Is it possible to make "WSL" virtual switch external in Windows 20H2 (WSL2.0) and how to configure it? [closed]

Asked 28/10, 2020 at 8:45 Answered 4/8, 2023 at 8:8

It's not enough for me to bind WSL ports to localhost because I need to run applications in WSL which must be run in and from my local network. Attempt to switch WSL virtual switch to external in Hyper-V manager leads to Access-denied error (when wsl instance is running) with following big problems with host's and/or WSL's network as a result until I reboot the host. When WSL distro is not running WSL virtual switch is invisible in Hyper-V manager (Virtual switch manager).

I have 2 question and will be very appreciated if someone could help me with that:

Is it a normal behavior - having got problem with network attempting to configure WSL virtual switch directly? As I recall there were no such problems with Hyper-V virtual machines - maybe just short losing of connectivity, not more.
Is there a way to configure WSL such way so it starts with WSL external switch any time I run it? Files .wslconfig and /etc/wsl.conf look to be useless for this - I haven't managed to find the solution in google.

Covenantee answered 28/10, 2020 at 8:45 Comment(1)

While trying to resolve DNS issues with WSL2, I stumbled upon your question and this issue on github: github.com/microsoft/WSL/issues/4150#issuecomment-504209723 Maybe this could be a workaround for you? – Asturias 4/11, 2020 at 14:1

It is indeed possible to get this configuration to work with IPV4. This is quite tricky, as you need to act on the Network configuration to set an IP address in the external network, and this requires systemd to be enabled.

Install WSL and Ubuntu distribution

First ensure that you have WSL2 installed, and install it if this is not the case https://learn.microsoft.com/fr-fr/windows/wsl/install WSL documentation: https://learn.microsoft.com/en-us/windows/wsl/

It is key to have Ubuntu installed for WSL2, as the KDE installation is not compatible with WSL1.

wsl --install Ubuntu-20.04

It is important to have a recent version of WSL (1.0 as of this writing), as it allows you to use systemd.

Configure networking

By default, WSL installs with NAT and a dynamic IP which changes each time WSL is restarted. There are also very limited options to access network services brought by WSL, as only TCP ports can be proxied with netsh, not UDP ports. This causes all sorts of issues with X, as it is using UDP ports, and I have been totally unable to make X windows desktops work, despite HOWTOs online claiming success. If you need additional tools, now is the time to install them, as you are going to lose network connectivity for some time.

apt install net-tools

Change from internal to external network (Hyper-V manager)

You need to open Hyper-V manager and go to the virtual switch management. There is a WSL switch which by default is configured as “Internal network”. You need to change it to “External network”. You also need to select which physical adapter you are going to connect to, Ethernet or Wifi. At this point and until you finish network configuration, you no longer have any network connectivity. Your virtual network card is now connected to the external network, but it is not configured, which we are going to do now by means of systemd.

Configure you virtual network card

From within WSL, edit file /etc/wsl.conf so that it contains:

[network]
generateResolvConf = false
[boot]
systemd=true

Create a file named /etc/systemd/network/26-fixed-ip.network containing (example):

[Match]
Name=eth0

[Network]
Address=192.168.1.60/24
Gateway=192.168.1.1
DNS=192.168.1.30

Select a fixed IP address in your external network range, and adapt the above parameters according to your case.

Configure DNS resolution

We have already instructed WSL not to generate resolv.conf each time it is started, as seen above. It is now time to configure /etc/resolv.conf to contain:

nameserver 192.168.1.30
nameserver 192.168.1.5
domain xxxxxxxx.net

Check connectivity

Stop and start wsl (from a Windows cmd prompt):

wsl --shutdown
wsl

When wsl is restarted, it gets the fixed IP address, instead of a random one. You may ping any IP address and it works. You may also ping your ip address from another host on your LAN:

ping 192.168.1.60

Bhakti answered 8/12, 2022 at 11:24 Comment(4)

Great answer. Worked like a champ. – Ahouh 23/1, 2023 at 16:15

ifconfig still shows 172 address for me after taking these steps. – Kumar 17/6, 2023 at 3:41

For me, when changing the vswitch to external, I needed to 1) WSL had have been run since boot because the WSL vswitch isn't created until then. 2) WSL had to be terminated, otherwise you'll get an error when you try to modify the vswitch. 3) hyper-v had to be run (as admin) after WSL was terminated, and sometimes even then I had to restart hyper-v, but it always eventually worked. I think this can be automated, see this answer: superuser.com/a/1790350/35726 – Wormwood 21/6, 2023 at 14:37

WSL is recreated on reboot, so all the changes to it will be lost on reboot. Plus the physical network adapter will be in "Hyper-V Extensible Virtual Switch" mode, so there will be not network connection even after WSL switch is recreated, because it is always recreated as internal switch. So, the solution works only until next reboot. – Visual 3/8, 2023 at 8:3

Yes you can convert it to external from Hyper-v Manager. Just start the Hyper-v Manager as Administrator

Sphygmomanometer answered 7/1, 2021 at 12:58 Comment(1)

I also had to remove the NDIS Capture extension before I moved it to the external network. – Silicosis 1/2, 2022 at 18:22

On Windows 11 you can use external switch that is persistent on reboot.

New-VMSwitch -Name "External Switch" -NetAdapterName eth0
Create/modify .wslconfig

cat $env:USERPROFILE/.wslconfig

[wsl2]
networkingMode=bridged
vmSwitch="External Switch"
dhcp=false
ipv6=true

Make sure systemd is enabled on the WSL distribution side:

cat /etc/wsl.conf
[boot]
systemd=true

Add static address as mentioned by Jean-Noel Simonnet

cat /etc/systemd/network/static-ip.network

[Match]
Name=eth0

[Network]
Address=192.168.1.10/24
Gateway=192.168.1.1
DNS=192.168.1.1

As of this writing, Windows recreates /etc/resolv.conf link on reboot. As a workaround create a systemd script to restore it.

cat /etc/systemd/system/resolv.conf.service

[Unit]
Description=Recreate systemd-resolved link to /etc/resolv.conf
After=multi-user.target

[Service]
Type=oneshot
ExecStart=/bin/sh -c "ln -sfv /run/systemd/resolve/resolv.conf /etc/resolv.conf"

[Install]
WantedBy=basic.target

systemctl enable resolv.conf
reboot

Visual answered 4/8, 2023 at 8:8 Comment(2)

For the fourth point: cat /mnt/wsl/resolv.conf (stat /etc/resolv.conf)

# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf: # [network] # generateResolvConf = false nameserver 172.26.144.1

So you don't have to make a workaround – Rasla 17/10, 2023 at 15:44

@Rasla Unfortunately this option does not have any effect. WSL recreates the link on every VM restart. Even workaround in point 4) does not work consistently. I still has not found a reliable solution for this. – Visual 20/10, 2023 at 6:0

Yes you can, but it seems to work only in IPv6 in my situation:

When I ran wsl --shutdown and opened Hyper-V Manager, the WSL switch appeared in Virtual Switch Manager, and can be successfully changed to external.

However, the IPv4 address could not be changed, and it's unable to access the Internet via IPv4 either. So I have to assign a NAT IPv6 network (fd68::/64 in my case) to make it work.

Maybe you should do some repair to your system if you can't reproduce this.

Note: if switch WSL is changed to external, your main adapter will become vEthernet (WSL) or something similar.

Trinh answered 16/12, 2020 at 15:10 Comment(0)