WSL2 DNS stops working

[jordansissel]

Please fill out the below information:

• Your Windows build number: (Type ver at a Windows Command Prompt)

Microsoft Windows [Version 10.0.18932.1000]

• What you're doing and what's happening:

> bash
% host google.com
;; connection timed out; no servers could be reached

• What's wrong / what should be happening instead: DNS resolution should work

/etc/resolv.conf:

% cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.19.224.1

To my knowledge, I didn't change anything. This has happened a few times, and rebooting fixes it. Sometimes just doing wsl --shutdown is sufficient to fix it. It correlates with my workstation going to sleep and resuming later with DNS in WSL2 not working.

[Fleshgrinder]

I have this issue every now and then. Docker’s WSL2 integration also fails and Docker fails to start if this happens, so I always know right away when I boot my system if the issue crept up again or not. What always works for me to fix this very fast is to open PowerShell enter wsl --shutdown followed by wsl (where I usually do a ping google.com to verify that it worked, but so far it always did) and restart Docker.

Very annoying issue…

[afspear]

@Fleshgrinder , yes. This is a very annoying issue. It gets even worse when paired with VPN. The wsl --shutdown and wsl did not work for me. I'm going to revert to WSL 1 for now.

[comdw]

I'm on build 18632, upgraded an existing WSL v1 Ubuntu distribution to v2 and DNS stopped working. Applied the wsl.conf / resolv.conf fixes but to no avail, DNS just won't work at all. I also tried disabling WSL feature, reboot, enable WSL again, reboot, same thing still.

Just downgraded Ubuntu back to v1, DNS all working fine again. I may try a fresh Ubuntu v2 distribution (can I run this alongside v1 BTW?).

[ps2goat]

I'm on WSL2 with Docker and just downloaded Debian from the store and converted it. I had issues with DNS. apt-get was working, but not pip (python package manager). I also wasn't able to ping google.com, either directly in Debian or in my built Docker container.

After researching the cause of the issue and digging into several things, it turned out that my WSL network adapter did not have manual DNS settings set, but the option for manual settings was selected. I updated the DNS settings, and Docker & Debian were able to both ping google and access the pip package registry!

[kobenauf]

@ps2goat I see the same behavior, i.e. Ethernet adapter is set to obtain DNS server address automatically, but the WSL adapter is set to manual. If I set the WSL adapter to automatic, when I reboot, it is reset to manual again.

[ps2goat]

I left mine as manual and just set the DNS to cloudflare (1.1.1.1). It persisted after a reboot. But yes, it would be nice if it just acquired the default.

[comdw]

Got excited when I found my WSL adapter also had manual DNS with no addresses. Alas, adding 1.1.1.1 here hasn't fixed the issue for me, even tried a reboot (noting that my setting had disappeared on the WSL adaptor and I had to set them again).

EDIT: it seems odd to me, that even if I explicitly tell nslookup the IP of a DNS server it still fails. Does this shed any light on the problem?

> nslookup google.com 8.8.8.8
;; connection timed out; no servers could be reached

> ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=8.56 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=8.97 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=8.72 ms

[ps2goat]

A reboot may not be necessary, but it was the quickest way for the new settings to be applied.

I think I tried shutting down wsl and then killing the docker daemon and restarting it, but I can't remember if I ended up restarting anyway.

[ps2goat]

@comdw - I just checked-- It looks like my DNS settings were reverted, as well. I'm pretty sure I rebooted after changing my adapter settings, but maybe not. I think there's some automatic generation stuff with WSL that appears to be altering the adapter (recreating it, etc.) that reset my manual DNS settings.

The other option I did before looking at my adapter was to set the DNS in the Docker Daemon. I think I'll do that again, but this is annoying. It won't fix the issue with the distro, but it will fix my immediate problem with Docker builds and running containers.

Add this to your docker engine settings and reboot:

  "dns": ["1.1.1.1"],

https://stackoverflow.com/a/44184773/2084315

UPDATE: While getting ready to add that engine setting, I see that I had already set the Docker network settings (though not in the engine settings) to use DNS 1.1.1.1. It looks like after my reboot, that setting started working and worked with my containers. My Debian distro no longer works due to the adapter settings being reset, but I didn't test that distro after my reboot yesterday.

[luochen1990]

Editing /etc/resolv.conf makes DISPLAY="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'):0" not working... Hoping for a better solution to make them both works...

[lanegoolsby]

I am running into this as well after updating a WSL instance from V1 to V2. I can switch back to V1 and things work again. I was able to forcibly prevent the resolv.conf from being updated, but even with that in place doing anything taxing on the network (e.g. apt update) brings the network to a crawl until it dies.

