Windows10 WSL2 Ubuntu / Debian # no network

After upgrading from WSL to WSL2

sudo apt-get update

not works any longer. After:

wsl --set-version Ubuntu-18.04 2

Output is:

> sudo apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
  Temporary failure resolving 'security.ubuntu.com'
Err:2 http://archive.ubuntu.com/ubuntu bionic InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Reading package lists... Done
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-updates/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-backports/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/bionic-security/InRelease  Temporary failure resolving 'security.ubuntu.com'
W: Some index files failed to download. They have been ignored, or old ones used instead.

After going back to WSL1 the problem disappears again. Same on Debian and analogous in CentOS .. so WSL2 must have a bug.

The Windows10 build Version is 19041 and was installed today.

Any work around for WSL2? Regards

The generated file /etc/resolv.conf is:

> nameserver 172.24.0.1

..had to change it to

> nameserver 8.8.8.8

which resolves the problem

Original Answer:

In my case I was using a VPN in Windows, when disconnecting from the VPN the problem was resolved.

Edit:

However, this is becoming a wider issue, it's happened again to me and I've solved it by removing Hyper-V Virtual Switch Extension Adapter.

The two solutions most widely used at the moment for this issue are:

1 Prevent /etc/resolfv.conf to become "corrupted"

1. Create a file: /etc/wsl.conf.
2. Put the following lines in the file

[network]
generateResolvConf = false

3. In a cmd window, run wsl --shutdown
4. Restart WSL2
5. Create a file: /etc/resolv.conf. If it exists, replace existing one with this new file.
6. Put the following lines in the file

nameserver 8.8.8.8

7. Repeat step 3 and 4. You will see git working fine now.

> Credits to NonStatic who shared it on github

2 Remove corrupted Network Interface Drivers (could be permanent)

1. First go to device manager

2. Show hidden devices

3. Delete all Hyper-V Virtual Switch Extension Adapter

> Credits to Jaysonsantos who shared it on GitHub

I was experiencing the same issue.

Do cat /etc/resolv.conf, and see if the output has something like this:

# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.X.X.X

You'll need to change the nameserver to 8.8.8.8, so run sudo nano /etc/resolv.conf, edit and save the file.

However, this is more or less a temporary solution, as you'll need to do this every time WSL starts. You might wanna run a script that checks the nameserver and updates it to 8.8.8.8 every time you reboot wsl. This change does work for my WSL2-Debian. But I don't need to restart the WSL.

Most probably, the Distribution gets its own virtual adapter, first there are some steps you might try:

1. Need to check if the packets really go through the Windows firewall Then check %systemroot%\system32\LogFiles\Firewall\pfirewall.log

2. If packets are not going through firewall most likely the distribution gets it's own Virtual Adapter, check what IP gets distribution from inside Debian with:

   ifconfig

or if you don't have ifconfig:

perl -MSocket -le 'socket(S, PF_INET, SOCK_DGRAM, getprotobyname("udp"));
connect(S, sockaddr_in(1, inet_aton("8.8.8.8")));
print inet_ntoa((sockaddr_in(getsockname(S)))[1]);'

or ipconfig on the Windows WSL2 host machine and look what IP takes the machine unde WSL adapter

3. If you need to have access to the internet through the Windows IP check this issue: https://github.com/microsoft/WSL/issues/4150

The work around is to use a script that does :

a. Get Ip Address of WSL 2 machine

b. Remove previous port forwarding rules

c. Add port Forwarding rules

d. Remove previously added firewall rules

e. Add new Firewall Rules

$remoteport = bash.exe -c "ifconfig eth0 | grep 'inet '"
$found = $remoteport -match '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';

if( $found ){
  $remoteport = $matches[0];
} else{
  echo "The Script Exited, the ip address of WSL 2 cannot be found";
  exit;
}

#[Ports]

#All the ports you want to forward separated by coma
$ports=@(80,443,10000,3000,5000);


#[Static ip]
#You can change the addr to your ip config to listen to a specific address
$addr='0.0.0.0';
$ports_a = $ports -join ",";


#Remove Firewall Exception Rules
iex "Remove-NetFireWallRule -DisplayName 'WSL 2 Firewall Unlock' ";

#adding Exception Rules for inbound and outbound Rules
iex "New-NetFireWallRule -DisplayName 'WSL 2 Firewall Unlock' -Direction Outbound -LocalPort $ports_a -Action Allow -Protocol TCP";
iex "New-NetFireWallRule -DisplayName 'WSL 2 Firewall Unlock' -Direction Inbound -LocalPort $ports_a -Action Allow -Protocol TCP";

for( $i = 0; $i -lt $ports.length; $i++ ){
  $port = $ports[$i];
  iex "netsh interface portproxy delete v4tov4 listenport=$port listenaddress=$addr";
  iex "netsh interface portproxy add v4tov4 listenport=$port listenaddress=$addr connectpor t=$port connectaddress=$remoteport";
  }

An alternative solution is to go to Hyper-V Manager and change the Virtual Switch that is bound to the physical NIC

I solved the issue changing /etc/resolv.conf to:

nameserver 8.8.8.8

and then

$ sudo chattr -f +i /etc/resolv.conf

actually 'locks' the file with the +i==immutable attribute and hence cannot be regenerated by the OS. This way the user-modified /etc/resolv.conf will be persistent.

I found creating the /etc/wsl.conf didn't work, but left it anyway:

[network]
generateResolvConf = false

For me, I had a fresh Ubuntu 20.04 WSL instance, after installing apache and allowing the apache profile using this command

sudo ufw allow in "Apache"

Then,

sudo service ufw start && sudo ufw enable

I noticed that this issue has triggered and after disabling the firewall again using

sudo ufw disable && sudo service ufw stop

everything worked just fine.

it worked for me, i'm using CiscoAnyConnect for VPN

Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 4000

Get-NetIPInterface -InterfaceAlias "vEthernet (WSL)" | Set-NetIPInterface -InterfaceMetric 1

Credits: Cisco AnyConnect

I had the same error when I applied Windows NTFS drive compression on disk C:. Further investigation shown, that compression of only two folders leads to that error:

1. WSL folder (%LocalAppData%\Packages\CanonicalGroupLimited*)
2. %TEMP% (i.e. C:\Users\<Username>\AppData\Local\Temp)

So you if you have Temporary failure resolving... error with sudo apt-get update on WSL I recommend not to apply NTFS disk compression to system drive at all, or at least keep that two directories uncompressed.

Also don't forget to reboot your WSL in CMD or PowerShell terminal after uncompression with wsl --shutdown

Run these commands on cmd:

$ wsl --shutdown
$ netsh winsock reset
$ netsh int ip reset all
$ netsh winhttp reset proxy
$ ipconfig /flushdns
$ netsh winsock reset
$ shutdown /r 

Check what antivirus you are using. I was having McAfee and endpoint security enabled. If disconnect End Point security firewall connectivity will work straightaway (no reboot required).

https://kc.mcafee.com/corporate/index?page=content&id=KB91411

Maybe it was a coincidence, but activating Hyper-V by running Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All in Powershell as administrator and restarting appeared to solve the issue for me when nothing else did. I had tried most solutions except the one involving Hyper-V Manager; I was activating Hyper-V to try that one but ultimately I didn't have to do anything else.

If it was a coincidence, it is possible the archive.ubuntu.com servers were temporarily unavailable. The fact that I never lost the ability to ping other addresses supports this. A comment on this AskUbuntu question states:

> Sometimes you find the servers unavailable or being down . . . Usually the problem solves itself after a while.

In other words, sometimes this issue is server-side. I don't think anyone here has mentioned that possibility yet.