Join Log in
Score:1
LightJack05 avatar Ubuntu

DNS not working on WSL

us flag
LightJack05

I'm currently using an Insider build of Windows 11. (22458)

However, I had this problem a few times on other builds. (and wsl worked before)

When I start wsl, I'm not able to do a DNS request. (Pinging an IP address directly works.)

I tracked this problem down to the file: /etc/resolv.conf

It includes the DNS server address.

The default is: 172.22.192.1

However, this one doesn't work.

If I change it to 1.1.1.1 (Cloud Flare DNS) it works again.

However, after every restart of wsl it changes it back to the default.

There is a file called wsl.conf in which I can disable generating this file, but if always just deletes the file entirely after every reboot.

So how can I fix this?

My first Idea was to completely reset wsl, but neither resetting the app, nor reinstalling WSL via features fixed it.

Does anyone have another idea what to do?

7027
0 + 0
dns
NotTheDr01ds avatar
vn flag
NotTheDr01ds
Are you using a VPN that might change the resolver when it is active?
0
Reply
NotTheDr01ds avatar
vn flag
NotTheDr01ds
Just a heads-up that I've deleted my answer since it was for WSL/Ubuntu on Windows 10, and Win 11 definitely behaves differently. I'll try to see if I can figure out how to fix it on Ubuntu under Windows 11.
0
Reply
LightJack05 avatar
us flag
LightJack05
@NotTheDr01ds OMG I just realized the problem is my firewall. Its blocking the DNS request from the linux VM. What is WSL listed as in firewall settings, so I can whitelist it? Or even better, how can I select that the Connection to WSL is a private network?
0
Reply
NotTheDr01ds avatar
vn flag
NotTheDr01ds
Interesting - Are you sure its the Windows Firewall that's blocking it? My Win11 VM is set to Public for the VM itself, but I can still connect to it through RDP, and the WSL instances within it are resolving DNS with no problem. I don't know of a way to change the WSL vNIC to Private -- In fact, in Windows 11, the vNIC seems to be hidden from the Windows UI entirely (but still shows up with ipconfig). But I'm wondering if maybe the Pi-hole could be refusing the WSL instance?
0
Reply
NotTheDr01ds avatar
vn flag
NotTheDr01ds
Anyway, what happens if you (temporarily) change the entire Win11 network profile to "Private" (if you are on a "safe" network, at least) - Any difference in how WSL responds? (also, thanks for @tagging me so that I got a notification!)
0
Reply
NotTheDr01ds avatar
vn flag
NotTheDr01ds
Also, given that we're thinking this is more a problem on the Windows side (it's definitely *not* Ubuntu related), and you haven't had any other replies from anyone on Ask Ubuntu, it might be time to delete this one and recreate the question on [Super User](https://superuser.com).
0
Reply
NotTheDr01ds avatar
vn flag
NotTheDr01ds
And a potentially relevant [Super User answer](https://superuser.com/a/1496354/1210833). At least as of two years ago it wasn't possible to set the WSL vNIC to private. I haven't seen any indication that it would be different, but Win11 does seem to have some pretty substantial changes in this area.
0
Reply
LightJack05 avatar
us flag
LightJack05
@NotTheDr01ds Ok, I guess I'll head over to the Microsoft community. I'll try to figure out how to change the Network profile to private (Its showing as unidentified in windows security and not at all in network settings). The actual problem was that I had selected for the Windows firewall to block anything incoming when connected to a public network. Thanks for the help!
0
Reply
LightJack05 avatar
us flag
LightJack05
@NotTheDr01ds In case you want to take a look at the question, here is a link: https://answers.microsoft.com/en-us/windows/forum/all/change-the-wsl-network-profile-from-public-to/c62b7bc3-8faf-44bc-8b67-848357352534
0
Reply
Score:1
Anthony M avatar Ubuntu
cn flag
Anthony M

This is a problem with WSL, not Ubuntu or Windows. There are lots of solutions out there, the best one I found https://gist.github.com/coltenkrauter/608cfe02319ce60facd76373249b8ca6

It also includes VPN info, but the steps work without the VPN also.

  1. Run these commands in the Ubuntu terminal.

    cd ~/../../etc # Go to etc folder in WSL.
echo "[network]" | sudo tee wsl.conf # Create wsl.conf file and add the first line.
echo "generateResolvConf = false" | sudo tee -a wsl.conf # Append wsl.conf the next line.
wsl --terminate Debian # Terminate WSL in Windows cmd, in case the OS is Ubuntu not Debian.
cd ~/../../etc # Go to etc folder in WSL.
sudo rm -Rf resolv.conf # Delete the resolv.conf file.

  2. In Windows cmd, PowerShell or terminal with the VPN connected do: Get-NetIPInterface or ipconfig /all for getting the DNS primary and secondary.

  3. With the DNS primary and secondary gotten from step 2. replace the numbers in the next step in the X.X.X.X

  4. echo "nameserver X.X.X.X" | sudo tee resolv.conf (Create resolv.conf and append the line.)

  5. echo "nameserver X.X.X.X" | sudo tee -a resolv.conf (Append the line in resolv.conf)

  6. wsl --terminate Debian (Terminate WSL in Windows cmd, in case is Ubuntu not Debian).

  7. sudo chattr +i resolv.conf

  8. Finally in Windows cmd, PowerShell or terminal:

    Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 6000

Credit: @MartinCaccia, @yukosgiti, @machuu and @AlbesK:
https://github.com/microsoft/WSL/issues/4277
https://github.com/microsoft/WSL/issues/4246

0 + 0
NotTheDr01ds avatar
vn flag
NotTheDr01ds
Welcome to Ask Ubuntu and thanks for your answer! I noticed you already have a downvote, and that's *likely* (although you can never be sure) because your answer boils down to what we call a "link-only answer", which isn't typically allowed here and [may be deleted](https://askubuntu.com/help/deleted-answers). While it's okay (and encouraged) to provide a link as attribution, we ask that you include the relevant details of how to solve the problem directly in your answer. Thanks!
1
Reply
Frank Puck avatar
in flag
Frank Puck
potentially you could add a uudecode into the chain and make what you're doing even more cryptic
2
Reply
Score:1
waltinator avatar Ubuntu
it flag
waltinator

WSL is getting its IP address (and it's DNS server, netmask and other stuff) from Windows' DHCP Server. Either fix it on Windows, or fix the DNS server on 172.22.192.1.

This is a Windows problem, not a Ubuntu problem.

And No, I don't know how Windows does DHCP.

0 + 0
LightJack05 avatar
us flag
LightJack05
Hi, the problem is: I dont have a DNS on this IP. I dont even know what this IP is. Windows is getting its DNS from my router at 192.168.178.1.
0
Reply
in flag
Jan Hudec
@LightJack05 well, you do have a DNS (forwarder) on that IP similar to how systemd-resolved sets up one on 127.0.1.1. The problem is that it gets broken by some network changes, and it would be best to fix that breakage. Unfortunately I haven't seen a good fix for it yet.
0
Reply
Score:0
De Phantom avatar Ubuntu
eh flag
De Phantom

In my case I was running Cisco AnyConnect VPN, and the WSL container was locked out from the outside world. I shutdown the VPN connection and it worked as expected. Hence, be aware that the VPN connection will not permit WSL to see the outside world, as of the time of this post.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.