35

Running Ubuntu on WSL and trying to push to github and download new python modules using pip and I get this error.

Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f9d654fe0b8>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution',)': /simple/tensorflow/

I had a look at the resolv.conf file and maybe its corrupted as it just gives a few lines of @@@. Anyone got any ideas how to fix this?

When I run l

ls -al /etc/resolv.conf
-rw-r--r-- 1 root root 261 Nov 28 12:54 /etc/resolv.conf

Update:

I managed to fix the problem. Needed to edit the file and add a line like this:

nameserver 8.8.8.8
Tejes
  • 33
  • 6
m_bash
  • 451
  • 1
  • 4
  • 4
  • It might be corrupted. When looking at what is contained in the `/etc/resolv.conf` it is actually a link to `/run/resolvconf/resolv.conf` The file is supposed to be automatically generated by WSL. Maybe you need to recreate the `/run/resolvconf/resolv.conf` file with just the line of `# This file was automatically generated by WSL. To stop automatic generation of this file, remove this line.` – Terrance Nov 28 '19 at 18:40
  • Edit your question and show me `ls -al /etc/resolv.conf`. – heynnema Nov 28 '19 at 19:29
  • I have edited the post – m_bash Nov 29 '19 at 09:47
  • The symbolic link for /etc/resolv.conf is missing, and the static file contains garbage. So... **temporarily** edit /etc/resolv.conf (`sudo -H gedit /etc/resolv.conf`), remove everything there, and just enter `8.8.8.8` and save the file. Retest. Report back. Start comments to me with @heynnema or I may miss them. – heynnema Nov 30 '19 at 01:38
  • @heynnema Tried that and still no change. – m_bash Dec 01 '19 at 08:39
  • I'm not familiar with WSL, but if the /etc/resolv.conf file **still** contains 8.8.8.8, instead of garbage, something is really wrong. Because of the WSL component, I really can't suggest what to do next. – heynnema Dec 01 '19 at 15:24
  • @heynnema I fixed it. I just needed to add nameserver before the 8.8.8.8 and then it works fine. Thanks a lot – m_bash Dec 03 '19 at 10:18
  • Thanks for the update! Glad it's working for you now. – heynnema Dec 03 '19 at 14:29

10 Answers10

49

  1. Inside WSL2, create or append file: /etc/wsl.conf

  2. Put the following lines in the file in order to ensure the your DNS changes do not get blown away

    sudo tee /etc/wsl.conf << EOF
[network]
generateResolvConf = false
EOF

  3. In a cmd window (!!), run wsl --shutdown

  4. Start WSL2

  5. Run the following inside WSL2 (line with search is optional)

    sudo rm -rf /etc/resolv.conf
sudo tee /etc/resolv.conf << EOF
search yourbase.domain.local
nameserver 8.8.8.8
nameserver 1.1.1.1
EOF
mati kepa
  • 736
  • 6
  • 7
  • 4
    what is *yourbase.domain.local*? How to get those details? And, it's working for me after following only starting 3 steps!! What are we doing in step 2? Can you please add more detail? – shaik moeed Jul 22 '22 at 06:07
  • @shaikmoeed youcan find your base domain after running in powershell this `ipconfig|findstr DNS-Suffix`. The second step is overwriting the default system settings and redirecting all DNS queries via this resolv.conf file. If you have more questions please go to official docu here https://docs.microsoft.com/en-us/windows/wsl/wsl-config – mati kepa Jul 22 '22 at 08:11
  • That would replace everything that might exist in wsl.conf so check the contents first or better use an editor – venimus Jan 02 '23 at 15:55
12

I have the same problem. It also seems to be realted to VPN. I found out, that it only fails the DNS lookup when I first connect the VPN before starting WSL-Ubuntu after System-Reboot. First starting WSL-Ubuntu and afterwards connecting the VPN seems to work.

Tobias2070
  • 121
  • 1
  • 2
5

For me it was a simple fix. From powershell:

wsl --shutdown

And then restart wsl and it worked. Yes, I know this solution is too simple and might not be good to you if trying to avoid reset to WSL. But in case you look for something simple, maybe worth trying

justadev
  • 223
  • 5
  • 9
3

I had the same error. Pinging IP addresses worked, but no DNS resolution. Outside of WSL everything was fine. The problem was caused by OpenVPN for me, when I disconnected from my workplace's VPN, the error was gone.

Tejes
  • 33
  • 6
  • Thanks, that was it for me! Turns out it is triggered by the 'block-outside-dns' flag in my config. Used to work fine, but no longer after updating to 2004!. – Vaal Jul 20 '20 at 18:14
  • It is happened to me even without connecting the VPN – Guilherme Jun 23 '21 at 14:35
3

When I ran ls -lah /etc/resolv.conf, I saw that it was a symlink to ../run/resolvconf/resolv.conf.

But then I noticed that ../run/resolvconf/resolv.conf didn't exist, and in fact, although the /run/ directory existed, /run/resolvconf/ did not.

So I created that directory and also created an empty file sudo vim /run/resolvconf/resolv.conf.

Then I edited that file to contain:

nameserver 1.1.1.1

After saving that file, ping google.com worked!

(It seems like that file is required. I don't know how mine got removed.)

https://github.com/microsoft/WSL/issues/6601 was helpful for me.

Ryan
  • 249
  • 1
  • 4
  • 23
3

I've had this issue random on multiple machines, old / new / W10 / W11. In my case if I turn off the Windows Defender Firewall -> DNS resolution works fine from WSL. Turning it back on and logging packet drops shows the issue at the public network profile:

#Version: 1.5
#Software: Microsoft Windows Firewall
#Time Format: Local
#Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path
2022-02-01 20:30:34 DROP UDP 172.30.230.159 172.30.224.1 29101 53 45 - - - - - - - RECEIVE
2022-02-01 20:30:35 DROP UDP 172.30.230.159 172.30.224.1 18103 53 45 - - - - - - - RECEIVE

I fixed it by setting an inbound firewall rule for the WSL network adapter - run this in Powershell:
New-NetFirewallRule -DisplayName "WSL allow in" -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Allow

ElektronenVolt
  • 31
  • 1
  • Similar solution for me. The culprit was employer's Trellix (McAfee) firewall. Temporary turning off the firewall (Quick Settings > Disable Endpoint Security Firewall) allowed WSL to resolve names successfully. – cfort Jan 17 '23 at 14:46
3

The fix for resolv.conf by @matson kepson deals with DNS. If you can't ping IP addresses, the problem may be either in the firewall or in the VPN. You can fix it in Administrator's powershell.

Deal with the firewall, as @ElektronenVolt wrote:

New-NetFirewallRule -DisplayName "WSL allow in" -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Allow

Or with a sledgehammer:

Set-NetFirewallProfile -DisabledInterfaceAliases "vEthernet (WSL)"

Deal with the VPN:

Get-NetIPInterface -InterfaceAlias "vEthernet (WSL)" | Set-NetIPInterface -InterfaceMetric 1
Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 6000

The VPN in my case was a company VPN using Cisco AnyConnect. I needed the resolv.conf fix too.

Terminate the Linux VM before starting it again before you test the new settings:

wsl --shutdown
Ferdinand Prantl
  • 131
  • 6
  • The sledgehammer worked for me, thanks @ferdinand-prantl. I have Sophos on top of windows firewall, so adding the rules for windows firewall did not seem to have any effects. With the sledgehammer, everything worked. – Sergii Volchkov Jun 29 '22 at 14:56
1

I resolved issue in my Lab. You can use below steps for that.

    • Open Powershell as Administrator
    • Get-NetAdapter
    • New-NetFirewallRule -DisplayName "WSL allow in" -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Allow
    • Get-NetIPInterface -InterfaceAlias "vEthernet (WSL)"
    • Get-DnsClientServerAddress -AddressFamily IPv4 | Select-Object -ExpandProperty ServerAddresses | Foreach-Object { "nameserver $_" }
    • Copy all name server
    • open Distribution
    • sudo mv /etc/resolv.conf /etc/resolv.conf.old
    • modify the wsl.conf sudo nano /etc/wsl.conf
  • #[boot]
  • #systemd=true
  • [network]
  • generateResolvConf = false
    • sudo touch /etc/resolv.conf
    • sudo nano /etc/resolv.conf pest here nameserver in this file Ex: nameserver 8.8.8.8
    • save the resolv.conf
    • wsl --shutdwon and open it.
Chirag Darji
  • 11
  • 2
0

In my case, none of above solutions working for me.

In the end, I've disabled Internet Protocol Version 6 (TCP/IPv6) in WLAN Properties of Network Connections Settings. The DNS working again somehow.

Configuration Screenshot:

Screenshot of Disabling Internet Protocol Version 6 (TCP/IPv6)

Ping GitHub.com Successfully Screenshot:

Screenshot of Ping GitHub.com Successfully

Source: https://unix.stackexchange.com/a/628767/338681

Jerry Chong
  • 131
  • 5
0

Try to ping any DNS:

ping 1.1.1.1

If you got timeout - it's not a DNS but an internet connectivity issue (your adapter has no internet access).

This may happen due to Cisco AnyConnect issue - not able to work with VirtualSubnets correctly.

Solution: execute following in the Windows Powershell

Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 6000

then

ping 1.1.1.1

More on that https://askubuntu.com/a/1404103/791374

And here https://gist.github.com/machuu/7663aa653828d81efbc2aaad6e3b1431

Kirill
  • 101
  • 2