[lanegoolsby]

I was able to work around this somehow... Some additional info that might be useful.

After my last post, I did the following:

1. Set Docker to not use the WSL 2
2. Uninstalled Docker 2.4.xx
3. Installed Docker 2.5.0, this time choosing the WSL option
4. Removed by WSL instances and re-created a new Ubuntu 20.04 instance using WSL V1
5. Followed the above steps to create /etc/wsl.conf, create /etc/resolv.conf, etc
6. Upgraded the Ubuntu instance to WSL V2

I don't think the Docker steps are relevant, but just in case...

Things appear to be stable. I have not rebooted since making these changes but I have wsl --shutdown a couple times and things still work after.

[ps2goat]

Rebooting caused those etc files to be regenerated, for me. It has to do with a virtual network adapter from what I've read, and those get recreated every reboot. (Not a definitive answer!)

[lanegoolsby]

Agree its not a definitive solution but I've rebooted a couple times and the settings hold for me. I posted this for debugging purposes. Seems the order of operation I posted is important.

[peter-jerry-ye]

Editing /etc/resolv.conf makes DISPLAY="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'):0" not working... Hoping for a better solution to make them both works...

This is what you're looking for: export DISPLAY=$(ip route | awk '/default via / {print $3; exit}' 2>/dev/null):0

[ryust-ax]

I've got WSL2 + Docker + Ubuntu (don't remember the version but it's the "latest" from the Store as of September). Same issue popped up for me; I'm on a laptop wireless and just disconnecting from the WiFi and reconnecting fixed it for me. It's not any faster but some of my delay with git push/pull might be unrelated to network behavior.

(I offer this comment for those hoping to avoid reboots or restarts of WSL or related apps.)

[elvirdolic]

I have the same issue. No Connection from wsl2

[trallnag]

@elvirdolic, can you try ping 8.8.8.8?

[elvirdolic]

@trallnag

also not working

[NicolasReyDotNet]

I have the same, the connection works on a fresh reboot then it fails after some time

Example for a apt-get update

My resolv.conf file

We are a lot facing the same issue, I can't believe Microsoft is not giving an official solution, or at least more communication on the issue. I planned to switch on Visual Code using a WSL2 hosted sources, but my nuget packages can't even been restored due to this problem, it's a pain...

[trallnag]

Okay so my issue is definitely connected to Vmware and maybe a combination with the Cisco VPN network adapter.

1. Reinstalled Windows Enterprise with all the corporate goodies.
2. Setup WSL2 but did not change anything about the networking. -> All the networking within WSL2 works great except that I cannot reach servers in the intranet.
3. Installed Vmware Workstation Player -> WSL2 networking stops working, only thing I can do is ping servers. Name resolution and so on is not working.

---

Got it to work by adding outbound / inbound firewall rules for the network adapter used by WSL

[artemrizhov]

Disabling Windows Brandmauer for public networks resolves any issues with connection to the host machine, both to DNS service and to X server.

What about grepping /etc/resolv.conf, I prefer to substitute this with the folloing line, so that connection to the X server does not depent on DNS settings.

export DISPLAY=$(netstat -rn | grep -o "^0.0.0.0 \+\([0-9]\.\?\)\+" | grep -o "[^ ]\+$"):0

Does anybody know how to make the WSL network treated at local instead of public? There should be some settings, maybe in Windows registry.

[lukee1234]

If you modified, moved or compressed the temp folder, look at #5437 for the solution

[Davidrjx]

@nonbeing make sure resolv.conf is a file and not a link

ls -la /etc/resolv.conf
-rw-r--r-- 1 root root 185 Sep 11 16:32 /etc/resolv.conf

mine is a link, but distribution's DNS resolution issue above does not exist

[brccabral]

The fix to disable WSL/restart/enable WSL/restart in the "Windows Features" settings fixed it for me. The problem does seem related to the docker daemon.

this solved for me

[am11]

In my case, the DNS was resolving names just fine on Windows, but not in one of the subsystem distros after I deleted and recreated a WiFi connection in Windows (to fix a different, auto-connect-after-pc-restart, issue).

To fix that I ended up executing the following commands from PowerShell on Windows:

# get the first DNS IPv4 address on Windows
> $DnsIP = (ipconfig /all | Select-String -Pattern 'DNS Server.*: ([\.0-9]+)\s*$' |
                 ForEach-Object {$_.Matches[0].Groups[1].Value} | Select -First 1)
# append distro's resolv.conf with the one from Windows
> wsl -d Ubuntu-20.04 -e sudo sh -c "echo nameserver $DnsIP >> /etc/resolv.conf"
# it prompted for distro password

which updated the subsystem distro (which was misbehaving) with same DNS IPv4 address as Windows 10.

If the distro has only the root user and sudo command is not installed (typically the case with default Alpine install), drop sudo from the command above to skip the password prompt.

We can also do it from Unix shell:

# compatible with distros without `grep -P`
> DnsIP="$(ipconfig.exe /all | grep -E "DNS Server.*: [\.0-9]+\s*$" | grep -Eo "([0-9]+[.0-9]+)")"
> sudo sh -c "echo nameserver $DnsIP >> /etc/resolv.conf"

[gitolicious]

Nice idea. Be aware this command is dependent on your OS language. E.g. in German you need to grep for "DNS-Server.*: [\.0-9]+\s*$" I think we would be better off using pure PowerShell commands to extract the value

Get-DnsClientServerAddress |
  Select-Object -ExpandProperty ServerAddresses |
  Select-String -Pattern '(\d+\.\d\.\d+\.\d+)' |
  ForEach-Object {$_.Matches[0].Groups[1].Value} |
  Select -First 1

Full command would be: PowerShell on Windows:

> $DnsIP = (Get-DnsClientServerAddress | Select-Object -ExpandProperty ServerAddresses | Select-String -Pattern '(\d+\.\d\.\d+\.\d+)' | ForEach-Object {$_.Matches[0].Groups[1].Value} | Select -First 1)
> wsl -d Ubuntu-20.04 -e sudo sh -c "echo nameserver $DnsIP >> /etc/resolv.conf"

WSL:

> DnsIP=$(powershell.exe "Get-DnsClientServerAddress | Select-Object -ExpandProperty ServerAddresses | Select-String -Pattern '(\d+\.\d\.\d+\.\d+)' | ForEach-Object {\$_.Matches[0].Groups[1].Value} | Select -First 1")
> sudo sh -c "echo nameserver $DnsIP >> /etc/resolv.conf"

[tof1a]

Here an other approach to do the same from WSL: powershell.exe 'Get-DnsClientServerAddress -AddressFamily ipv4 | Select-Object -ExpandProperty ServerAddresses | Select -First 3 | ForEach-Object {echo "nameserver $_"}' | sudo tee /etc/resolv.conf > /dev/null You can run this command in wsl each time you have your DNS configuration which have changed. It will configure your /etc/resolv.conf with the top 3 DNS servers (Linux do not support more than 3)

[gitolicious]

An even nicer solution to an ugly problem, thx. I think we should add Get-Unique (or uniq in the WSL world) to avoid duplicates. As previously we appended to the existing reoslv.conf I modified the tee command as well.

❯ powershell.exe 'Get-DnsClientServerAddress -AddressFamily ipv4 | Select-Object -ExpandProperty ServerAddresses | Get-Unique | Select -First 3 | ForEach-Object {echo "nameserver $_"}' | sudo tee -a /etc/resolv.conf > /dev/null

[Ronkiro]

Just a tip, if @tof1a and @gitolicious 's command fails for you, you can also do it manually.

i.e.: Open powershell, execute Get-DnsClientServerAddress -AddressFamily ipv4 | Select-Object -ExpandProperty ServerAddresses | Get-Unique | Select -First 3 | ForEach-Object {echo "nameserver $_"}; Copy the output, open /etc/resolv.conf with vim/nano and then paste it on the file.

[leonheess]

Once you edit resolv.conf, you should do: sudo chattr +i /etc/resolv.conf - which makes the file immutable so it won't be overwritten next time you start WSL. Maybe useful: https://command-not-found.com/chattr

[benjamincburns]

For me the problem was that I had the public profile of Windows Defender Firewall set to block all connections. Setting it back to "Block (Default)" fixed things for me.

I think the bug there is that the public firewall rules are applying to the WSL subnet or adapter. I couldn't find a way to explicitly declare the WSL adapter as a private network, however.

[dano0b]

For me the problem was that I had the public profile of Windows Defender Firewall set to block all connections. Setting it back to "Block (Default)" fixed things for me.

I think the bug there is that the public firewall rules are applying to the WSL subnet or adapter. I couldn't find a way to explicitly declare the WSL adapter as a private network, however.

Thanks a lot, no idea when the firewall happened to me but using the default setting helped me too.

[shyney7]

After changing the nameserver to be able to update my packages I cant use my X-Server (VcXsrv) anymore. Even after setting the X-Server Ip manually in the .bashrc with export DISPLAY=127.0.0.1:0.0 I keep getting errors like "Could not connect to any X display."

[dev-SR]

Following Process not working:

1. sudo nano /etc/resolv.conf
2. Put the following lines in the file nameserver 8.8.8.8

ERROR: [ Error writing /etc/resolv.conf: No such file or directory ]

[Ronkiro]

@dev-SR which distro are you using? Also, using any packages?

[eduherminio]

@dev-SR You probably still have the symbolic link there, delete it first and try again.

[soyfrien]

I found that it did have to to with the Virtual Network adapters. In simple cases it was easiest just to recreate them, in others I noticed VMs had been set to local only.

[olegeech-me]

In my case in wsl2 with Ubuntu a dns server occasionally stops working, restarting "Hyper-V Virtual Ethernet Adapter" "resolves" the issue. I don't expect there will be a fix for that in nearby future, but just wondering if someone's aware of how it can be done in a scripted way?

[rsrini7]

This problem occurs when either hibernate or sleep. Have to restart to resolve this DNS issue.

[LUC18fknU7P]

3 Years and 0 replies from Microsoft, awesome! 🎉🎉🎉

[soyfrien]

3 Years and 0 replies from Microsoft, awesome! 🎉🎉🎉

Did recreating the Virtual Adapters not help?

[zzsuki]

My workaround:

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

[network]
generateResolvConf = false

1. In a cmd window, run wsl --shutdown
2. Restart WSL2
3. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
4. Put the following lines in the file

nameserver 8.8.8.8

1. Repeat step 3 and 4. You will see git working fine now.

it doestn't work for me. anybody has another way?

[illgitthat]

I just encountered this issue and had to restart the local host (restarting WSL didn't seem to have any effect).

[floriankraemer]

I have the same problem since a few weeks now... None of the suggested solutions worked so far. I can't write to resolve.conf:

Also the file links to ../run/resolvconf/resolv.conf.

ls /etc/resolv.conf -l
lrwxrwxrwx 1 root root 29 Aug 12 19:58 /etc/resolv.conf -> ../run/resolvconf/resolv.conf

[preet-serko]

I have the same problem since a few weeks now... None of the suggested solutions worked so far. I can't write to resolve.conf:

Also the file links to ../run/resolvconf/resolv.conf.

ls /etc/resolv.conf -l
lrwxrwxrwx 1 root root 29 Aug 12 19:58 /etc/resolv.conf -> ../run/resolvconf/resolv.conf

The issue I had (and I think it's the same as yours) is that you need to remove the link. Then create a new file /etc/resolv.conf with the nameserver text in it.

It's important to remove the link

I restarted WSL after deleting the link, and after creating the file, and after editing it.

[csnarain]

I'm still facing this dns issue. I believe it's something to do with WSL2 and the host OS (in my case it's Windows 10 Enterprise v1909 - Build 18363.1766). The moment I change WSL version to v1, everything starts working fine. I tried all solutions posted in this thread, but nothing seems to work.

Is anyone else facing this problem? Any help will be much appreciated.

[PCNZ]

I'm still facing this dns issue. I believe it's something to do with WSL2 and the host OS (in my case it's Windows 10 Enterprise v1909 - Build 18363.1766). The moment I change WSL version to v1, everything starts working fine. I tried all solutions posted in this thread, but nothing seems to work.

Is anyone else facing this problem? Any help will be much appreciated.

Yes we have a fleet of machines with this problem and sticking with WSL1. Work arounds using public DNS like Google do work but aren't suitable in or environments. We want WSL to pickup the Windows DNS settings as they change and WSL1 seems to be the only way to have that behavior.

[csnarain]

I'm still facing this dns issue. I believe it's something to do with WSL2 and the host OS (in my case it's Windows 10 Enterprise v1909 - Build 18363.1766). The moment I change WSL version to v1, everything starts working fine. I tried all solutions posted in this thread, but nothing seems to work. Is anyone else facing this problem? Any help will be much appreciated.

Yes we have a fleet of machines with this problem and sticking with WSL1. Work arounds using public DNS like Google do work but aren't suitable in or environments. We want WSL to pickup the Windows DNS settings as they change and WSL1 seems to be the only way to have that behavior.

@PCNZ Thanks for your response. My issue is a but tricky. Unfortunately I cannot move to WSL1 as I use Docker for Windows with WSL2 engine which only supports WSL2. However, the workaround you mentioned (using Google DNS with WSL2) doesn't work for me. Not sure if anyone else is facing this problem as well.

[jondef]

@csnarain I'm facing the same problem. I've tried pretty much everything I believe but nothing has worked. WSL1 is working perfectly fine, however, I'm also using WSL2 as a Docker backend, so that's not a solution. I also need to use a corporate VPN so any workarounds don't work for whatever reason.