I've used WSL Bash/Ubuntu for several years, but for some reason this problem recently appeared.
DNS is unable to resolve any names, both internal and external. The first time I re-installed WSL I think it worked, for a day… but not anymore, even if I reinstall.
From a fresh install of Ubuntu 18.04 from Windows Store:
user@hostname:~$ cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, remove this line.
nameserver <DNS server from wi-fi NIC 1>
nameserver <DNS server from wi-fi NIC 2>
nameserver <DNS server from ethernet 2 (VPN) NIC 1>
search anyconnect.local
user@hostname:~$ ping google.com -c 1
ping: google.com: Name or service not known
user@hostname:~$ ping 8.8.8.8 -c 1
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=16.1 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 16.197/16.197/16.197/0.000 ms
user@hostname:~$ dig +short google.com
user@hostname:~$ dig +short @8.8.8.8 google.com
user@hostname:~$
After modifying /etv/resolv.conf
:
user@hostname:~$ dig +short google.com
user@hostname:~$ cat /etc/resolv.conf
search <internal-domain>.local
search anyconnect.local
nameserver <DNS server from wi-fi NIC 1>
nameserver <DNS server from wi-fi NIC 2>
nameserver <DNS server from ethernet 2 (VPN) NIC 1>
nameserver <DNS server from ethernet 2 (VPN) NIC 2>
nameserver 8.8.8.8
nameserver 8.8.4.4
user@hostname:~$ ls -la /etc/resolv.conf
-rw-r--r-- 1 root root 167 May 28 09:18 /etc/resolv.conf
user@hostname:~$ ping google.com -c 1
ping: google.com: Name or service not known
user@hostname:~$ ping 8.8.8.8 -c 1
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=17.0 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 17.045/17.045/17.045/0.000 ms
# disconnected VPN
user@hostname:~$ dig +short google.com
172.217.21.142
user@hostname:~$ ping google.com -c 1
PING google.com (172.217.21.142) 56(84) bytes of data.
64 bytes from arn11s02-in-f14.1e100.net (172.217.21.142): icmp_seq=1 ttl=53 time=17.4 ms
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 17.445/17.445/17.445/0.000 ms
user@hostname:~$ dig +short google.com
172.217.21.142
# connected VPN
user@hostname:~$ dig +short google.com
user@hostname:~$ ping google.com -c 1
ping: google.com: Name or service not known
user@hostname:~$
As you can see, as soon as I disconnect VPN I have name resolution working flawlessly. However, I stay connected to VPN throughout the day, obviously because it's required to connect to corporate resources.
I'm not dependent on internal DNS on the WSL, though ideally that should work too, but I do need external DNS working.
DNS works as expected locally. I can ping the DNS servers from the VPN NIC, but not the ones from the wi-fi NIC. I've tried reinstalling WSL and also tried using only Google's nameservers in /etc/resolv.conf
. Have not updated WSL as apt
requires DNS…
Windows 10, version 1909
Ubuntu 18.04 from Windows Store
Cisco AnyConnect VPN ("Allow access to local LAN when connected" is checked)
Anyone have any ideas? Where to start?
Best Answer
Resolved.
Ubuntu subsystem (WSL) could not resolve corporate and non corporate domains while on or off vpn.
Fixed.
Must create /etc/wsl.conf file and add an entry to kill the resolv.conf file from auto generating on reboot. Add the code block to /etc/wsl.conf:
Then reboot the ubuntu subsystem by opening powershell as admin and running command:
Now, Re-open ubuntu subsystem
use these commands in order:
This directory should show the 'resolv.conf' file (which is a symbolic link). The link should now be red indicating the link leads to no where. Delete the resolv.conf link and create a new /etc/resolv.conf file
In the new resolv.conf file, write this code block
Where X is the DNS address configured in the Cisco Anyconnect VPN adapter. Locate the Cisco VPN adapter in network settings, right click on the Cisco VPN adapter and click 'properties', now highlight IPv4 and click 'properties'. Then note the Preferred DNS and Alternate DNS and copy those into the resolv.conf file.
And Y is your normal IPv4 DNS address
Now restart the subsystem again from Powershell. NOTE: If this did not work, that means that the resolv.conf file was blown away by the subsystem again. In order for this to work, the wsl.conf file has to be read by the system. If it is not being read, try reinstalling the subsystem or upgrading to 20.04.