New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNS issues in WSL2 #8365
Comments
Hi, Even modifying the /etc/resolv.conf is not working anymore. |
I am getting this issue on fresh installation of Windows 11 with WSL2 Ubuntu image, really annoying issue! [WSL] Attached are the logs. NOTE: ON Windows 11 I got this error when running the capture so they may be incomplete? |
@CraigHutchinson , your comment appears to mimic what I'm seeing, where the problem is somehow in the routing and not just the name resolution. Have you found any workarounds? |
There were multiple open issues, all about the functionally same issue. Hence, as the initial description says, this exists to merge and declutter them. |
If this leads to a fix, this is a great outcome. However the way it was handled may alienate the community. i.e., closing all the related issues without discussion or a clear reason provided in those issues. |
It might be to do with Windows Defender settings. resolv.conf and wsl.conf based approach didn't work for me. On Windows 11, Go to Windows Security (from system tray, right click on Windows Security icon and select "View security dashboard" or simply search for "Firewall and network protection" after you press the windows key). Within the Firewall and network protection page, you should see Domain network (if domain connected), Private network, Public network. Go for the private network an turn it off temporarily as a workaround. Hope this helps. |
I may have found another way to fix this. Originally I had this problem after using a proxy software. I just edited resolv.conf. It worked well until I realized that I also couldn't ping to Windows from WSL. For some reason, the vEthernet (WSL) adapter on my PC was treated as a public network. Disabling public firewall or turning off the option "block all incoming connections, including those in the list of allowed applications" in Control Panel fixed everything. I also attempted to change its connection profile to private using PowerShell, but |
This seems to be a fix for me too, Windows Firewall must be blocking DNS queries originating inside the WSL VM from reaching the DNS server at the host. |
Tried to disable Windows Defender Firewall on Windows 10, doesn't help. |
Windows 10 with Ubuntu 20 in WSL2 : got some reproducible failures today for the first time; and it's confirmed something I've suspected but never been able to prove.. that there might be a connection with running the docker daemon. Everything is working correctly (as fas as DNS goes), start the docker daemon (just a plain Logs attached. |
For me #7555 gave really good pointers for fixing the issue. Fixes that works for me:
I cannot recommend either of those to anyone because the first solution just breaks security and the second one might open some vulnerabilites. |
My vEthernet (WSL) connection on a fresh Windows 11 install came with a Public profile too. I normally have "Blocks all incoming connections, including those in the list of allowed apps" enabled in the Windows Defender Firewall for untrusted networks, but I had to disable it to fix DNS resolution in WSL2. The WSL2 Hyper-V virutal switch is an internal one and is not shared with your host adapter, so theoretically it shouldn't be a security issue for this network to be assigned a Private profile instead of a Public one. That said, I don't see how I can change it since the adapter doesn't show up in Network and Sharing Centre or Settings, and it doesn't show up in the registry ( |
Can you change it via Set-NetConnectionProfile in an elevated PowerShell prompt? |
Upd: oh, I misread your comment. I thought you disabled firewall, but you instead kept it enabled while resetting its settings to default. Cool that it helped. |
I just reinstalled Ubuntu and now it works... Made no changes to anything else so I guess something got fixed? |
Hi folks, we have put out a new update that aims to address networking issues in WSL. In your More info on this release and the changes can be found here in the blog post. Please note: You need to be on a Windows Insiders version to use the new networking settings (Any channel of Windows Insiders will do, including release preview). If you see the "These are not supported" messages it means that your current Windows version doesn't have support, and you will need to upgrade. These features will eventually be coming to Windows 11 22H2. |
This news is much appreciated. Will these features be eventually supported in Windows 10 as well? |
Upgrading to pre-release version and adding the experimental networking mode sorted this out for me - thanks! |
Thank you. Now I don't have to turn off the firewall for WSL2 to resolve names. I recalled there were only lo and eth0 listed with 'ip addr' command. After the pre-release update, 'ip addr' command shows all network interfaces including Wi-Fi and VPNs. |
These new networking features are now available on the latest version of Win11 22H2! @matkozak this work is currently not planned to go back to Win10. Please make sure you're on the latest build to get these features, you can do that by clicking "Check for Updates" in Windows settings. You can check you have the right build by either ensuring you have KB5031354 installed, or run |
According to that page, KB5031354 has absolutely nothing to do with WSL2. |
Confirmed KB5031354 fixed the WSL2 DNS issue for me. |
Just in case it helps anyone, I had previously used the |
This may be completely unrelated, but maybe it works for some people (worked for me). I am using NordVPN, and with the "Stay invisible on LAN" setting ON, I get "Temporary failure in name resolution" error. When I switch if off, things work as expected. So if other solutions don't work for you, and you're using a VPN (NordVPN or other), you may try and debug issues on that end. |
This is just a fancy way to say "we'll inject random rules in your system firewall and break things". Absolutely identical to |
Sorry for the DNS issues. We have updated our troubleshooting documentation with Firewall configuration compatibility issues, and a workaround for an OS bug. https://github.com/MicrosoftDocs/WSL/blob/main/WSL/troubleshooting.md#troubleshooting-dns-in-wsl It has suggestions for various VPNs as well. |
My real challenge was that Run: It's a link file you can resolve this issue using the following steps
# [network]
# generateResolvConf = false
nameserver 1.1.1.1 # Cloudflare public DNS
Unfortunately, this solution is not sticky. You have to redo it every time WSL2 looses connection. |
if none of above worked for you check if DNS resolution works with TCP with |
I'm having the same issue WSL version: 2.0.14.0 |
Is it at all possible to reconsider this decision? Thank you very much! |
Hi, I don't know if this helps on this issue, because it seems to be happening to quite a few people and I wanted to avoid opening an issue just for this, as I have found a temporary workaround. https://gist.github.com/coltenkrauter/608cfe02319ce60facd76373249b8ca6?permalink_comment_id=5017885#gistcomment-5017885 I may have a VPN (paid licence), but it isn't used that often - unknown if that played a role in the DNS resolution failing |
Version
Multiple Windows builds are affected
WSL Version
This issue is here to merge DNS related issues in WSL2.
Symptoms include:
Temporary failure in name resolution
This issue does not cover scenarios where /etc/resolv.conf is manually edited.
If you're hitting this, please upvote / comment and upload logs
The text was updated successfully, but these errors were encountered: