WSL icon indicating copy to clipboard operation
WSL copied to clipboard
verified publisher icon microsoft

WSL DNS resolution is really slow

Open raulsf6 opened this issue 5 years ago • 19 comments

Environment

Windows build number: Microsoft Windows [Version 10.0.19042.685]
Distribution version: Ubuntu 20.04 and Kali 2020.2
Whether the issue is on WSL 2 and/or WSL 1: WSL 2 in Ubuntu and WSL 1 in Kali

Steps to reproduce

Just ping google.com in Ubuntu or sudo ping google.com in Kali

Expected behavior

A normal ping operation.

Actual behavior

I'm actually getting the ping after 20 seconds or so, however, if I ping using an ip (8.8.8.8 for example), results are instantaneous. I have to say I tried to reboot WSL and my host, downgrade to WSL 1, setting custom DNS updating /etc/resolv.conf (previously updating /etc/wsl.conf too), and setting manually DNS in the virtual WSL switch. None of them worked and it is kind of desperating because easy tasks like installing packages with apt or similar become really time consuming.

I'm having this behaviour in both, Kali 2020.2 WSL 1 and Ubuntu 20.04 WSL 2.

raulsf6 avatar Dec 21 '20 17:12 raulsf6

Same here: after upgrade to Windows 10 20H2 DNS resolver got broken.

OS Name	Microsoft Windows 10 Pro
Version	10.0.19042 Build 19042

Edition	Windows 10 Pro
Version	20H2
Installed on	‎20/‎12/‎2020
OS build	19042.685
Experience	Windows Feature Experience Pack 120.2212.551.0

All DNS resolve requests takes at least 10 seconds to complete:

$ time getent hosts microsoft.com
104.215.148.63  microsoft.com
40.76.4.15      microsoft.com
40.112.72.205   microsoft.com
40.113.200.201  microsoft.com
13.77.161.179   microsoft.com

real    0m11.085s
user    0m0.001s
sys     0m0.000s
```

```
$ cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/ws
l.conf:
# [network]
# generateResolvConf = false
nameserver 172.17.144.1
```

Not only WSL2 is affected by DNS resolver problem. Web-pages are get open with huge initial delay. I think Windows DNS Client got broken somehow.

Using custom DNS resolver, e.g. one from my private router, fixes the problem: DNS responses are immediate.

0anton avatar Dec 24 '20 16:12 0anton

I can't even ping:

ping google.com
ping: google.com: Temporary failure in name resolution

burgil avatar Dec 25 '20 04:12 burgil

Troubleshooting steps suggested by John in my Superuser question helped me to fix DNS resolver:

I'm citing here Johns words:

Run TCP/IP Reset, DNS Flush

Open cmd.exe with Run as Administrator

(1) netsh int ip reset c:\resetlog.txt

(2) ipconfig /flushdns

(3) restart the computer

Test after restarting. This fixes many DNS issues.

If the issue remains, try DISM and SFC.

Open cmd.exe with Run as Administrator.

DISM.exe /Online /Cleanup-image /StartComponentCleanup

DISM.exe /Online /Cleanup-Image /Restorehealth

SFC /SCANNOW

Again restart and test.

I had to do the first step two times, and eventually check and install latest Windows Updates. Not sure that was the final fix, but DNS resolver works for me now in both Windows and WSL2 environment. May be this information can also help you.

0anton avatar Dec 25 '20 21:12 0anton

Thanks

burgil avatar Dec 28 '20 02:12 burgil

@0anton this did not work for me, it is still really slow. Anyway, thanks for your answer.

raulsf6 avatar Dec 28 '20 06:12 raulsf6

@0anton The first three steps fixed it for me. Thank you.

However, what worked yesterday did not work today... Investigating.

bjwhite-fnal avatar Dec 28 '20 15:12 bjwhite-fnal

@bjwhite-fnal I also had a reoccurrence of the resolver problem next day after applying and troubleshooting steps. I've just repeated those steps again, installed pending Windows updates and DNS resolver works since a week already. Maybe it will also help you just repeat those steps again. I know it sounds weird, but I tried it as per advice of SuperUser user and it helped.

0anton avatar Dec 31 '20 13:12 0anton

@0anton Worked first time for me. Thanks!

BobCu avatar Jan 08 '21 19:01 BobCu

For me, it looked like the generated windows dns server in /etc/resolv.conf was acting crazy. Strace showed lookups were timing out in linux while wireshark on the host showed they were being returned in millisconds. Might have something to do with IPv6 lookups vs IPv4. I removed the symlink to /etc/resolv.conf and made my own that uses my LANs DNS. It works wonderfully now but I'll have to reconfigure it any time I connect to a new network. Could use 8.8.8.8 but there is stuff on the LAN that I need resolved by name. This workaround corrected the behavior in ubuntu but not docker-desktop.

Here are the steps for the workaround:

From linux root

rm /etc/resolv.conf
echo nameserver 8.8.8.8 > /etc/resolv.conf
echo "[network]" >> /etc/wsl.conf
echo generateResolvConf = false >> /etc/wsl.conf

Reboot windows

nickadam avatar Feb 02 '21 13:02 nickadam

I think I found my issue. I had an IPv6 DNS server that I couldn't reach. Running nslookup www.google.com from windows showed an IPv6 server from HE.net that was working until my ISP gave me a new IP a few days ago. I removed the IPv6 config from my edge device reboot windows and docker-desktop is fast again.

nickadam avatar Feb 02 '21 14:02 nickadam

FYI, you do not need to reboot Microsoft Windows OS for any change in WSL2 VM. Just use wsl.exe --terminate <distro> to shutdown it.

Biswa96 avatar Feb 02 '21 14:02 Biswa96

For me, the issue was caused by OpenVPN. After I closed it, I removed the custom resolve.conf and let WSL generate it.

  1. Close VPN program
  2. Remove custom /etc/resolv.conf and /etc/wsl.conf
  3. wsl --shutdown

labmorales avatar Feb 08 '22 02:02 labmorales

Setting a custom DNS server in /etc/resolv.conf is the only solution for me as of 10.2023.

OronDF343 avatar Oct 19 '23 07:10 OronDF343

Hi folks, we have put out a new update that aims to address networking issues in WSL. In your .wslconfig file you can set experimental.networkingMode=mirrored, as well as some other key settings that should improve your network compatibility! Please try them out and let us know what you think.

More info on this release and the changes can be found here in the blog post.

Please note: You need to be on a Windows Insiders version to use the new networking settings (Any channel of Windows Insiders will do, including release preview). If you see the "These are not supported" messages it means that your current Windows version doesn't have support, and you will need to upgrade. These features will eventually be coming to Windows 11 22H2.

craigloewen-msft avatar Oct 19 '23 18:10 craigloewen-msft

Hi folks, we have put out a new update that aims to address networking issues in WSL. In your .wslconfig file you can set experimental.networkingMode=mirrored, as well as some other key settings that should improve your network compatibility! Please try them out and let us know what you think.

networkingMode cannot work in my situation: since my edu network block all external DNS resolver and I use DoH (DNS-over-https, it is encrypted in Windows) with 1.1.1.1. Then wsl2 under mirrored mode just copy it into /etc/resolv.conf and obviously it been blocked and not work...

More info on this release and the changes can be found here in the blog post.

Please note: You need to be on a Windows Insiders version to use the new networking settings (Any channel of Windows Insiders will do, including release preview). If you see the "These are not supported" messages it means that your current Windows version doesn't have support, and you will need to upgrade. These features will eventually be coming to Windows 11 22H2.

but in my case dnsTunneling can fix my DNS resolving problem!

[wsl2]
#networkingMode=mirrored
dnsTunneling=true

Nambers avatar Feb 18 '24 03:02 Nambers

To sum up my tires:

%UserProfile%/.wslconfig:

[wsl2]
memory=5GB
processors=8
dnsTunneling=true

/etc/wsl.conf:

[network]
generateResolvConf = false
[boot]
systemd=true

Executed:

sudo rm /etc/resolv.conf
sudo bash -c 'echo "nameserver 1.1.1.1" > /etc/resolv.conf'
sudo bash -c 'echo "[network]" > /etc/wsl.conf'
sudo bash -c 'echo "generateResolvConf = false" >> /etc/wsl.conf'
sudo chattr +i /etc/resolv.conf

wsl --shutdown

My resolv now has only 1.1.1.1 as nameserver. Still the DNS resolution is slow and times out after 10s (curl)

Resolving timed out after 10000 milliseconds

tomasfejfar avatar Aug 07 '24 06:08 tomasfejfar

None of the WSL configuration changes helped me, and modifying the /etc/resolv.conf file wasn't an option because changing the internal IP address to 1.1.1.1 caused Docker Desktop to stop working.

In the Windows settings, I set DNS to automatic (via DHCP), and that solved my problem. Previously, I had manually configured DNS over HTTPS using 1.1.1.1. So now I can't use DoH :(

rafaucau avatar Aug 10 '24 18:08 rafaucau

The problem mainly manifested for me in Docker. So because this is the top result for slow dns resolution wsl2 docker on Google, here is the fix for me:

Add the following into your Docker engine settings (Settings→Docker Engine in Docker Desktop)

"dns": [
    "8.8.8.8"
  ],

Pick whatever DNS you want (alternatives are 1.1.1.1 or your local router or ISP DNS). This apparently makes docker skip the internal DNS resolution. Credits to @ericslandry

tomasfejfar avatar Nov 07 '24 13:11 tomasfejfar

in my case, minimal solution that work is just restart systemd

sudo systemctl restart systemd-resolved.service

uluumbch avatar Nov 12 '25 04:11 uluumbch