this, but I can't really tell ¯\_(ツ)_/¯

[jefferai]

It's actually even worse: it appears that the ability to tell wsl to stop updating resolv.conf doesn't work anymore, making it really hard to work around this.

Here's my /etc/wsl.conf:

[automount]
enabled     = true
crossDistro = true
root        = /mnt/

[network]
generateResolvConf = false

But every time my host network changes it's updating resolv.conf anyways.

[zot]

I have 10933 (fast ring) and DNS seems to be working fine now.

Also, I just disabled/enabled WIFI and that did not overwrite /etc/resolv.conf (I added a comment and the file stayed the same).

[jefferai]

It seems you might have to restart WSL entirely for the config file changes to be picked up, it's not read on each connection change.

Still would prefer not to need that workaround though.

[hwasoocho]

@radix have you found a solution or workaround to this issue? My WSL is also giving me different trace routes before and after starting docker daemon. Before docker daemon, traceroute would hop to windows host first. But after starting docker daemon, it would hop to router directly.

[radix]

@hwasoocho no, sorry. After some time (and maybe some windows updates) it magically stopped being a problem.

[hwasoocho]

I just reinstalled windows to fix this issue. Quite a dramatic workaround, but stating it just in case anyone is wondering if reinstalling works.

[dezza]

This happened suddenly, I just removed /etc/resolv.conf rebooted and let it regenerate the file, this makes sure you are not hardcoding your DNS server for easing further troubleshooting and keeping installation as close to defaults as possible. Most people want the DNS to follow in WSL if you decide to tether internet via phone, use VPN provider etc.

[m4t7e0]

My workaround:

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

[network]
generateResolvConf = false

1. In a cmd window, run wsl --shutdown
2. Restart WSL2
3. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
4. Put the following lines in the file

nameserver 8.8.8.8

1. Repeat step 3 and 4. You will see git working fine now.

wsl --shutdown doesn't seem to work for me wslconfig.exe /terminate Ubuntu does

wsl --terminate works!

[steps0x29a]

My workaround:

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

[network]
generateResolvConf = false

1. In a cmd window, run wsl --shutdown
2. Restart WSL2
3. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
4. Put the following lines in the file

nameserver 8.8.8.8

1. Repeat step 3 and 4. You will see git working fine now.

Ran into the same issue yesterday and couldn't figure out why. That workaround actually solved the issue for me, thanks!

[alexign]

Simple restart of internet connection service sharing fix this issue. It happens everything after massive reverse dns resolving in my python script. Im on slow ring now. Also sporadically happens in common daily activity- git, vpn, vscode. Will try fast ring upgrade.

[carlosparamio]

Perhaps related: I just noticed that something has being creating tons and tons of inbound rules at the Windows Firewall configuration relative to port 53 (DNS):

They are all of two types:

HNS Container Networking - ICS DNS (TCP-In), associated to svchost.exe. HNS Container Networking - DNS (UDP-In), for any program.

I'm at Windows 10 Pro build 19564 with WSL2, using regularly Ubuntu 18.04.4 LTS and Docker CE 19.03.6 (from the Ubuntu packages provided by Docker [1], not the new experimental Docker for Windows that uses WSL2).

[1] https://docs.docker.com/install/linux/docker-ce/ubuntu/

If they're inbound rules, my first guess is that these are created by WSL2 for a local DNS server used on things like localhost resolution to the ip address of the WSL2 network interface.

It concerns me that so many rules have being created at the firewall, and I'm unsure about removing them, but could it be related that this registration process somehow fails, or it works but the addition of so many rules delays the actual DNS responses?

[hardik-id]

Just for the info, if your DNS stops working only after connecting to Cisco AnyConnect VPN, check out https://github.com/microsoft/WSL/issues/4277#issuecomment-561649724

[raphaelpreston]

@non-static thank you so much, that resolved it on my Windows 10 Ubuntu 18.04. You're a hero.

[jlu1202]

I started having this problem after got on build# 10.0.19041 with my kubectl commands. Hopefully, it can be resolved in the immediate future builds but for now I work around it by doing a 'wsl -t ubutun' followed by a ipconfig /flushdns.

[jjesse]

Good evening, I noticed this happening to me and after some googling I came across this bug report. I installed the Ubuntu 20.04 package from the Microsoft Store and that build does not have the problem with getting out to the network. The Ubuntu 18.04 build that came with wsl2 I believe still has the problems and the work arounds here worked.

[bergkvist]

Using nameserver 1.1.1.1 in /etc/resolv.conf allows me to reach the internet - but doesn't allow me to reach the NAT-network behind my router. In my case, this is a deal breaker. Seems I'll be forced back to using linux as my base OS instead of Windows.

[DarthJahus]

Installed WSL 2 today on 19041.264

Network is unreachable from Ubuntu 20.04 vEthernet (WSL) adapter is correctly created and its IP is 172.23.64.1 However, even that IP is unreachable from inside WSL 2.

Changing the content of /etc/resolv.conf (and of /etc/wsl.conf doesn't help).

ifconfig doesn't return anything at all.

Going back to WSL 1 for stability for now. I hope this gets fixed fast as it's a breaking issue.

[rogusdev]

Fresh install of Ubuntu 20.04 from windows store after upgrading to win10 2004 for wsl2 -- cannot ping google.com, etc inside my new VM :( but by IP works fine ping 172.217.10.142 so DNS definitely busted at the start.

I followed the workaround from the very helpful and heavily emojied post above https://github.com/microsoft/WSL/issues/4285#issuecomment-522201021 and pinging external domains works now:

# in WSL
cat << EOF | sudo tee -a /etc/wsl.conf
[network]
generateResolvConf = false
EOF

# in cmd
wsl --shutdown

# in WSL
sudo rm /etc/resolv.conf && echo -e "nameserver 8.8.8.8" | sudo tee -a /etc/resolv.conf

(btw --shutdown is correct, not --terminate -- at least now, in the public release of win10 2004)

[nodew]

@rogusdev Does it work well with a VPN? For me, it doesn't work when my system connect to corp vpn, while the default config works.

[rogusdev]

@nodew no VPN in my situation

[DarthJahus]

@rogusdev's solutions don't work for me. And as I said, ifconfig doesn't return anything. VPN or no, same.

I don't understand why WSL2 devs are using VM adapter instead of mapping real hardware directly like in WSL1.

[qhaas]

Just updated to the production version of windows 10 v2004, installed WSL2 and Ubuntu 20.04 from the Windows Store and verified via powershell it was using WSL2. I am not on a VPN, nor am I using a proxy. My firewall/antivirus are but those of Microsoft's that ship with Windows 10 Pro for Workstations.

I too noticed DNS wasn't working inside the WSL2 Ubuntu 20.04 environment. Adding the Google DNS servers to '/etc/resolv.conf' resolves the issue, but my changes to '/etc/resolv.conf' keep getting reverted every time I restart despite adding the blurb to '/etc/wsl.conf' mentioned above by @non-static